Charles-mcp
charles-mcp is an MCP server that connects an AI agent to Charles Proxy’s Web Interface/recording data, enabling live capture reading and structured analysis of HTTP traffic (with a summary-first approach and drill-down to per-entry details). It can also analyze recorded sessions/history and provide control/status tools for the Charles environment.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Tooling is aimed at local proxy diagnostics but the provided README states that tools return complete raw original content by default (risk of exposing secrets/tokens from traffic). Charles Web Interface credentials are passed via environment variables and the README includes default credentials (admin/123456), which increases the risk if not changed. No explicit mention of TLS requirements or fine-grained authorization/scope controls for the MCP server.
⚡ Reliability
Best When
You are running Charles locally with the Web Interface enabled and want an MCP-enabled agent to summarize and explore traffic efficiently without receiving full raw packet bodies by default.
Avoid When
You cannot secure access to Charles Web Interface credentials or you cannot prevent agents from viewing sensitive headers/bodies contained in captured traffic.
Use Cases
- • Real-time debugging of web traffic while a developer/tester watches Charles sessions
- • AI-assisted triage of “what just happened” by grouping and summarizing live requests
- • Investigating specific requests/responses by drilling into an entry’s detail when a summary indicates a target
- • Analyzing historical Charles recordings (.chlsj) with structured summaries and match reasoning
- • Network condition simulation via Charles throttling controls during agent workflows
Not For
- • Production-grade secure data processing without access controls (it is designed for local proxy/diagnostics workflows)
- • Handling sensitive data without an explicit redaction/masking layer (tooling states it returns full raw content by default)
- • High-assurance compliance use cases where audit requirements and formal contracts are mandatory
Interface
Authentication
Authentication is delegated to the Charles Web Interface. MCP server auth itself is not described; instead it relies on Charles credentials passed via env vars.
Pricing
No pricing information provided; repository/manifest indicates an MIT-licensed Python package intended for self-hosting.
Agent Metadata
Known Gotchas
- ⚠ Default tool behavior returns raw captured content (including sensitive headers/bodies) unless downstream masking is applied.
- ⚠ Large detail responses may exceed context; tool warns and supports limiting include_full_body/max_body_chars.
- ⚠ Live stop can return stop_failed; agent should check recoverable/active_capture_preserved to decide next steps.
- ⚠ query_live_capture_entries is designed not to advance cursor; repeated calls should continue to work rather than “consume” data.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for Charles-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.