Is Caido Mcp Server safe to use?

Caido Mcp Server has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access. Licensed under MIT.

How do I install Caido Mcp Server?

Caido Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Caido Mcp Server do?

Caido Mcp Server provides 32 tools: CLI, Features, Install, caido_list_requests, caido_get_request and 27 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Caido Mcp Server?

Caido Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is Caido Mcp Server actively maintained?

Caido Mcp Server is actively maintained — last commit was 8 days ago. It has 57 GitHub stars.

Caido Mcp Server

Name: Caido Mcp Server
Author: c0tton-fluff

by c0tton-fluff

MCP server for Caido proxy integration. Enables AI assistants like Claude Code to browse, analyse, and interact with HTTP traffic.

57 32 tools GitHub

No known CVEs

MIT license

Actively maintained

Last commit 8d ago

Works with most clients

Transport: stdio, http

32 tools · ~996 tok

Grade B · 0.5% of 200K ctx

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "caido": {
      "env": {
        "CAIDO_PAT": "your-personal-access-token",
        "CAIDO_URL": "http://127.0.0.1:8080"
      },
      "args": [
        "serve"
      ],
      "command": "caido-mcp-server"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/caido-mcp-server)](https://mcppedia.org/s/caido-mcp-server)

Read me

What Caido Mcp Server does

MCP server and CLI for Caido web proxy - browse, replay, and analyze HTTP traffic from AI assistants or your terminal.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

72/100across 5 weighted dimensions

How we score →

0255075100

−28

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (32)

Click any tool to inspect its schema.

~996 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Caido Mcp Server safe to use?: Caido Mcp Server has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access. Licensed under MIT.
How do I install Caido Mcp Server?: Caido Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Caido Mcp Server do?: Caido Mcp Server provides 32 tools: CLI, Features, Install, caido_list_requests, caido_get_request and 27 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Caido Mcp Server?: Caido Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Caido Mcp Server actively maintained?: Caido Mcp Server is actively maintained — last commit was 8 days ago. It has 57 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for Caido Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "caido": {
      "env": {
        "CAIDO_PAT": "your-personal-access-token",
        "CAIDO_URL": "http://127.0.0.1:8080"
      },
      "args": [
        "serve"
      ],
      "command": "caido-mcp-server"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/caido-mcp-server)](https://mcppedia.org/s/caido-mcp-server)

Read me

What Caido Mcp Server does

MCP server and CLI for Caido web proxy - browse, replay, and analyze HTTP traffic from AI assistants or your terminal.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

caido-mcp-server

MCP server and CLI for Caido web proxy - browse, replay, and analyze HTTP traffic from AI assistants or your terminal.

What It Does

Two ways to interact with your Caido proxy:

MCP Server - expose 60 tools and 4 read-only resources to AI assistants (Claude Code, Cursor, etc.) via the Model Context Protocol
CLI - standalone terminal client for pentesters who prefer the command line

Both share the same auth token, the same Go SDK, and the same codebase.

Features

Category	Capabilities
Proxy History	Search requests with HTTPQL, get full request/response details
Replay	Send HTTP requests, get response inline (status, headers, body). Per-session cookie jar auto-persists `Set-Cookie` between calls
Automate	Access fuzzing sessions, results, and payloads. Start/pause/resume/cancel tasks
Findings	Create, list, delete, and export security findings
Sitemap	Browse discovered endpoints
Scopes	Full lifecycle: create, rename, delete target scope definitions
Projects	Full lifecycle: create, rename, select, delete projects
Workflows	List, run, and toggle automation workflows
Tamper	List, create, toggle, and delete Match & Replace rules
Intercept	Check status, pause/resume, list/forward/drop intercepted requests
Environments	Create, select, delete variable environments (tokens, keys)
Filters	Create, list, and delete saved HTTPQL filter presets
Hosted Files	List payload files served by Caido
Tasks	List and cancel running background tasks
Plugins	List installed plugin packages
Instance	Get Caido version and platform info

Built-in security and performance:

Credential redaction - Authorization, Cookie, and API key headers are redacted in tool output
Session cookie jar - RFC 6265 jar per replay session; Set-Cookie from a response is auto-attached to the next send_request against the same session
Response fingerprinting - auto-detects content kind (json/html/xml/text/binary) so agents know what they're dealing with
Adaptive body limits - JSON gets 4KB, HTML 3KB, binary 200B (override with explicit bodyLimit)
Response diff - repeated identical responses in the same session collapse to a one-line summary, saving tokens
Input validation - length limits on all string inputs to prevent context flooding
Token auto-refresh - expired OAuth tokens refresh mid-session automatically
Session reuse - single replay session per server lifetime, no sprawl

Session cookie jar

The caido_send_request tool maintains an in-memory http.CookieJar per replay session. Cookies set via Set-Cookie in any response are stored and auto-injected into subsequent requests targeting the same RFC 6265 domain/path. Pass useCookieJar: false to a single call to disable injection (useful for session-fixation testing or to verify auth gates). Use caido_clear_session_cookies to wipe a se

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

72/100across 5 weighted dimensions

How we score →

0255075100

−28

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (32)

Click any tool to inspect its schema.

~996 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Caido Mcp Server safe to use?: Caido Mcp Server has no known CVEs as of the latest MCPpedia security scan. It requires authentication to connect, which limits unauthorized access. Licensed under MIT.
How do I install Caido Mcp Server?: Caido Mcp Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Caido Mcp Server do?: Caido Mcp Server provides 32 tools: CLI, Features, Install, caido_list_requests, caido_get_request and 27 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Caido Mcp Server?: Caido Mcp Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Caido Mcp Server actively maintained?: Caido Mcp Server is actively maintained — last commit was 8 days ago. It has 57 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

9.0k 3

Nothumanallowed91

Security-first platform for AI agents. 38 specialized agents, 15 AI-powered extensions, zero-knowledge multi-agent orchestration. SENTINEL WAF, Ed25519 auth, 2.6M grounding facts.

97 5

MCP Security Weekly

Get CVE alerts and security updates for Caido Mcp Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?