vuln-mcp-server

by pruthuraut · security · mcp-server, glama

A vulnerable-by-design MCP server pair (NotesServer and VaultServer) for testing MCP security tools, featuring confused-deputy, prompt injection, and authorization bypass scenarios.

Source: https://github.com/pruthuraut/vuln-mcp-server

Install

git clone https://github.com/pruthuraut/vuln-mcp-server

Tags: mcp-server, glama

Source: glama

About security MCP servers and Claude skills

Security MCP servers let agents scan dependencies, audit logs, check for vulnerabilities, and enforce policy guardrails. Critical for any agent that touches production.

vuln-mcp-server is one of hundreds of security entries indexed on Skiln. Browse the full security category or the complete directory of Claude skills, MCP servers, agents, commands, and hooks.

Related security MCPs and skills

  • creative-subagent-runner-mcp by leonluo2008-ops

    A universal MCP server that runs creative sub-agents (chapter writer, auditor, reviser) by calling GPT/Gemini APIs via juxinapi, enabling structured writing and auditing workflows.

  • cyberrescue by Vivekpatil200320

    A locally-hosted MCP (Model Context Protocol) server that gives Claude real tools to debug Docker containers — fetch logs, inspect memory/CPU, and run diagnostic commands inside a container, all from a chat with Claude Desktop.

  • MCP Spring Boot Toolkit by nhuson269

    Provides tools and guides for Spring Boot development including code generation, security audit, and query optimization.

  • CyberMCP by mehmetaksy

    Enables cybersecurity research through Claude by providing tools for CVE lookup, IP geolocation, and file hash checking against VirusTotal.

  • AGI Cognitive MCP Server by SVG-campus

    Provides programmatic access to causal discovery, topological data analysis, Gaussian process belief updating, thermodynamic auditing, and HCHL inference for agents and researchers.

  • aletheia-mcp by xenoroses

    Secure multi-agent runtime validation engine with Docker sandbox execution and real-time supervisor auditing for LLM-generated code.

  • Enterprise SQL & Postgres C# MCP Server by herotech101

    Hardened C# Model Context Protocol (MCP) server for MS SQL Server and PostgreSQL databases featuring read-only transaction safeguards, command security filters, and path traversal protection.

  • safe-code-mcp by marcojourney

    A local MCP server that provides controlled repository access with policy-based file filtering, secret redaction, and audit logging for AI coding agents.

Frequently asked questions

How do I install vuln-mcp-server?

Add the install command above to your Claude Code, Cursor, or Windsurf MCP configuration. Most servers register via npx, a local command, or a Docker image. Refer to the source repository for environment variables and credential requirements.

Which clients support vuln-mcp-server?

Any MCP-compatible client works: Claude Desktop, Claude Code CLI, Cursor, Windsurf, Zed, and VS Code with the official MCP extension. OpenAI Codex and GitHub Copilot increasingly support MCP via adapter bridges.

Is vuln-mcp-server free?

The server itself is typically open source. Any upstream service (API keys, paid tiers, hosted infrastructure) may have its own pricing. Check the source repository for details.