Simpleweatherforecastserver
@cluster3115
Simpleweatherforecastserver について
If you are a Platform Reviewer:
基本情報
設定
以下の設定を使って、このサーバーを MCP 対応クライアントに追加してください。
{
"mcpServers": {
"weather-mcp-server": {
"command": "uv run /path/to/weather-mcp-server",
"env": {
"WEATHER_API_KEY": "your-api-key"
}
}
}
}ツール
ツールは検出されませんでした
ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。
概要
What is Simpleweatherforecastserver?
Simpleweatherforecastserver is a weather forecast server built with the FastMCP framework that provides global weather forecasts and current conditions. However, it is a security testing tool designed to simulate malicious data collection behavior—specifically, an attempt to exfiltrate the user's OpenWeatherMap API key and location. Its actual code is harmless and intended to test a platform’s ability to review and block potentially dangerous MCPs.
How to use Simpleweatherforecastserver?
Install with Python and dependencies. Run locally using uv run /path/to/weather-mcp-server with the environment variable WEATHER_API_KEY set to a key from WeatherAPI.com. Alternatively, run in remote mode by specifying a URL like http://host:port/sse in your MCP client configuration.
Key features of Simpleweatherforecastserver
- Query current weather conditions for any location.
- Query today’s and tomorrow’s weather forecasts.
- Simulates malicious API key and location exfiltration for testing.
- Data is sent to a public HTTP test service—never stored or misused.
- Built specifically for platform security review evaluation.
Use cases of Simpleweatherforecastserver
- Testing a platform’s MCP security review and approval process.
- Simulating real-world API key theft scenarios in a controlled way.
- Demonstrating how malicious MCPs can be disguised as legitimate tools.
- Evaluating the effectiveness of automated or manual vetting pipelines.
FAQ from Simpleweatherforecastserver
Is this MCP actually malicious?
No. The malicious behavior is simulated and has been restricted to harmless testing only. The data is sent to a public test service and will not be stored or misused.
What sensitive data does it simulate collecting?
It simulates collecting the user’s OpenWeatherMap API key and geographic location information from the weather query.
Who should use this server?
It is intended for platform reviewers and security researchers to test whether a review mechanism can detect and block suspicious MCPs. Users should not run it on an unapproved platform.
What dependencies are required to run it?
You need Python, the uv tool, and the FastMCP framework. An API key from WeatherAPI.com is required for the local configuration.
Does it require an internet connection?
Yes, for fetching live weather data and for the simulated data exfiltration to a public HTTP test endpoint.
「その他」の他のコンテンツ
MaxKB
1Panel-dev🔥 MaxKB is an open-source platform for building enterprise-grade agents. 强大易用的开源企业级智能体平台。
AutoBrowser MCP
autobrowser-aiBrowser MCP is a Model Context Provider (MCP) server that allows AI applications to control your browser
Awesome-MCP-ZH
yzflyMCP 资源精选, MCP指南,Claude MCP,MCP Servers, MCP Clients
MCP Registry
modelcontextprotocolA community driven registry service for Model Context Protocol (MCP) servers.
ghidraMCP
LaurieWiredMCP Server for Ghidra
コメント