{"id":"khuynh22-mcp-wireshark","name":"mcp-wireshark","af_score":58.2,"security_score":29.5,"reliability_score":28.8,"what_it_does":"mcp-wireshark is a Python-based MCP server that exposes Wireshark/tshark functionality to MCP-compatible AI clients. It can run live packet capture, read/analyze .pcap/.pcapng files, apply display filters, follow TCP/UDP streams, and export analysis results (e.g., JSON) via defined MCP tools.","best_when":"Used in a developer/admin workflow where an operator can install dependencies (tshark) and run the MCP server locally or within a controlled network environment.","avoid_when":"Avoid exposing the MCP server broadly to untrusted networks or multi-tenant environments without additional access controls; avoid running it as a privileged process when only offline analysis is needed.","last_evaluated":"2026-03-30T15:29:17.413567+00:00","has_mcp":true,"has_api":false,"auth_methods":[],"has_free_tier":false,"known_gotchas":["Requires tshark to be installed and on PATH (or configured) before tools will function","Live capture may require OS permissions (e.g., wireshark group membership on Linux)","Processing large pcaps/long captures can be slow or resource-intensive; agents should limit capture duration/filter scope"],"error_quality":0.0}