Insecure MCP Demo
Overview
what is Insecure MCP Demo?
Insecure MCP Demo is a project that showcases a vulnerable MCP server along with multiple clients, including a proof-of-concept attack client and a good client, designed for educational purposes to highlight potential security vulnerabilities in MCP servers.
how to use Insecure MCP Demo?
To use the Insecure MCP Demo, install the required dependencies, start the vulnerable server and the good client in one terminal, and run the attack client in another terminal to demonstrate exploitation of the server's vulnerabilities.
key features of Insecure MCP Demo?
- Demonstrates SQL injection vulnerabilities.
- Shows arbitrary code execution through SQL commands.
- Exposes sensitive environment variables.
- Provides a good client for normal interactions with the server.
use cases of Insecure MCP Demo?
- Educational demonstrations of security vulnerabilities in MCP servers.
- Testing and improving security measures in software development.
- Training for security professionals on identifying and mitigating vulnerabilities.
FAQ from Insecure MCP Demo?
- Is this project safe to use in production?
No! This project is for educational and demonstration purposes only and should not be deployed in production environments.
- What programming language is used in this project?
The project is implemented in Python.
- How can I contribute to this project?
You can contribute by opening issues or suggesting improvements on the project's GitHub page.
Recommend Servers
TraeBuild with Free GPT-4.1 & Claude 3.7. Fully MCP-Ready.
DeepChatYour AI Partner on Desktop
Zhipu Web SearchZhipu Web Search MCP Server is a search engine specifically designed for large models. It integrates four search engines, allowing users to flexibly compare and switch between them. Building upon the web crawling and ranking capabilities of traditional search engines, it enhances intent recognition capabilities, returning results more suitable for large model processing (such as webpage titles, URLs, summaries, site names, site icons, etc.). This helps AI applications achieve "dynamic knowledge acquisition" and "precise scenario adaptation" capabilities.
BlenderBlenderMCP connects Blender to Claude AI through the Model Context Protocol (MCP), allowing Claude to directly interact with and control Blender. This integration enables prompt assisted 3D modeling, scene creation, and manipulation.
CursorThe AI Code Editor
MiniMax MCPOfficial MiniMax Model Context Protocol (MCP) server that enables interaction with powerful Text to Speech, image generation and video generation APIs.
Serper MCP ServerA Serper MCP Server
Howtocook Mcp基于Anduin2017 / HowToCook (程序员在家做饭指南)的mcp server,帮你推荐菜谱、规划膳食,解决“今天吃什么“的世纪难题;
Based on Anduin2017/HowToCook (Programmer's Guide to Cooking at Home), MCP Server helps you recommend recipes, plan meals, and solve the century old problem of "what to eat today"
Tavily Mcp
Jina AI MCP ToolsA Model Context Protocol (MCP) server that integrates with Jina AI Search Foundation APIs.
Visual Studio Code - Open Source ("Code - OSS")Visual Studio Code
WindsurfThe new purpose-built IDE to harness magic
MCP AdvisorMCP Advisor & Installation - Use the right MCP server for your needs
AiimagemultistyleA Model Context Protocol (MCP) server for image generation and manipulation using fal.ai's Stable Diffusion model.
Baidu Map百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
Y GuiA web-based graphical interface for AI chat interactions with support for multiple AI models and MCP (Model Context Protocol) servers.
EdgeOne Pages MCPAn MCP service designed for deploying HTML content to EdgeOne Pages and obtaining an accessible public URL.
ChatWiseThe second fastest AI chatbot™
Amap Maps高德地图官方 MCP Server
RedisA Model Context Protocol server that provides access to Redis databases. This server enables LLMs to interact with Redis key-value stores through a set of standardized tools.
Playwright McpPlaywright MCP server