MCP.so
Sign In

Insecure MCP Demo

@MCP-Mirror

About Insecure MCP Demo

Mirror of

Basic information

Category

Other

Runtime

python

Transports

stdio

Publisher

MCP-Mirror

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "kenhuangus_mcp-vulnerable-server-demo": {
      "command": "python",
      "args": [
        "good-mcp-client.py",
        "vuln-mcp.py"
      ]
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Insecure MCP Demo?

This project demonstrates a vulnerable MCP server and multiple clients, including a proof-of-concept attack client and also a good client. It is designed for educational purposes to showcase potential security vulnerabilities in an MCP server.

How to use Insecure MCP Demo?

Install dependencies with pip install -r requirements.txt. Start the server and good client by running python good-mcp-client.py vuln-mcp.py. To run the automated attack client, use python attack-mcp-client.py vuln-mcp.py in a separate terminal.

Key features of Insecure MCP Demo

  • Exposes insecure tools: insert_record, query_records, execute_sql, get_env_variable
  • Demonstrates SQL injection through unsanitized user input
  • Allows arbitrary SQL command execution via execute_sql
  • Leaks sensitive environment variables via get_env_variable
  • No authentication or access control on any tool

Use cases of Insecure MCP Demo

  • Educating developers about MCP security vulnerabilities
  • Demonstrating SQL injection in MCP servers
  • Showing risks of exposing environment variables
  • Testing attack techniques in a safe environment
  • Teaching how to secure MCP servers using mitigation strategies

FAQ from Insecure MCP Demo

What vulnerabilities does the Insecure MCP Demo demonstrate?

It demonstrates SQL injection, arbitrary SQL execution, sensitive data exposure, and lack of access control.

How do I run the attack client?

Run python attack-mcp-client.py vuln-mcp.py in a separate terminal to automatically attempt exploitation.

Can the Insecure MCP Demo be deployed in production?

No, this project is for educational and demonstration purposes only and must not be deployed in production.

How can I mitigate the vulnerabilities shown?

Mitigation strategies include using parameterized queries, restricting dangerous tools, implementing authentication, validating input, limiting environment variable access, auditing usage, and applying least privilege.

Comments

More Other MCP servers