MCP Inspector (HTTP)

Skippy says: this is a debugging aid, not an audit tool, and certainly not permission to aim SSRF at your internal network because a blog post told you to. Requests run from the machine hosting this app. Do not paste production credentials. I am magnificent; your SOC team is not amused.

URLAllow http://localhost / 127.0.0.1Forward Authorization header

—