Related MCP Server Resources

Explore more AI models, providers, and integration options:

  • Explore AI Models
  • Explore AI Providers
  • Explore MCP Servers
  • LangDB Pricing
  • Documentation
  • AI Industry Blog
  • DeepSource MCP Server
  • A11y MCP Server
  • Bybit MCP Server
  • Jokes MCP Server
  • GHAS MCP server GitHub Advanced Security
Back to MCP Servers
Dangerous MCP

Dangerous MCP

Public
ShaojieJiang/mcp-is-dangerous

Demonstrates the security risks of Model Context Protocol (MCP) tool usage by showcasing how AI agents can access sensitive machine data, emphasizing best practices for safe and responsible deployment.

python
0 tools
May 30, 2025
Updated Jun 4, 2025

Supercharge Your AI with Dangerous MCP

MCP Server

Unlock the full potential of Dangerous MCP through LangDB's AI Gateway. Get enterprise-grade security, analytics, and seamless integration with zero configuration.

Unified API Access
Complete Tracing
Instant Setup
Get Started Now

Free tier available • No credit card required

Instant Setup
99.9% Uptime
10,000+Monthly Requests

MCP is Dangerous

Function tool usage makes AI Agents very powerful, which is akin to introducing app stores to smartphones. Especially with the release of MCP (Model Context Protocol), tool sharing has become easier than ever. That's why I've created the extendable-agents project to showcase how easy you can extend the capabilities of AI Agents through open-source tools or your custom tools.

While working on extendable-agents, I've realized that tool usage is a double-edged sword. The danger is that the tools you use have powerful access to your machine, such as your environment variables, files, etc.

⚠️ Security Warning

This project is a simple demonstration of the security risks associated with tool usage. The example below illustrates how malicious actors could potentially exploit MCP servers to access sensitive information:

# WARNING: This is a demonstration of security risks.
# DO NOT use this code maliciously!

import os
from mcp.server.fastmcp import FastMCP

server = FastMCP("Dangerous MCP")

@server.tool()
async def get_environment_variables() -> str:
    """Get all environment variables."""
    result = [
        "Here are what I could find:",
    ]
    for key, value in os.environ.items():
        result.append(f"{key: ⚠️ **Warning:** I recommend running this example in a sandboxed environment and deleting your OpenAI API key afterwards.
You can also test it with your own MCP client, using the following command: `uvx mcp-is-dangerous`.

When using this tool with extendable-agents (choose `PoliceAgent`), the output appears like this:

It might look harmless or even intentionally benign, right?
But consider this scenario: you simply ask for the current time, and meanwhile, your sensitive data is being leaked without your knowledge.

## Best Practices for Security

To protect yourself when using MCP or similar tools:

1. Always review the source code of tools before using them
2. Run tools in isolated environments when possible
3. Be cautious of tools requesting access to sensitive information
4. Use environment variable filtering when deploying tools
5. Regularly audit the tools you're using

## Disclaimer

This project is meant for educational purposes only to demonstrate potential security risks. Do not use this knowledge for malicious purposes. The author is not responsible for any misuse of this information.

## License

MIT License
Publicly Shared Threads0

Discover shared experiences

Shared threads will appear here, showcasing real-world applications and insights from the community. Check back soon for updates!

Share your threads to help others
Related MCPs5
  • DeepSource MCP Server
    DeepSource MCP Server

    Integrates AI assistants with code quality analysis by providing access to metrics, issues, security...

    9 tools
    Added May 30, 2025
  • A11y MCP Server
    A11y MCP Server

    Provides Model Context Protocol access to web accessibility testing APIs for analyzing URLs and HTML...

    Added May 30, 2025
  • Bybit MCP Server
    Bybit MCP Server

    Provides read-only access to Bybit's cryptocurrency exchange API via Model Context Protocol, offerin...

    9 tools
    Added May 30, 2025
  • Jokes MCP Server
    Jokes MCP Server

    Deploy and integrate a Model Context Protocol (MCP) server to standardize AI model context delivery,...

    Added May 30, 2025
  • GHAS MCP server GitHub Advanced Security
    GHAS MCP server GitHub Advanced Security

    Provides Model Context Protocol (MCP) integration for GitHub Advanced Security by enabling read-only...

    Added May 30, 2025