What MCP server connects Claude Desktop to my API requests on Mac?

Rockxy is a free, open-source native macOS HTTP/HTTPS debugger with a built-in MCP server. It captures local HTTP/HTTPS/WebSocket/GraphQL traffic on your Mac and exposes it to Claude Desktop, Cursor, GitHub Copilot, and Continue over stdio MCP. Install from rockxy.io, enable the MCP server in Settings, add the server entry to claude_desktop_config.json, and your assistant can call list_flows, get_flow_detail, replay_request, and diff_flows.

How do I debug HTTPS traffic with Claude Desktop on macOS?

Install Rockxy, install its root certificate in macOS Keychain and trust it for SSL, start Rockxy's system proxy, then connect Claude Desktop to Rockxy's MCP server. HTTPS traffic is decrypted locally on your Mac and made visible to your AI assistant through the MCP tools. Nothing leaves your machine.

Is there a free HTTP/HTTPS debugger for Mac that works with AI assistants?

Yes. Rockxy is free and open source under AGPL-3.0 — a native macOS HTTP/HTTPS debugger with a built-in MCP server for AI assistants.

How do I let Cursor read my HTTP requests?

Install Rockxy for macOS. In your project, create or edit .cursor/mcp.json and add a server entry pointing to the rockxy-mcp binary inside the Rockxy.app bundle. Cursor discovers the four tools list_flows, get_flow_detail, replay_request, diff_flows and can query captured traffic directly from the agent.

What tools does the Rockxy MCP server expose?

Four tools: list_flows (filtered list of captured HTTP flows), get_flow_detail (full request and response for one flow id), replay_request (re-execute a captured flow with optional header, body, or URL overrides), and diff_flows (structural diff of two flows including headers, body, status, and timing deltas).

Does Rockxy send my captured traffic to OpenAI or Anthropic?

No. Rockxy's MCP server binds to localhost only. Captured request and response data lives in a local SQLite store on your Mac. The AI assistant that calls Rockxy MCP tools may include the returned data in its prompts to its own provider, but Rockxy itself never uploads traffic and has no telemetry.

Can AI assistants replay HTTP requests through Rockxy?

Yes. The replay_request MCP tool takes a flow id and optional overrides for headers, body, and URL, then executes the request again through Rockxy. The AI assistant receives the new response summary and can iterate on it, which is useful for reproducing bugs and testing authentication fixes.

How do I diff two HTTP requests with an AI assistant?

Capture both flows in Rockxy, note their flow ids, then ask your AI assistant: 'diff flow abc123 against flow def456'. The assistant calls the diff_flows MCP tool, which returns headers added/removed/changed, body diff, status delta, and timing delta.

What macOS versions does Rockxy support?

macOS 14 Sonoma and later on both Apple Silicon and Intel Macs. Rockxy ships as a universal binary.

Is Rockxy open source?

Yes. Rockxy is released under the GNU Affero General Public License v3.0. Source is at github.com/RockxyApp/Rockxy. If you modify Rockxy and operate it as a network service, AGPL requires you to publish your modifications.

Does Rockxy support Windows or Linux?

Rockxy is native macOS today. Windows and Linux versions are on the roadmap. The capture engine uses SwiftNIO, which is cross-platform, so the capture core ports cleanly; the UI layer needs to be rewritten for each platform.

How does Rockxy compare to mitmproxy or Wireshark?

mitmproxy is a CLI/web-based HTTPS proxy but not a native Mac app and has no first-class MCP integration. Wireshark operates at the packet level, not the HTTP application layer. Rockxy is a native macOS HTTP/HTTPS debugger with a first-party MCP server that lets AI coding assistants read and act on captured flows.

Does Rockxy integrate with AI coding assistants?

Yes. Rockxy ships a built-in Model Context Protocol (MCP) server that connects to Claude Desktop, Cursor, Windsurf, Zed, Continue, and GitHub Copilot. It exposes four tools — list_flows, get_flow_detail, replay_request, diff_flows — over stdio. The MCP server is free and open source under AGPL-3.0.

