Insecure MCP Demo
Overview
what is Insecure MCP Demo?
Insecure MCP Demo is a project that showcases a vulnerable MCP server along with multiple clients, including a proof-of-concept attack client and a good client, designed for educational purposes to highlight potential security vulnerabilities in MCP servers.
how to use Insecure MCP Demo?
To use the Insecure MCP Demo, install the required dependencies, start the vulnerable server and the good client in one terminal, and run the attack client in another terminal to demonstrate exploitation of the server's vulnerabilities.
key features of Insecure MCP Demo?
- Demonstrates SQL injection vulnerabilities.
- Shows arbitrary code execution through SQL commands.
- Exposes sensitive environment variables.
- Provides a good client for normal interactions with the server.
use cases of Insecure MCP Demo?
- Educational demonstrations of security vulnerabilities in MCP servers.
- Testing and improving security measures in software development.
- Training for security professionals on identifying and mitigating vulnerabilities.
FAQ from Insecure MCP Demo?
- Is this project safe to use in production?
No! This project is for educational and demonstration purposes only and should not be deployed in production environments.
- What programming language is used in this project?
The project is implemented in Python.
- How can I contribute to this project?
You can contribute by opening issues or suggesting improvements on the project's GitHub page.
Recommend Servers
TraeBuild with Free GPT-4.1 & Claude 3.7. Fully MCP-Ready.
Playwright McpPlaywright MCP server
Amap Maps高德地图官方 MCP Server
DeepChatYour AI Partner on Desktop
Howtocook Mcp基于Anduin2017 / HowToCook (程序员在家做饭指南)的mcp server,帮你推荐菜谱、规划膳食,解决“今天吃什么“的世纪难题;
Based on Anduin2017/HowToCook (Programmer's Guide to Cooking at Home), MCP Server helps you recommend recipes, plan meals, and solve the century old problem of "what to eat today"
MCP AdvisorMCP Advisor & Installation - Use the right MCP server for your needs
Baidu Map百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Serper MCP ServerA Serper MCP Server
WindsurfThe new purpose-built IDE to harness magic
Jina AI MCP ToolsA Model Context Protocol (MCP) server that integrates with Jina AI Search Foundation APIs.
MiniMax MCPOfficial MiniMax Model Context Protocol (MCP) server that enables interaction with powerful Text to Speech, image generation and video generation APIs.
Zhipu Web SearchZhipu Web Search MCP Server is a search engine specifically designed for large models. It integrates four search engines, allowing users to flexibly compare and switch between them. Building upon the web crawling and ranking capabilities of traditional search engines, it enhances intent recognition capabilities, returning results more suitable for large model processing (such as webpage titles, URLs, summaries, site names, site icons, etc.). This helps AI applications achieve "dynamic knowledge acquisition" and "precise scenario adaptation" capabilities.
Tavily Mcp
BlenderBlenderMCP connects Blender to Claude AI through the Model Context Protocol (MCP), allowing Claude to directly interact with and control Blender. This integration enables prompt assisted 3D modeling, scene creation, and manipulation.
Visual Studio Code - Open Source ("Code - OSS")Visual Studio Code
ChatWiseThe second fastest AI chatbot™
AiimagemultistyleA Model Context Protocol (MCP) server for image generation and manipulation using fal.ai's Stable Diffusion model.
Context7Context7 MCP Server -- Up-to-date code documentation for LLMs and AI code editors
TimeA Model Context Protocol server that provides time and timezone conversion capabilities. This server enables LLMs to get current time information and perform timezone conversions using IANA timezone names, with automatic system timezone detection.
EdgeOne Pages MCPAn MCP service designed for deploying HTML content to EdgeOne Pages and obtaining an accessible public URL.
CursorThe AI Code Editor