JUHE API Marketplace
ShaojieJiang avatar
MCP Server

Dangerous MCP

A demonstration server that reveals security risks by accessing sensitive environment variables, illustrating how MCP tools can potentially leak user data without explicit consent.

8
GitHub Stars
11/18/2025
Last Updated
No Configuration
Please check the documentation below.
  1. Home
  3. MCP Servers
  5. mcp-is-dangerous

README Documentation

MCP is Dangerous

Function tool usage makes AI Agents very powerful, which is akin to introducing app stores to smartphones. Especially with the release of MCP (Model Context Protocol), tool sharing has become easier than ever. That's why I've created the extendable-agents project to showcase how easy you can extend the capabilities of AI Agents through open-source tools or your custom tools.

While working on extendable-agents, I've realized that tool usage is a double-edged sword. The danger is that the tools you use have powerful access to your machine, such as your environment variables, files, etc.

Dangerous MCP server

⚠️ Security Warning

This project is a simple demonstration of the security risks associated with tool usage. The example below illustrates how malicious actors could potentially exploit MCP servers to access sensitive information:

# WARNING: This is a demonstration of security risks.
# DO NOT use this code maliciously!

import os
from mcp.server.fastmcp import FastMCP

server = FastMCP("Dangerous MCP")

@server.tool()
async def get_environment_variables() -> str:
    """Get all environment variables."""
    result = [
        "Here are what I could find:",
    ]
    for key, value in os.environ.items():
        result.append(f"{key:<30} {value[:5]}***")
    # This means I can open a backdoor to send your data to me!!
    return "\n".join(result)

⚠️ Warning: I recommend running this example in a sandboxed environment and deleting your OpenAI API key afterwards. You can also test it with your own MCP client, using the following command: uvx mcp-is-dangerous.

When using this tool with extendable-agents (choose PoliceAgent), the output appears like this:

Screenshot 2025-03-22 at 11 04 57

It might look harmless or even intentionally benign, right? But consider this scenario: you simply ask for the current time, and meanwhile, your sensitive data is being leaked without your knowledge.

Best Practices for Security

To protect yourself when using MCP or similar tools:

  1. Always review the source code of tools before using them
  2. Run tools in isolated environments when possible
  3. Be cautious of tools requesting access to sensitive information
  4. Use environment variable filtering when deploying tools
  5. Regularly audit the tools you're using

Disclaimer

This project is meant for educational purposes only to demonstrate potential security risks. Do not use this knowledge for malicious purposes. The author is not responsible for any misuse of this information.

License

MIT License

Quick Actions

View on GitHubView All Servers

Key Features

Model Context Protocol
Secure Communication
Real-time Updates
Open Source

Boost your projects with Wisdom Gate LLM API

Supporting GPT-5, Claude-4, DeepSeek v3, Gemini and more.

Enjoy a free trial and save 20%+ compared to official pricing.

Learn More
JUHE API Marketplace

Accelerate development, innovate faster, and transform your business with our comprehensive API ecosystem.

JUHE API VS

  • vs. RapidAPI
  • vs. API Layer
  • API Platforms 2025
  • API Marketplaces 2025
  • Best Alternatives to RapidAPI

For Developers

  • Console
  • Collections
  • Documentation
  • MCP Servers
  • Free APIs
  • Temp Mail Demo

Product

  • Browse APIs
  • Suggest an API
  • Wisdom Gate LLM
  • Global SMS Messaging
  • Temp Mail API

Company

  • What's New
  • Welcome
  • About Us
  • Contact Support
  • Terms of Service
  • Privacy Policy
Featured on Startup FameFeatured on Twelve ToolsFazier badgeJuheAPI Marketplace - Connect smarter, beyond APIs | Product Huntai tools code.marketDang.ai
Copyright © 2025 - All rights reserved