What is the Rockxy Developer Setup Hub?

The Developer Setup Hub is a built-in panel in Rockxy that generates proxy configuration snippets for Python, Node.js, Ruby, Go, Rust, Java, Docker, cURL, and every major browser. A one-click Verify action tests whether traffic is actually flowing through Rockxy. It is included in the free open-source core.

Is the Rockxy MCP server open source?

Yes. Every line of the Rockxy MCP server is published under the AGPL-3.0 license on GitHub at github.com/RockxyApp/Rockxy. The server runs locally over stdio — captured request and response data never leaves the developer's Mac.

How does Rockxy compare to Proxyman and Charles Proxy for AI workflows?

Rockxy is the only native macOS HTTP debugger that ships a first-party MCP server in the free open-source core. Proxyman offers AI features as a commercial paid add-on. Charles Proxy does not have AI integration. Rockxy's Developer Setup Hub is unique to Rockxy — neither Proxyman nor Charles Proxy has an equivalent.

Native macOS Proxy Tool

Open-source HTTP/HTTPS debugging proxy for macOS.

Rockxy helps Mac developers inspect traffic, replay requests, test edge cases, and verify what their tools are actually sending. It is a native macOS proxy tool for HTTP, HTTPS, WebSocket, and GraphQL traffic from apps on your Mac, iOS devices, and iOS Simulator, with public source, local-first behavior, and the core workflow you expect from a serious Proxyman alternative or Charles Proxy alternative.

Download for macOS View on GitHub

Looking for a Proxyman alternative or Charles Proxy alternative? Start with the Rockxy vs Proxyman guide.

Released 7 May 2026 · v0.16.0 build 25 · signed universal .dmg · release notes · SHA256 checksum · macOS 14+ · Apple Silicon + Intel

Terminal Homebrew

$ brew install --cask rockxy

Install Rockxy directly with Homebrew · or download the signed .dmg

Rockxy app dark theme — network traffic inspector

Rockxy app light theme — network traffic inspector

Built for real debugging work

Local traffic.
Native tools. Optional MCP.

Native macOS proxy tool. Public source. Local-first traffic handling. Claude Desktop, Cursor, Windsurf, Zed, Continue, GitHub Copilot.

MCP, if you want it

Let assistants inspect captured flows.

Rockxy ships a local MCP server for cases where it actually helps: explaining a 401, diffing two failing requests, or replaying a call after you change auth. It runs over stdio on your Mac, and the source is public under AGPL-3.0.

Four tools. Claude Desktop. Cursor. Windsurf. Zed. Continue. GitHub Copilot.

Learn more

Setup that tells the truth

Know whether traffic is really going through the proxy.

Developer Setup Hub gives you runtime-specific proxy snippets and a Verify step that checks whether your app, certificate trust, and port settings are actually correct. When something is off, it points to the fix instead of giving you a vague green check.

Python. Node.js. Ruby. Go. Rust. Java. Docker. cURL. Browsers.

Learn more

Both are part of the core app. Rockxy focuses on local debugging first, then adds MCP where it is useful.

Full comparison Pricing

What Rockxy does

Rockxy is an open source proxy for Mac developers who need to see traffic from real apps, not just the browser. Use it to inspect API calls, pause and edit requests, replay failures, compare responses, export artifacts, and review the source before you trust the tool with sensitive traffic.

Traffic from real apps

HTTP, HTTPS, WebSocket, and GraphQL-over-HTTP traffic from native Mac apps, command-line tools, services, background processes, iOS devices, and iOS Simulator.

Debugging workflow

Inspect requests and responses, set breakpoints, rewrite traffic, replay requests, compare responses, export HAR, and save sessions for later analysis.

Public release trail

Signed universal macOS builds are published on GitHub Releases with versioned assets, release notes, and a SHA256 checksum.

Local-first evaluation

Check the source, issue tracker, release notes, privacy policy, and HTTPS interception docs before you install. Everything important is public.

Compare Rockxy with Charles Proxy and Proxyman Read the Rockxy privacy policy Why Rockxy is open source How Rockxy handles HTTPS interception

macOS 14+: supported in the current public release
Universal: one signed build for Apple Silicon and Intel
Open Source: AGPL-3.0 source and license on GitHub
SHA256: checksum published with every release asset
Homebrew: install with brew install --cask rockxy or the signed .dmg

Built for macOS.
Not ported to it.

Built with SwiftUI, AppKit, and SwiftNIO for Mac developers who want native system integration instead of a cross-platform wrapper.

Native Performance

SwiftUI + AppKit with a virtual-scrolling NSTableView that handles 100k+ requests without lag. Batch updates every 100ms keep the UI responsive under heavy traffic.

System Integration

SMAppService privileged helper sets the system proxy instantly. No terminal commands after initial setup. Automatic process identification with real app icons.

Transparent Security

Per-host TLS certificates generated on-the-fly. Root CA private key stored in macOS Keychain. Every security decision is in the source — read the code, verify the claims.

Capture. Inspect. Modify. Replay.

A practical workflow for inspecting traffic, reproducing bugs, and testing fixes on your own Mac.

Capture

Capture live HTTP, HTTPS, WebSocket, and GraphQL-over-HTTP traffic from Mac apps, local services, CLI tools, iOS devices, and iOS Simulator.

Inspect

Read headers, bodies, cookies, timing waterfalls, and TLS details without losing the request context that made the bug reproducible.

Modify

Apply rules, set breakpoints, or script changes when you need to reproduce auth, cache, or payload issues one variable at a time.

Replay

Replay the exact request that failed, compare the result with diff, then save or export the session for the next person on the team.

The tools you reach for when browser DevTools are not enough.

Core traffic debugging for Mac and iOS work, native on macOS, with public releases and a local-first workflow.

Traffic Capture

Inspect HTTP, HTTPS, WebSocket, and GraphQL traffic from any Mac app, CLI, or iOS device. Browser DevTools end at the browser — Rockxy sees the rest of your stack.

HTTP / HTTPS WebSocket GraphQL iOS Device & Simulator Filter by Process ID Timing Waterfall

Rockxy macOS HTTP proxy capturing live HTTPS requests from Safari, Chrome, Firefox, and curl in a single request list

Advanced Filter & Search

Narrow thousands of captured requests in seconds. Combine method, host, status, header, body, and process filters — or run a full-text search across the whole session.

Multi-Field Filters Full-Text Search Status / Method Header / Body Match Process / Host Saved Filters

Rockxy advanced filter and search panel narrowing captured HTTP traffic by method, host, status, and header values

MCP Server for AI Assistants

Let Claude Desktop or Cursor read your captured traffic through a local MCP server. Ask “why did this 500?” instead of pasting headers into chat.

100% Free.

No license fee.
No subscription, no trial period.
No paid AI add-on or upsell.
No usage cap. Use it on every project, every machine.

Claude Desktop Cursor Local stdio Redaction Open Source

Rockxy MCP server settings with copy-paste configuration JSON for Claude Desktop and Cursor and a privacy redaction toggle

Developer Setup Hub

Copy-paste proxy snippets for Python, Node.js, Go, Rust, cURL, Docker, and browsers, then click Run Test to confirm traffic is actually flowing.

Python Node.js Go / Rust / Java cURL / Docker One-Click Verify Trust Diagnostics

Rockxy Developer Setup Hub with copy-paste proxy snippets for Python, Node.js, Go and a Run Test action validating the runtime is flowing through the proxy

Certificate Management for HTTPS Debugging

A P-256 ECDSA root CA generated on first launch, sealed in your Keychain. Decrypt HTTPS on the first try; pinned hosts pass through automatically.

P-256 ECDSA Root CA Keychain-Sealed Key Per-Host Leaf Certs Trust Wizard Pinned-Host Passthrough Rotate / Reset

Rockxy root CA panel showing trusted system status with Export, Generate, and Reset actions for HTTPS interception

SSL Proxy & HTTPS Decryption

Pick which hosts get TLS decryption. Decrypted traffic shows real headers and JSON; everything else passes through encrypted. Wildcard rules let you scope by domain in one click.

Per-Host Decryption Wildcard Rules Allow / Deny List TLS 1.2 / 1.3 Pinned Host Passthrough Inspect API Payloads

Rockxy SSL proxy settings showing per-host TLS decryption rules with wildcard patterns and allow list

Bypass Proxy

Skip specific hosts so cert-pinned apps, internal services, or noisy telemetry never enter the capture. Wildcards keep the list short and your request log focused on what you actually care about.

Per-Host Bypass Wildcard Patterns Skip Pinned Hosts Mute Telemetry Reduce Noise Toggle Anytime

Rockxy Bypass Proxy settings showing wildcard host rules that skip specific domains from capture

Block List

Make any host fail. Drop ad networks, third-party trackers, or a flaky dependency to see how your app degrades when it’s gone — without changing a line of code.

Per-Host Block Wildcard Match Simulate Outage Test Fallbacks Strip Trackers Toggle Anytime

Rockxy Block List rules window showing wildcard host patterns that drop matching requests for failure-mode testing

Map Local & Map Remote

Redirect any host to staging, your dev server, or a local file. No more /etc/hosts edits or one-off feature flags to reproduce a bug.

Map Remote Map Local (File) Map Local (Directory) Response Snapshot Regex Patterns Preserve Host Header

Rockxy Map Remote rule redirecting a regex source pattern to localhost:9999 for local API development

Breakpoints & Rules

Pause a request or response, edit method, headers, body, or status, then continue. The fastest way to test “what if the API returns 401?” without touching the backend.

Request Breakpoints Response Breakpoints Block Throttle Regex / Wildcard Match Inject Failure States

Rockxy breakpoint rule editor with wildcard URL match, subpaths toggle, and request and response phase checkboxes

Modify Headers

Add, remove, or replace headers on any host without redeploying. Test CORS, auth, or cache changes in seconds with built-in presets.

Add / Remove / Replace CORS Presets Auth Stripping Request Phase Response Phase URL Pattern Scope

Rockxy Modify Headers rule editor with URL pattern match and ordered Add, Remove, and Replace operations

Custom Request & Response Headers

Override headers per host with full control over both phases. Inject auth tokens on outgoing requests, strip Set-Cookie on responses, or pin a custom User-Agent — saved as named rules you can toggle anytime.

Per-Host Override Request Phase Response Phase Auth Token Inject Cookie Strip Named Rules

Rockxy custom request and response header editor with named rules toggling per-host overrides on both phases

Network Conditions

Throttle to 3G, EDGE, LTE, WiFi, or a custom delay. Your laptop is on fiber; your users aren’t — see the UX at 400 ms RTT before they do.

3G EDGE LTE WiFi Very Bad Network Custom Latency

Replay & Diff

Replay the exact failing request, or edit one field and re-send. Side-by-side diff highlights what flipped — no Postman copy-paste loop.

Repeat Edit and Repeat Side-by-Side Diff Header Diff Body Diff Query Diff

Rockxy side-by-side diff of two captured HTTP transactions with highlighted differences in request line, host, query, headers, and body

Custom Previewer Tabs

Render request and response bodies the way you want. Pin extra tabs to the inspector for JSON, GraphQL, JWT, image, or your own format — reusable across every captured request.

JSON GraphQL JWT Decoder Image / Hex Custom Format Pinned per Inspector

Rockxy custom previewer tabs in the response inspector showing JSON, GraphQL, and decoded body views pinned alongside the default view

Sessions & Export

Save sessions, import/export HAR, copy any request as cURL or JSON. Capture once and hand off a working repro instead of a screenshot.

.rockxysession HAR Import / Export Copy as cURL Copy as JSON Raw HTTP

Rockxy request context menu showing export options for HAR, request body, and response body

Multi-Tab Workspaces

Run independent capture sessions side-by-side — one tab for staging, one for prod, one for the iOS device build. Each tab has its own filters, selection, and inspector state, so context switching costs nothing.

Independent Sessions Per-Tab Filters Per-Tab Inspector Compare Environments Mac & iOS Together Detach & Rename

Rockxy multiple tab workspace showing several independent capture sessions running side-by-side, each with its own filters and inspector

JavaScript Scripting

JS hooks on requests and responses for the cases a static rule can’t cover — redact PII, sign tokens, rewrite payloads. Errors surface inline instead of corrupting traffic.

Request Hooks Response Hooks Programmatic Filtering PII Redaction Inline Error Feedback Automation

Rockxy Scripting tool window ready for JavaScript request and response hooks with inline error feedback

A native macOS HTTP/HTTPS debugger with public source, public releases, and a local-first workflow.

From first launch to first capture in a few minutes.

Install the app, trust the local certificate, and start intercepting traffic from apps on your Mac. No account, no remote setup, no hidden service dependency.

Install

Download and drag to Applications. The privileged helper registers automatically via SMAppService.

Trust Certificate

Rockxy generates a local root CA. One-click install to your system keychain. macOS prompts for approval.

Start Capturing

Click the proxy toggle. System HTTP and HTTPS proxy configured automatically across all network interfaces.

How Rockxy Compares

If you are evaluating a Proxyman alternative or Charles Proxy alternative, these are the differences that matter in day-to-day use.

Feature	Charles Proxy	Proxyman	Rockxy
Native macOS	No (Java)
AI assistant integration (MCP) Only in Rockxy		Paid add-on	Built-in
Developer Setup Hub Only in Rockxy			Included
Open Source
Price	$50	Freemium	Free
HTTPS Interception
WebSocket
Scripting		Paid only
Diff View
Telemetry	Unknown	Yes	None

See full comparison Browse alternatives hub Read the Proxyman alternative page

Under the Hood

Rockxy sits between your app and the network as a local debugging proxy. The details matter because this is the part of the product that handles decrypted traffic, certificate trust, and system proxy changes on your Mac.

Connection handling

SwiftNIO's non-blocking event loop handles thousands of in-flight connections without spawning per-request threads.

TLS termination

Security.framework generates a per-host leaf certificate signed by a local root CA. The private key never leaves the macOS Keychain.

UI updates

Captured transactions are batched on a background actor and published to SwiftUI every 100 ms — keeping the main thread free under heavy load.

Privileged helper

A launchd daemon registered via SMAppService handles system proxy changes with zero password dialogs after one-time approval in System Settings.

XPC security

Every XPC call is validated by two independent checks — certificate chain comparison and bundle identity verification via SecRequirement. Both must pass.

Crash recovery

If Rockxy exits unexpectedly, the helper daemon auto-restores your original proxy settings from a backup plist. A watchdog monitors the app process every 2 seconds.

The stack behind Rockxy

The stack is part of the product story: native frameworks for Mac UX, SwiftNIO for the proxy engine, and public source so teams can inspect the implementation.

SwiftNIO

Async networking engine. Handles thousands of concurrent connections on a non-blocking event loop — no thread-per-connection overhead.

SwiftUI + AppKit

Native Mac UI with a virtual-scrolling NSTableView — renders 100k+ rows by keeping only visible cells in memory.

Security.framework

Per-host TLS leaf certificates, signed by a local root CA. The root CA private key is stored in the macOS Keychain — never written to disk.

XPC Services

Privileged helper process isolated via XPC. Every connection validated with certificate-chain comparison before any proxy operation runs.

