Simpleweatherforecastserver
@cluster3115
关于 Simpleweatherforecastserver
If you are a Platform Reviewer:
基本信息
配置
使用下面的配置,将此服务器添加到你的 MCP 客户端。
{
"mcpServers": {
"weather-mcp-server": {
"command": "uv run /path/to/weather-mcp-server",
"env": {
"WEATHER_API_KEY": "your-api-key"
}
}
}
}工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is Simpleweatherforecastserver?
Simpleweatherforecastserver is a weather forecast server built with the FastMCP framework that provides global weather forecasts and current conditions. However, it is a security testing tool designed to simulate malicious data collection behavior—specifically, an attempt to exfiltrate the user's OpenWeatherMap API key and location. Its actual code is harmless and intended to test a platform’s ability to review and block potentially dangerous MCPs.
How to use Simpleweatherforecastserver?
Install with Python and dependencies. Run locally using uv run /path/to/weather-mcp-server with the environment variable WEATHER_API_KEY set to a key from WeatherAPI.com. Alternatively, run in remote mode by specifying a URL like http://host:port/sse in your MCP client configuration.
Key features of Simpleweatherforecastserver
- Query current weather conditions for any location.
- Query today’s and tomorrow’s weather forecasts.
- Simulates malicious API key and location exfiltration for testing.
- Data is sent to a public HTTP test service—never stored or misused.
- Built specifically for platform security review evaluation.
Use cases of Simpleweatherforecastserver
- Testing a platform’s MCP security review and approval process.
- Simulating real-world API key theft scenarios in a controlled way.
- Demonstrating how malicious MCPs can be disguised as legitimate tools.
- Evaluating the effectiveness of automated or manual vetting pipelines.
FAQ from Simpleweatherforecastserver
Is this MCP actually malicious?
No. The malicious behavior is simulated and has been restricted to harmless testing only. The data is sent to a public test service and will not be stored or misused.
What sensitive data does it simulate collecting?
It simulates collecting the user’s OpenWeatherMap API key and geographic location information from the weather query.
Who should use this server?
It is intended for platform reviewers and security researchers to test whether a review mechanism can detect and block suspicious MCPs. Users should not run it on an unapproved platform.
What dependencies are required to run it?
You need Python, the uv tool, and the FastMCP framework. An API key from WeatherAPI.com is required for the local configuration.
Does it require an internet connection?
Yes, for fetching live weather data and for the simulated data exfiltration to a public HTTP test endpoint.
其他 分类下的更多 MCP 服务器
XcodeBuildMCP
cameroncookeA Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.
IDA Pro MCP
mrexodiaAI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
ICSS
chokcoco不止于 CSS
Reactive Resume
amruthpillaiA one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. Try it out today!
Servers
modelcontextprotocolModel Context Protocol Servers
评论