harishsg993010/damn-vulnerable-MCP-server

MCPcommunity
harishsg993010UnknownUpdated 6mo agoGitHub

Damn Vulnerable MCP Server

A deliberately vulnerable implementation of the Model Context Protocol (MCP) for educational purposes. The Damn Vulnerable Model Context Protocol (DVMCP) is an educational project designed to demonstrate security vulnerabilities in MCP implementations. It contains 10 challenges of increasing difficulty that showcase different types of vulnerabilities and attack vectors. This project is intended…

Automatically indexed from public sources. Not yet verified by the developer on Forge.Claim this listing →
1kGitHub stars
157Forks
6mo agoLast update
Package
Authorharishsg993010
LicenseUnknown
Sourcegithub
Trust Status
B
60/100Good
Listed in Forge index+10/10
Publisher identity verified+0/25
Publisher: run `forge publish` from the package repo to claim ownership
Ed25519 publish signature+0/10
Included automatically when the publisher runs `forge publish`
Domain verification+0/5
Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
CVE scan · not run+0/30
Not yet scanned — package must be on npm
Static analysis · clean+20/20
npm provenance (Sigstore)+0/5
Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain
Provenance
DependenciesNot audited
Tool surface
Security scan✓ CleanvHEAD · 19d ago
EvalsNone
IndexedMay 24, 2026

Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.

About

A deliberately vulnerable implementation of the Model Context Protocol (MCP) for educational purposes. The Damn Vulnerable Model Context Protocol (DVMCP) is an educational project designed to demonstrate security vulnerabilities in MCP implementations. It contains 10 challenges of increasing difficulty that showcase different types of vulnerabilities and attack vectors. This project is intended for security researchers, developers, and AI safety professionals to learn about potential security…