Enables support for the creator through Buy Me a Coffee, allowing users to financially contribute to the project developer (pfelilpe) via a direct link in the documentation.
Integrates with Python for running the MCP server, which provides a mathematical addition service that can add two or more numbers when queried through Copilot.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Damn Vulnerable MCP Server Demoadd 5 and 7"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Damn Vulnerable MCP Server Demo
A simplier implementation of a Damn Vulnerable MCP Server that adds two or more numbers
Overview
The MCP Server Demo is a demonstration of excessive agency that could lead to Remote Code Execution (RCE) if the MCP were running on an external server. π‘οΈ
Related MCP server: Vulnerable MCP Server
Features
π Basic MCP server implementation.
π Demonstrates server functionality with
server.py.
Warning
β οΈ This project is a vulnerable MCP server designed to demonstrate how poor implementation practices can lead to security issues. It is intended for educational purposes only.
β Do not use this project in production environments.
Prerequisites
π Python 3.10 or higher.
π‘ A virtual environment is recommended for managing dependencies.
Installation
π₯ Clone the repository:
git clone <repository-url> cd DVMCPπ¦ Install dependencies:
pip install -r requirements.txt
Usage
βΆοΈ Link the MCP Server with Copilot:
vscode://settings/mcpAdd the server configuration to the
settings.jsonfile in VS Code:"servers": { "DVMCP": { "command": "uv", "args": [ "run", "--with", "mcp[cli]", "mcp", "run", "/Users/pfelilpe/Documents/DVMCP/server.py" ], "env": {} } }Click on Start Server.
Interact with Copilot in Agent mode, for example:
1+1 with additionExperiment with code injection to explore potential OS Injection vulnerabilities... π΅οΈββοΈ
You can find a safer implementation of this simpler MCP at
/safe/server.py. π
Adding MCP to Your Python Project
We recommend using uv to manage your Python projects. π οΈ
If you haven't created a uv-managed project yet, initialize one:
uv init mcp-server-demo
cd mcp-server-demoThen add MCP to your project dependencies:
uv add "mcp[cli]"Alternatively, for projects using pip for dependencies:
pip install "mcp[cli]"Running the Standalone MCP Development Tools
To run the mcp command with uv:
uv run mcpProject Structure
server.py: π₯οΈ Main server implementation.pyproject.toml: π Project configuration file.README.md: π Documentation for the project.uv.lock: π Lock file for dependencies.__pycache__/: ποΈ Contains compiled Python files.
Contributing
π€ Contributions are welcome! Please fork the repository and submit a pull request with your changes.
License
π This project is licensed under the terms of the LICENSE file in the root directory.
Created by pfelilpe
Buy Me a Coffee
If you found this project helpful or interesting, consider buying me a coffee to support my work: βοΈ
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.