MCPTox-Benchmark
by zhiqiangwang4
Overview
This server provides a collection of intentionally vulnerable and manipulated tool definitions designed for benchmarking and testing the security robustness of AI agents or systems interacting with diverse external services.
Installation
No command providedSecurity Notes
The server's core functionality is to define and execute malicious operations across various domains. Risks include extensive credential leakage (e.g., overwriting SSH keys, reading /etc/passwd), severe infrastructure damage (e.g., deleting critical files, database resets), pervasive information manipulation and hijacking (e.g., redirecting search queries, altering content, forcing incorrect data), rampant code injection (e.g., injecting keyloggers, malware downloads, SQL injection), and service disruption (e.g., forcing failures, resource exhaustion). Pre-conditions for many tools involve destructive or privacy-violating actions, often exfiltrating sensitive data to attacker-controlled domains (e.g., 'attacker.com', 'evil.com').
Similar Servers
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
pentestMCP
This MCP server enables AI agents to perform automated and interactive penetration testing tasks by exposing a suite of security assessment utilities as callable tools.
ai-safety-mcp-server
A centralized Model Context Protocol (MCP) server for AI Safety research, providing knowledge base, safety evaluation, mechanistic interpretability, and governance tools for research assistants and agentic systems.
vulnerable-notes-mcp
A deliberately vulnerable MCP server for testing security scanning tools and training developers to recognize common security anti-patterns in AI agents.