MCPProxy is an open-source desktop application that super-charges AI agents with intelligent tool discovery, massive token savings, and built-in security quarantine against malicious MCP servers.
Β Β Β Β
System Tray - Upstream Servers Β Β Β Β Β Β Β Β System Tray - Quarantine Management
- Scale beyond API limits β Federate hundreds of MCP servers while bypassing Cursor's 40-tool limit and OpenAI's 128-function cap.
- Save tokens & accelerate responses β Agents load just one
retrieve_toolsfunction instead of hundreds of schemas. Research shows ~99 % token reduction with 43 % accuracy improvement. - Advanced security protection β Automatic quarantine blocks Tool Poisoning Attacks until you manually approve new servers.
- Works offline & cross-platform β Native binaries for macOS (Intel & Apple Silicon), Windows (x64 & ARM64), and Linux (x64 & ARM64) with system-tray UI.
macOS (Recommended - DMG Installer):
Download the latest DMG installer for your architecture:
- Apple Silicon (M1/M2): Download DMG β
mcpproxy-*-darwin-arm64.dmg - Intel Mac: Download DMG β
mcpproxy-*-darwin-amd64.dmg
Alternative install methods:
macOS (Homebrew):
brew install smart-mcp-proxy/mcpproxy/mcpproxyManual download (all platforms):
Anywhere with Go 1.22+:
go install github.com/smart-mcp-proxy/mcpproxy-go/cmd/mcpproxy@latestmcpproxy serve # starts HTTP server on :8080 and shows trayEdit mcp_config.json (see below). Or ask LLM to add servers (see doc).
π Complete Setup Guide - Detailed instructions for Cursor, VS Code, Claude Desktop, and Goose
- Open Cursor Settings
- Click "Tools & Integrations"
- Add MCP server
"MCPProxy": {
"type": "http",
"url": "http://localhost:8080/mcp/"
}| Field | Description | Default |
|---|---|---|
listen |
Address the proxy listens on | :8080 |
data_dir |
Folder for config, DB & logs | ~/.mcpproxy |
enable_tray |
Show native system-tray UI | true |
top_k |
Tools returned by retrieve_tools |
5 |
tools_limit |
Max tools returned to client | 15 |
tool_response_limit |
Auto-truncate responses above N chars (0 disables) |
20000 |
Main Commands:
mcpproxy serve # Start proxy server with system tray
mcpproxy tools list --server=NAME # Debug tool discovery for specific serverServe Command Flags:
mcpproxy serve --help
-c, --config <file> path to mcp_config.json
-l, --listen <addr> listen address (":8080")
-d, --data-dir <dir> custom data directory
--tray enable/disable system tray (default true, use --tray=false to disable)
--log-level <level> debug|info|warn|error
--read-only forbid config changes
--disable-management disable upstream_servers tool
--allow-server-add allow adding servers (default true)
--allow-server-remove allow removing servers (default true)
Tools Command Flags:
mcpproxy tools list --help
-s, --server <name> upstream server name (required)
-l, --log-level <level> trace|debug|info|warn|error (default: info)
-t, --timeout <duration> connection timeout (default: 30s)
-o, --output <format> output format: table|json|yaml (default: table)
-c, --config <file> path to mcp_config.json
Debug Examples:
# List tools with trace logging to see all JSON-RPC frames
mcpproxy tools list --server=github-server --log-level=trace
# List tools with custom timeout for slow servers
mcpproxy tools list --server=slow-server --timeout=60s
# Output tools in JSON format for scripting
mcpproxy tools list --server=weather-api --output=jsonMCPProxy provides seamless OAuth 2.1 authentication for MCP servers that require user authorization (like Cloudflare AutoRAG, GitHub, etc.):
- RFC 8252 Compliant: Dynamic port allocation for secure callback handling
- PKCE Security: Proof Key for Code Exchange for enhanced security
- Auto Browser Launch: Opens your default browser for authentication
- Dynamic Client Registration: Automatic client registration with OAuth servers
- Token Management: Automatic token refresh and storage
- Add OAuth Server: Configure an OAuth-enabled MCP server in your config
- Auto Authentication: MCPProxy detects when OAuth is required (401 response)
- Browser Opens: Your default browser opens to the OAuth provider's login page
- Dynamic Callback: MCPProxy starts a local callback server on a random port
- Token Exchange: Authorization code is automatically exchanged for access tokens
- Ready to Use: Server becomes available for tool calls immediately
Note: The
"oauth"configuration is optional. MCPProxy will automatically detect when OAuth is required and use sensible defaults in most cases. You only need to specify OAuth settings if you want to customize scopes or have pre-registered client credentials.
{
"mcpServers": [
{
"name": "cloudflare_autorag",
"url": "https://autorag.mcp.cloudflare.com/mcp",
"protocol": "streamable-http",
"enabled": true,
"oauth": {
"scopes": ["mcp.read", "mcp.write"],
"pkce_enabled": true
}
}
]
}OAuth Configuration Options (all optional):
scopes: OAuth scopes to request (default:["mcp.read", "mcp.write"])pkce_enabled: Enable PKCE for security (default:true, recommended)client_id: Pre-registered client ID (optional, uses Dynamic Client Registration if empty)client_secret: Client secret (optional, for confidential clients)
Enable debug logging to see the complete OAuth flow:
mcpproxy serve --log-level=debug --tray=falseCheck logs for OAuth flow details:
tail -f ~/Library/Logs/mcpproxy/main.log | grep -E "(oauth|OAuth)"- Documentation: Configuration, Features, Usage
- Website: https://mcpproxy.app
- Releases: https://github.com/smart-mcp-proxy/mcpproxy-go/releases
We welcome issues, feature ideas, and PRs! Fork the repo, create a feature branch, and open a pull request. See CONTRIBUTING.md (coming soon) for guidelines.
{ "listen": ":8080", "data_dir": "~/.mcpproxy", "enable_tray": true, // Search & tool limits "top_k": 5, "tools_limit": 15, "tool_response_limit": 20000, "mcpServers": [ { "name": "local-python", "command": "python", "args": ["-m", "my_server"], "type": "stdio", "enabled": true }, { "name": "remote-http", "url": "http://localhost:3001", "type": "http", "enabled": true } ] }