// MCP TOOL REFERENCE

PROXY TOOLS

89 tools from the Proxy MCP Server, categorised by risk level.

View the Proxy policy →
// ALL 89 PROXY TOOLS
READ 37 tools
Read interceptor_android_devices List connected Android devices via ADB with model, version, root status, and whether they Read interceptor_browser_get_cookie Get one cookie by cookie_id with full value (subject to a hard cap to keep output bounded). Read interceptor_browser_get_network_field Get one full header field value from proxy-captured traffic by field_id. Read interceptor_browser_get_storage_value Get one localStorage/sessionStorage value by item_id. Read interceptor_browser_list_console List console messages buffered since the browser was launched. Types: log, info, warning, error, debug, etc. Read interceptor_browser_list_cookies List cookies from the browser context with pagination and truncated value previews. Read interceptor_browser_list_network_fields List request/response header fields from proxy-captured traffic since the browser was launched, with pagina... Read interceptor_browser_list_storage_keys List localStorage/sessionStorage keys for the current origin with pagination and truncated value previews. Read interceptor_browser_screenshot Take a screenshot of the bound page. Saves to file_path if provided; otherwise reports byte count without e... Read interceptor_browser_snapshot Take an ARIA accessibility snapshot of the bound page (YAML-formatted role tree). Read interceptor_camoufox_info Get the wsUrl and ready-to-paste Playwright connect snippets (TS + Python) for a camoufox target. Read interceptor_camoufox_list List all active camoufox instances with their wsUrl and fingerprint details. Read interceptor_frida_apps List running apps on an Android device via Frida. Requires frida-server running on the device. Read interceptor_list List all interceptors with their availability and active targets. Shows Browser, Terminal, Android ADB, And... Read interceptor_status Get detailed status of a specific interceptor, including all active targets and their details. Read proxy_check_fingerprint_runtime Check fingerprint spoofing backend readiness without sending traffic. Read proxy_get_ca_cert Get the CA certificate PEM and SPKI fingerprint for installing on the target device. Read proxy_get_exchange Get full details of a captured HTTP exchange including headers and body previews. Read proxy_get_session Get manifest/details for a specific recorded session. Read proxy_get_session_exchange Get one exchange from a recorded session by seq or exchange ID. Read proxy_get_session_handshakes Summarize TLS handshake/fingerprint availability (JA3/JA4/JA3S) for session exchanges. Read proxy_get_tls_config Get current TLS capture and spoofing configuration. Read proxy_get_tls_fingerprints Get JA3/JA4 client fingerprints and JA3S server fingerprint for a specific captured exchange. Read proxy_list_fingerprint_presets List available browser fingerprint presets for use with proxy_set_fingerprint_spoof. Read proxy_list_rules List all interception rules sorted by priority. Read proxy_list_sessions List recorded sessions in storage. Read proxy_list_tls_fingerprints List unique client JA3/JA4 fingerprints across captured traffic with occurrence counts. Read proxy_list_traffic List captured HTTP exchanges with optional filters. Returns paginated results. Read proxy_mobile_detect_iface Auto-detect the USB-NCM interface the proxy-ap-card presents as (via the cdc_ncm driver). Returns null + if... Read proxy_query_session Query indexed session exchanges by metadata (URL, hostname, method, status) with filters and pagination. Do... Read proxy_search_session_bodies Search inside HTTP request/response bodies stored in a persistent session. Read proxy_search_traffic Full-text search across URLs, headers, and body previews of captured traffic. Read proxy_session_status Get current persistent capture runtime status. Read proxy_status Get proxy running state, port, upstream config, rule count, and traffic count. Read proxy_test_rule_match Test which interception rules would match a request, with detailed per-field pass/fail diagnostics and effe... Read proxy_transparent_status Get status of the transparent proxy listener including port and traffic count. Read proxy_export_har Export a recorded session (or filtered subset) to HAR format.
WRITE 11 tools
Write interceptor_android_deactivate Remove ADB reverse tunnel and clear Wi-Fi proxy on an Android device. Write proxy_clear_ja3_spoof Disable fingerprint spoofing. Write proxy_clear_upstream Remove the global upstream proxy. Traffic will go directly to target servers. Write proxy_mock_response Return a mock response for matched requests. Creates a mock rule. Write proxy_session_recover Rebuild session indexes from records after crash/corruption. Write proxy_disable_rule Disable an interception rule without removing it. Write proxy_enable_rule Enable a disabled interception rule. Write proxy_import_har Import a HAR file from disk into a new persisted session for querying, findings, and replay. Write proxy_set_host_upstream Set a per-host upstream proxy override. Traffic to this hostname will use the specified proxy instead of th... Write proxy_set_upstream Set a global upstream proxy for all outgoing traffic. Supports socks4://, socks5://, http://, https://, and... Write proxy_update_rule Modify an existing interception rule.
DESTRUCTIVE 11 tools
