I've just released version 0.15.0 of mcp-windbg. It has been a while since the 0.12.2 post, and three releases have landed since then. Rather than a single feature, this is a round-up of everything that has shipped: a way to break into a running session, a hook to scrub sensitive data before it ever reaches the model, and a proper documentation site to tie it all together.
What's New
Break into a live session
If you have used a real debugger, you know the moment: the process is spinning, you want to know what it is doing right now, and you reach for CTRL+BREAK. That now works through the MCP interface too.
The new send_ctrl_break tool, contributed by @GeoYS, interrupts an active CDB/WinDbg session, for both dump and remote debugging workflows. So when you are driving a live target and it wanders off into a tight loop or a long wait, the model can break in, inspect the state, and carry on, the same way you would at the keyboard. This closes a real gap: before, a live session that was busy was a session you could only wait on.
Redact sensitive data before it leaves the machine
Crash dumps are full of things you might not want to hand to a model: file paths with usernames, machine names, environment variables, command lines, sometimes worse. The new --filter-script option lets you point the server at a trusted Python helper that can rewrite string-valued tool arguments and tool text output on the way through.
The important part is the boundary. Your script only sees the string values, not the full MCP protocol messages, so you can do focused PII redaction (mask a username, strip a token, normalize a path) without writing a protocol-aware proxy. If you run a centralized analysis service, this is the piece that lets you control what actually crosses the wire.
A real documentation site
The project has outgrown a README and a wiki. There is now a proper documentation site built with MkDocs Material and deployed to GitHub Pages. It covers getting started, the individual use cases, and a reference for the command-line options, the tools, and client configuration.
A few highlights worth calling out:
- Use-case guides for the things people kept asking about: running the server over HTTP to debug from another machine, and scrubbing tool output to redact sensitive data.
- The built-in
dump-triageprompt is now documented, including itsdump_pathargument, so you can trigger a full structured triage without hand-writing the workflow. - Honest limitations are written down rather than discovered the hard way: the HTTP transport has no authentication, attach-by-PID is not supported, and sessions run concurrently.
Quieter, sturdier foundations
Not everything in a release is a headline feature. A few things under the hood matter if you run this day to day:
- The stdio transport no longer crashes on a malformed input line. A single unparseable line used to tear down the whole process; now it is logged and the server keeps running.
- The test suite was rebuilt as a declarative end-to-end harness. Every scenario runs against a really-hosted
python -m mcp_windbgserver driven by a real MCP client, with only the LLM faked. Coverage now sits above 90 percent, measured in the subprocess where tool dispatch actually runs. - Package metadata is complete, so
pip showand the PyPI page now carry the author, project URLs, and proper classifiers. - Symbols resolve more often out of the box: the dump's own directory is now auto-included in the symbol search path, so PDBs sitting next to a dump are found without extra configuration.
Community Contributions
This stretch of releases leaned on the community, and two contributions stand out:
- @GeoYS added the live break-in feature in #40, which became the
send_ctrl_breaktool above. It is the headline of the 0.13.0 release. - @SSyl made symbols just work in more cases by auto-including the dump directory in the symbol search path (#41).
This is exactly the kind of contribution that makes a tool better for everyone, not just the person who filed it. Thank you both.
Getting Started
Installation is unchanged and still a one-liner:
The project is open source and available on GitHub at https://github.com/svnscha/mcp-windbg. If you find it useful, a star on the repository is always appreciated.
A Year and a Month In
It is hard to believe, but mcp-windbg is now a year and a month old. When I first wrote about it in May 2025, it was a weekend experiment to scratch my own itch: I was tired of typing the same WinDbg commands over and over, and I wanted to see whether a model could drive the debugger for me. I genuinely did not expect it to go anywhere.
It went somewhere. The repository now sits at 1.4k stars, the original article reached tens of thousands of readers in its first days, and the project has shown up in conversations, talks, and threads far beyond anything I planned. People have used it to triage real production crashes, wired it into team workflows, and sent screenshots of it cracking bugs that had been open for weeks. Every one of those still makes my day.
What has meant the most, though, is not the numbers. It is the people. Contributors who saw a gap and just fixed it. Folks who filed thoughtful issues, asked sharp questions, or pushed back when something did not work the way they needed. The many of you who reached out directly, by email, on LinkedIn, in DMs, to say the tool saved you an afternoon, or to suggest where it should go next. A project like this is only as good as the community around it, and this one has been generous well beyond what I could have hoped for.
So this is mostly a thank-you note. Thank you for the stars, the pull requests, the issues, the messages, and for trusting a small open-source tool with your hardest crashes. You are the reason it keeps getting better, and the reason I keep shipping.
Here is to the next year.
If mcp-windbg has helped you, I would love to hear about it. Reach out, open an issue, or just star the repository. Thank you all.