Skip to main content
Glama

IMCP - Insecure Model Context Protocol

by nav33n25
GitHub
Python
MIT License
1
OverviewInspectNewSchemaRelated ServersReviewsScore
Need Help?View Source CodeReport Issue

IMCP - Insecure Model Context Protocol

An educational framework for understanding AI security vulnerabilities

⚠️ Educational Purposes Only

IMCP (Insecure Model Context Protocol) is a deliberately vulnerable application designed exclusively for educational and research purposes. It demonstrates critical AI security vulnerabilities. DO NOT deploy in production environments or use with sensitive data.

🔍 Overview

IMCP is an educational framework that exposes 16 critical security vulnerabilities in AI/ML model serving systems. It serves as a controlled, "vulnerable by design" platform for security researchers, developers, and educators to learn about and mitigate emerging AI threats.

Think of IMCP as the “DVWA for AI” — a safe environment where you can explore:

  • Model Poisoning
  • Prompt Injection
  • Embedding Vector Exploits
  • RAG System Weaknesses
  • And many more…

🛡️ Vulnerabilities Demonstrated

Core AI Manipulation

  • Model Poisoning: Malicious training data injection.
  • Token Prediction Attacks: Exploiting token probability for sensitive data extraction.
  • Multimodal Vulnerabilities: Cross-modal prompt leakage and metadata manipulation.
  • Credential Vulnerabilities: Insecure authentication mechanisms in AI systems.

Information Disclosure

  • Embedding Vector Attacks: Poisoning vector stores for unauthorized access.
  • RAG Vulnerabilities: Exploiting document stores for cross-user data leakage.
  • User Data Leakage: Unintended exposure of conversation histories.
  • Model Capability Enumeration: Over-disclosure of internal model details.

Control Manipulation

  • Context Manipulation: Unrestricted modifications to model contexts and system prompts.
  • Prompt Injection: Techniques to bypass AI safety filters.
  • Model Access Control Bypass: Elevation of privileges to access restricted functionalities.
  • Model Chain Attacks: Exploiting chained model interactions.

📜 Test Suite

The test suite in test_vulnerabilities.py demonstrates each vulnerability with detailed explanations and examples. It includes:

  • Model Poisoning: Injecting malicious data into model responses.
  • Token Prediction: Extracting sensitive information character by character.
  • Embedding Vector Attacks: Unauthorized access to sensitive embeddings.
  • Context Manipulation: Modifying system prompts and configurations.
  • Function Calling Vulnerabilities: Registering functions for remote code execution.
  • RAG Vulnerabilities: Cross-user document access and manipulation.

📜 API Endpoints

  • /imcp: Main JSON-RPC endpoint for IMCP functionality.
  • /v1/chat/completions: OpenAI API-compatible endpoint.
  • /v1/models: List available models.
  • /v1/embeddings: Generate embeddings.
  • /v1/auth/token: Authentication endpoint.
  • /.well-known/imcp-configuration: Service discovery endpoint.

🚀 Getting Started

Prerequisites

  • Python 3.8+
  • OpenAI API Key (required for live examples)

Installation

Clone the repository and set up your environment:

# Clone the repository git clone https://github.com/nav33n25/IMCP.git cd imcp # Create a virtual environment python -m venv venv source venv/bin/activate # For Windows: venv\Scripts\activate # Install dependencies pip install -r requirements.txt # Configure the environment cp .env.example .env # Edit .env to include your OpenAI API key

Running IMCP

Start the server and run the test suite:

# Start the IMCP server python -m flask run --host=0.0.0.0 --port=5000 # In another terminal, run the test suite python test_vulnerabilities.py

📚 Documentation

All the comprehensive guides are located in the documentation/ directory:

  • Vulnerability Guide: Detailed explanations of each vulnerability.
  • Exploitation Guide: Step-by-step instructions to reproduce each vulnerability.
  • Mitigation Guide: Strategies and best practices to secure AI systems.

🌟 Key Features

  • Realistic AI Service Implementation
  • 16 Unique AI-Specific Security Vulnerabilities
  • Comprehensive Test Suite for Demonstrations
  • Detailed Documentation for In-Depth Learning
  • Compatibility with Modern LLM APIs (e.g., OpenAI)
  • Mock Mode for Cost-Free Testing

🤝 Contributing

We welcome contributions from the community! Areas where you can help include:

  • Additional Vulnerability Demonstrations: New scenarios or enhancements.
  • Improved Documentation: Detailed educational materials and guides.
  • Integration: Support for other LLM providers.
  • UI Enhancements: Better visualizations and user experience improvements.

Please check out our CONTRIBUTING.md for more details on how to get started.

📜 License

This project is licensed under the MIT License. See the LICENSE file for details.

⚠️ Disclaimer

IMCP is intentionally vulnerable software for educational purposes only. The creators are not liable for any misuse or damage caused by the use of this software.

This server cannot be installed

-
security - not tested
-
license - not tested
-
quality - not tested

How are these scores calculated?

hybrid server

The server is able to function both locally and remotely, depending on the configuration or use case.

IMCP - Insecure Model Context Protocol The DVWA for AI Security! Welcome to IMCP – a deliberately vulnerable framework that exposes 16 critical security weaknesses in AI/ML systems. Whether you're a security researcher, developer, or educator, IMCP is your playground for hands-on learning about real

  1. ⚠️ Educational Purposes Only
    1. 🔍 Overview
      1. 🛡️ Vulnerabilities Demonstrated
        1. Core AI Manipulation
        2. Information Disclosure
        3. Control Manipulation
      2. 📜 Test Suite
        1. 📜 API Endpoints
          1. 🚀 Getting Started
            1. Prerequisites
            2. Installation
            3. Running IMCP
          2. 📚 Documentation
            1. 🌟 Key Features
              1. 🤝 Contributing
                1. 📜 License
                  1. ⚠️ Disclaimer

                    Related MCP Servers

                    • Illumio MCP Server

                      alexgoller
                      A
                      security
                      F
                      license
                      A
                      quality
                      A Model Context Protocol server that enables conversational AI interaction with Illumio PCE for security policy management, workload operations, traffic flow analysis, and compliance assessment.
                      Last updated -
                      23
                      1
                      Python
                      • Apple

                    • Flow MCP Server

                      lmcmz
                      -
                      security
                      F
                      license
                      -
                      quality
                      A Model Context Protocol server that enables AI assistants to access Flow blockchain data and perform operations such as checking balances, resolving domains, executing scripts, and submitting transactions.
                      Last updated -
                      JavaScript
                      • Linux
                      • Apple

                    • Container-MCP

                      54rt1n
                      -
                      security
                      A
                      license
                      -
                      quality
                      A secure, container-based implementation of the Model Context Protocol (MCP) that provides sandboxed environments for AI systems to safely execute code, run commands, access files, and perform web operations.
                      Last updated -
                      9
                      Python
                      Apache 2.0
                      • Linux

                    • IMAP MCP Server

                      non-dirty
                      -
                      security
                      F
                      license
                      -
                      quality
                      A Model Context Protocol server that enables AI assistants to access and manage email through IMAP, supporting browsing, searching, reading, and organizing emails while learning user preferences over time.
                      Last updated -
                      2
                      Python
                      • Linux
                      • Apple

                    View all related MCP servers

                    Appeared in Searches

                    New MCP Servers

                    MCP directory API

                    We provide all the information about MCP servers via our MCP API.

                    curl -X GET 'https://glama.ai/api/mcp/v1/servers/nav33n25/IMCP'

                    If you have feedback or need assistance with the MCP directory API, please join our Discord server