Destructive interceptor_docker_detach Remove proxy configuration from a Docker container and clean up injected files. Destructive proxy_clear_traffic Clear all captured traffic from the buffer. Destructive proxy_delete_session Delete a recorded session from disk. Destructive proxy_remove_host_upstream Remove a per-host upstream proxy override. Destructive proxy_remove_rule Delete an interception rule. Destructive proxy_session_stop Stop persistent on-disk capture and finalize the active session. Destructive interceptor_deactivate_all Kill ALL active interceptors across all types. Emergency cleanup — stops all browser instances, kills spawn... Destructive interceptor_kill Kill a spawned process by target ID. Also retrieves final stdout/stderr output. Destructive proxy_mobile_teardown Reverse proxy_mobile_setup: deactivate the Android target if any, stop the transparent + explicit listeners... Destructive interceptor_browser_close Close a browser instance launched by interceptor_browser_launch (or interceptor_camoufox_launch). Destructive interceptor_camoufox_close Close a camoufox instance launched by interceptor_camoufox_launch. Kills the Python launcher, removes the t...
EXECUTE 30 tools
Execute interceptor_browser_evaluate Execute a JS file in the page and return its result. Execute interceptor_browser_launch Launch cloakbrowser (stealth Chromium) with proxy flags and SPKI certificate trust. Built-in source-level f... Execute interceptor_browser_navigate Navigate the browser target Execute interceptor_camoufox_launch Launch camoufox (anti-detect Firefox) as a Playwright WebSocket server, proxied through proxy-mcp with NSS ... Execute proxy_session_start Start persistent on-disk capture for the current proxy run. Execute proxy_start Start the HTTPS MITM proxy. Auto-generates a CA certificate. Returns port, URL, cert fingerprint, and setup... Execute proxy_start_transparent Start the transparent proxy listener. Receives iptables-redirected traffic (no CONNECT tunnels). Shares the... Execute proxy_stop Stop the MITM proxy. Traffic history and CA certificate are retained. Execute proxy_stop_transparent Stop the transparent proxy listener. Execute humanizer_idle Simulate idle behavior with mouse micro-jitter and occasional micro-scrolls. Execute interceptor_browser_inject_init_script Inject a JS file as an init script (Playwright Execute interceptor_frida_detach Detach Frida session from an Android app, removing injected scripts. Execute interceptor_spawn Spawn a command with proxy env vars pre-configured (HTTP_PROXY, HTTPS_PROXY, SSL_CERT_FILE, NODE_EXTRA_CA_C... Execute proxy_replay_session Replay selected requests from a recorded/imported session. Default mode is dry_run for safety. Execute proxy_rewrite_url Rewrite request URLs matching a pattern. Creates a passthrough rule with body match-replace on the URL. Execute humanizer_click Click an element. Pass one of: selector (CSS/XPath), role + optional name, Execute humanizer_move Move mouse to target coordinates via the backend Playwright page. Execute humanizer_scroll Dispatch a wheel event. Raw page.mouse.wheel — single event, not multi-step. Execute humanizer_type Type text into the focused element via page.keyboard.type. Execute interceptor_android_activate Full Android interception: inject CA cert into system store (root required), set up ADB reverse tunnel, and... Execute interceptor_android_setup Quick setup: push CA cert + ADB reverse tunnel only (no Wi-Fi proxy). Equivalent to interceptor_android_act... Execute interceptor_browser_add_script_tag Append a <script> element to the current page (Playwright Execute interceptor_docker_attach Inject proxy env vars and CA certificate into a Docker container. Two modes: Execute interceptor_frida_attach Attach to an Android app via Frida and inject SSL unpinning + proxy redirect scripts. Bypasses certificate ... Execute proxy_add_rule Add an interception rule with a matcher and handler. Rules are evaluated by priority (ascending), first mat... Execute proxy_enable_server_tls_capture Toggle server-side JA3S capture. When enabled, outgoing TLS connections are intercepted to extract the server Execute proxy_inject_headers Add or overwrite headers on matching traffic. Creates a passthrough rule with header transforms. Execute proxy_mobile_setup One-command mobile capture: start explicit + transparent listeners, optionally inject the CA on an Android ... Execute proxy_set_fingerprint_spoof Enable outgoing TLS + HTTP/2 fingerprint spoofing via impit (native TLS impersonation, no Docker required).... Execute proxy_set_ja3_spoof Legacy: enable fingerprint spoofing (deprecated, use proxy_set_fingerprint_spoof with a preset). The ja3 pa...

Route Proxy through PolicyLayer and every one of its 89 tools is checked against your policy before it runs.

CHECK YOUR STACK →

See every tool, the dangerous ones, and the token cost across your stack.

// FAQ
How many tools does the Proxy MCP server have? +

The Proxy MCP server exposes 89 tools across 4 categories: Read, Write, Destructive, Execute.

How do I enforce policies on Proxy tools? +

Route the Proxy server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do Proxy tools fall into? +

Proxy tools are categorised as Read (37), Write (11), Destructive (11), Execute (30). Each category has a recommended default policy.

Enforce policy on every Proxy tool call.

Start from Proxy, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.