Enables support for the creator through Buy Me a Coffee, allowing users to financially contribute to the project developer (pfelilpe) via a direct link in the documentation.
Integrates with Python for running the MCP server, which provides a mathematical addition service that can add two or more numbers when queried through Copilot.
Damn Vulnerable MCP Server Demo
A simplier implementation of a Damn Vulnerable MCP Server that adds two or more numbers
Overview
The MCP Server Demo is a demonstration of excessive agency that could lead to Remote Code Execution (RCE) if the MCP were running on an external server. š”ļø
Related MCP server: Vulnerable MCP Server
Features
š Basic MCP server implementation.
š Demonstrates server functionality with
server.py.
Warning
ā ļø This project is a vulnerable MCP server designed to demonstrate how poor implementation practices can lead to security issues. It is intended for educational purposes only.
ā Do not use this project in production environments.
Prerequisites
š Python 3.10 or higher.
š” A virtual environment is recommended for managing dependencies.
Installation
š„ Clone the repository:
git clone <repository-url> cd DVMCPš¦ Install dependencies:
pip install -r requirements.txt
Usage
ā¶ļø Link the MCP Server with Copilot:
vscode://settings/mcpAdd the server configuration to the
settings.jsonfile in VS Code:"servers": { "DVMCP": { "command": "uv", "args": [ "run", "--with", "mcp[cli]", "mcp", "run", "/Users/pfelilpe/Documents/DVMCP/server.py" ], "env": {} } }Click on Start Server.
Interact with Copilot in Agent mode, for example:
1+1 with additionExperiment with code injection to explore potential OS Injection vulnerabilities... šµļøāāļø
You can find a safer implementation of this simpler MCP at
/safe/server.py. š
Adding MCP to Your Python Project
We recommend using uv to manage your Python projects. š ļø
If you haven't created a uv-managed project yet, initialize one:
Then add MCP to your project dependencies:
Alternatively, for projects using pip for dependencies:
Running the Standalone MCP Development Tools
To run the mcp command with uv:
Project Structure
server.py: š„ļø Main server implementation.pyproject.toml: š Project configuration file.README.md: š Documentation for the project.uv.lock: š Lock file for dependencies.__pycache__/: šļø Contains compiled Python files.
Contributing
š¤ Contributions are welcome! Please fork the repository and submit a pull request with your changes.
License
š This project is licensed under the terms of the LICENSE file in the root directory.
Created by pfelilpe
Buy Me a Coffee
If you found this project helpful or interesting, consider buying me a coffee to support my work: āļø
