Skip to content

vineethsai/vulnerablemcp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

74 Commits
assets
assets
 
 
node_modules
node_modules
 
 
.gitignore
.gitignore
 
 
CNAME
CNAME
 
 
Initialization-and-Discovery-Phase.png
Initialization-and-Discovery-Phase.png
 
 
OAuth-Enhanced-Rug-Pull-Defense.png
OAuth-Enhanced-Rug-Pull-Defense.png
 
 
OAuth-Enhanced-Tool-Poisoning-Defense.png
OAuth-Enhanced-Tool-Poisoning-Defense.png
 
 
README.md
README.md
 
 
REPOSITORY-STRUCTURE.md
REPOSITORY-STRUCTURE.md
 
 
Tool-Invocation-and-Usage-Phase.png
Tool-Invocation-and-Usage-Phase.png
 
 
UPDATE-GUIDE.md
UPDATE-GUIDE.md
 
 
about.html
about.html
 
 
etdi-security.html
etdi-security.html
 
 
favicon.ico
favicon.ico
 
 
favicon.svg
favicon.svg
 
 
high-level-arch.png
high-level-arch.png
 
 
index.html
index.html
 
 
oauth2-integ.png
oauth2-integ.png
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
preventing-rug-pull.png
preventing-rug-pull.png
 
 
preventing-tool-poisoning.png
preventing-tool-poisoning.png
 
 
rebuild_and_deploy.sh
rebuild_and_deploy.sh
 
 
rug-pull.png
rug-pull.png
 
 
security.html
security.html
 
 
server.js
server.js
 
 
tool-poisoning.png
tool-poisoning.png
 
 
update-stable.js
update-stable.js
 
 
vulnerabilities.md
vulnerabilities.md
 
 

Repository files navigation

The Vulnerable MCP Project

This project tracks known vulnerabilities within Model Context Protocol (MCP) servers. The website is designed to be easily updated by modifying a markdown file instead of directly editing HTML.

How to Update the Website

  1. Edit the vulnerabilities.md file to add, modify, or remove vulnerability information
  2. Run npm run update to regenerate the website (now uses stable UI-preserving script)
  3. The index.html file will be automatically updated with your changes while preserving the stable design

📖 For detailed instructions, see UPDATE-GUIDE.md

Markdown Format

Each vulnerability in the vulnerabilities.md file should follow this format:

## Vulnerability Title

**Severity:** High/Medium/Low  
**Category:** Security/Limitations/Implementation  
**Reported By:** Organization or Person Name  
**Date:** Month Day, Year  
**Tags:** Tag1, Tag2, Tag3  
**URL:** https://example.com/vulnerability-details

Description of the vulnerability goes here. This can be multiple paragraphs.

---

The separator --- is used to indicate the end of a vulnerability entry.

Setup

# Install dependencies
npm install

# Update the website
npm run update

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

34 stars

Watchers

2 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages