servers / miniapp-cdp-mcp

miniapp-cdp-mcp

communitystdiolocaldestructive capablehealthy

微信小程序逆向工程 MCP 服务器,让你的 AI 编码助手(如 Claude、Cursor、Antigravity)能够直接通过 Chrome DevTools Protocol (CDP) 调试和分析微信小程序(包括微信开发者工具或 PC 端微信小程序)中的 JavaScript 代码。


01Tools · 18

How to read this: tool names here are observed from a live tools/list handshake. The Risk label is a heuristic inferred from the tool name (write/destructive verbs), not from executing the tool — a conservative guess, not a verified capability. We never escalate risk from a description. Found one that's wrong? Tell us — we fix on report.

ToolRiskSide effectsApproval
get_request_initiator
Gets the JavaScript call stack that initiated a network request. This helps trace which code triggered an API call.
unknownunknownunknown
search_in_sources
Searches for a string or regex pattern in all loaded JavaScript sources. Returns matching lines with script ID, URL, and line number.
unknownunknownunknown
resume_execution
Resumes JavaScript execution if it is currently paused at a breakpoint. Use this tool to continue running the application after you have finished inspecting the paused state.
unknownunknownunknown
list_scripts
Lists all JavaScript scripts loaded in the current page. Returns script ID, URL, and source map information. Use this to find scripts before setting breakpoints or searching.
readfalseunknown
evaluate_script
Evaluates a JavaScript expression in the current context. If execution is paused, it automatically evaluates in the paused call frame context.
unknownunknownunknown
list_network_requests
List network requests for the currently selected miniapp target/session since MCP started monitoring it. Results are sorted newest-first. By default returns the 20 most recent requests; use page_size/page_idx to paginate. Pass reqid to get a single request's full details. On first call it automatically connects to the endpoint, infers the target, attaches only that target, enables Network on that target session, and starts collecting XHR/Fetch requests.
readfalseunknown
get_script_source
Gets a snippet of a JavaScript script source by URL (recommended) or script ID. Supports line range (for normal files) or character offset (for minified single-line files).
unknownunknownunknown
get_websocket_messages
Lists WebSocket connections or gets messages for a specific connection. Without wsid, lists all connections. With wsid, gets messages.
unknownunknownunknown
list_targets
Lists all available targets (WebView threads, AppService threads, etc.) in the connected debugger.
unknownunknownunknown
get_response_body
Get the response body for a request returned by list_network_requests. If session_id is omitted, it is inferred from the monitored request cache.
readfalseunknown
save_script_source
Saves the full source code of a JavaScript script to a local file.
unknownunknownunknown
break_on_xhr
Sets a breakpoint that triggers when an XHR/Fetch request URL contains the specified string.
readfalseunknown
list_breakpoints
Lists all active XHR and code breakpoints.
unknownunknownunknown
get_paused_info
Gets information about the current paused state including call stack, current location, and scope variables. Use this after a breakpoint is hit to understand the execution context.
unknownunknownunknown
remove_breakpoints
Removes breakpoints. You can specify a code breakpoint ID, an XHR URL, or set clear_all=True to delete ALL breakpoints (highly recommended before starting a new task). WARNING: This deletes the breakpoint so it won't hit again. If you are currently paused and just want to continue running the code, DO NOT use this tool; use `resume_execution` instead.
destructivetruetrue
switch_target
Switches the CDP connection to a different target thread (e.g. from WebView to AppService) to debug different parts of the miniapp.
unknownunknownunknown
set_breakpoint_on_text
Finds a text string in all loaded scripts and sets a breakpoint at that location. CRITICAL AI WORKFLOW WARNING: Do NOT set breakpoints on function names or assignment statements (e.g., 'funcName = function'). In minified code, this will break on the one-time assignment rather than the execution. Instead, ALWAYS use get_script_source to read the function body first, then set the breakpoint on a specific statement INSIDE the function body (e.g., 'var x=', 'return').
writetrueunknown
step
Controls execution when paused. action must be one of: 'over', 'into', 'out'.
unknownunknownunknown

02Install & source
uvx --from miniapp-cdp miniapp-cdp-mcp
uvx

05Provenance & freshness
sourcesGitHub repo search [p4]
last_checked2026-07-09 08:29Z
next_check2026-07-11 07:57Z
cadenceevery 48h
verifiedtools_list:passed handshake:passed metadata:passed
index_statusindex8 unique facts >= 5

06Badge

Add the “as seen on MCPExplorer” badge to your README. miniapp-cdp-mcp MCP — as seen on mcpexplorer.com

[![miniapp-cdp-mcp MCP — as seen on mcpexplorer.com](https://mcpexplorer.com/badge/miniapp-cdp-mcp.svg)](https://mcpexplorer.com/servers/miniapp-cdp-mcp)

Next step

This is one server. A loadout combines the right servers, governance, and proven plays for a whole job — assembled deliberately, not tool-dumped.

Explore loadouts →