From the Engineering Blog

Implementation notes from building Rockxy.

All posts →

Security

How Rockxy intercepts HTTPS without compromising security

A walkthrough of the per-host certificate chain, how the root CA private key stays in Keychain, and why your browser still shows a green padlock.

Performance

Virtual-scrolling 100k network requests in SwiftUI

Why NSTableView with an NSViewRepresentable bridge outperforms a native SwiftUI List by 40x at 100k rows, and the batching strategy that keeps the main thread at zero.

Architecture

Why we chose SwiftNIO over Network.framework

Network.framework abstracts away the connection pipeline we need to intercept. SwiftNIO gives us channel handlers we can insert at the byte level — the only place MITM proxying works correctly.

Evaluate Rockxy from public artifacts

For a proxy that can see decrypted traffic, trust should come from public code, public releases, and documentation you can verify yourself.

Source and license

Audit the code, check the AGPL-3.0 license, and inspect the project structure before you install anything.

Releases and assets

The release page shows versioned assets, release notes, build number, and publish date in public on GitHub.

Privacy model

Read the privacy policy, then compare it against the product architecture and the public code to see how traffic stays on-device.

HTTPS interception

Review how certificate handling works, what lives in Keychain, and how the proxy model is implemented on macOS.

Native macOS. Open source. Local-first.

A native macOS proxy tool you can evaluate before you trust it.

Read the source, review the release trail, check the privacy model, then download the signed build. Rockxy is an open source proxy for Mac teams comparing Proxyman and Charles Proxy alternatives.

Download for macOS View on GitHub

Documentation Changelog SHA256 checksum

Development is public, and feedback is part of the product.

Source, issues, releases, and changelog are all public. If Rockxy is useful for your work, you can help by filing bugs, reviewing code, contributing patches, or sponsoring development time.

Become a sponsor GitHub Sponsors

Star on GitHub

A star helps other developers find Rockxy in search results.

Report bugs

File an issue. Detailed bug reports directly improve the next release.

Contribute code

PRs welcome. Check the issue tracker for good first issues.

Sponsor

Fund development time. Every contribution accelerates the roadmap.

Get in touch

Questions, bugs, and team evaluations all go through the same public channels. Reach out if you want to try Rockxy in a real workflow.

rockxyapp@gmail.com GitHub

Open-source HTTP/HTTPS debugging proxy for macOS.

Local traffic. Native tools. Optional MCP.

Let assistants inspect captured flows.

Know whether traffic is really going through the proxy.

What Rockxy does

Traffic from real apps

Debugging workflow

Public release trail

Local-first evaluation

Built for macOS.Not ported to it.

Native Performance

System Integration

Transparent Security

Capture. Inspect. Modify. Replay.

Capture

Inspect

Modify

Replay

The tools you reach for when browser DevTools are not enough.

Traffic Capture

Advanced Filter & Search

MCP Server for AI Assistants

Developer Setup Hub

Certificate Management for HTTPS Debugging

SSL Proxy & HTTPS Decryption

Bypass Proxy

Block List

Map Local & Map Remote

Breakpoints & Rules

Modify Headers

Custom Request & Response Headers

Network Conditions

Replay & Diff

Custom Previewer Tabs

Sessions & Export

Multi-Tab Workspaces

JavaScript Scripting

From first launch to first capture in a few minutes.

Install

Trust Certificate

Start Capturing

How Rockxy Compares

Under the Hood

The stack behind Rockxy

From the Engineering Blog

How Rockxy intercepts HTTPS without compromising security

Virtual-scrolling 100k network requests in SwiftUI

Why we chose SwiftNIO over Network.framework

Evaluate Rockxy from public artifacts

Source and license

Releases and assets

Privacy model

HTTPS interception

A native macOS proxy tool you can evaluate before you trust it.

Development is public, and feedback is part of the product.

Get in touch

Local traffic.
Native tools. Optional MCP.

Built for macOS.
Not ported to it.