// GLOSSARY -- MCP & TOOL INFRASTRUCTURE

What is MCP Inspector?

2 min read Updated

MCP Inspector is the official interactive developer tool for testing and debugging MCP servers, run via npx @modelcontextprotocol/inspector. It connects to a server and provides a UI for browsing and exercising its tools, resources, and prompts.

WHY IT MATTERS

The Inspector runs without installation: npx @modelcontextprotocol/inspector <command> wraps any server launch command — an npm package via npx, a Python package via uvx, or a local build via node path/to/index.js. A connection pane lets you choose the transport and, for local servers, customise arguments and environment variables.

Once connected, it surfaces everything the server declares:

  • Tools tab — lists available tools with their schemas and descriptions, and lets you invoke them with custom inputs and inspect the results.
  • Resources tab — lists resources with metadata and content, including subscription testing.
  • Prompts tab — shows prompt templates and previews generated messages with custom arguments.
  • Notifications pane — streams logs and notifications received from the server.

It is the standard tool in two situations. During server development, the loop is: change code, rebuild, reconnect the Inspector, re-test affected features — including edge cases like invalid inputs and error responses. Before adopting a third-party server, it is the quickest way to see exactly what tools/list returns and how the server behaves, rather than relying on its README. It inspects one server interactively at a time, so it complements rather than replaces automated security scanning across a fleet.

See mcp inspector working in your own stack — route your MCP servers through PolicyLayer and every tool call is checked against policy before it runs.

GOVERN YOUR MCP SERVERS →

Enforced before the call runs. Nothing to install.

HOW POLICYLAYER USES THIS

PolicyLayer does at fleet scale what the Inspector does interactively for one server: its crawler discovers servers, extracts their tool definitions, and publishes per-tool risk classifications in the catalogue at policylayer.com/tools. Once a server is vetted and registered, the gateway enforces policy on every call to it — inspection tells you what a server exposes; enforcement decides what actually runs.

Browse the MCP server catalogue →

FREQUENTLY ASKED QUESTIONS

How do I run MCP Inspector?
Run npx @modelcontextprotocol/inspector followed by the server's launch command, for example: npx @modelcontextprotocol/inspector npx @modelcontextprotocol/server-filesystem ~/Desktop. No installation is required.
What can I test with the Inspector?
Tool listing and invocation with custom inputs, resource content and subscriptions, prompt templates with arguments, server logs and notifications, plus connection details like transport, command-line arguments, and environment variables.
Is the Inspector a security scanner?
No. It is a manual development and debugging tool for one server at a time. It is useful for vetting what a server exposes, but fleet-wide scanning and classification need automated tooling.

FURTHER READING

Let agents act without letting them run wild.

Route your MCP servers through PolicyLayer and every tool call is checked against your policy before it runs — allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

GOVERN YOUR MCP SERVERS →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.