MCP Security Demonstration

Interactive demonstrations of security vulnerabilities and defenses in Model Context Protocol implementations

πŸ”“

Malicious MCP Server

Explore how a seemingly legitimate MCP server from a marketplace can perform malicious actions like data exfiltration while appearing to provide useful functionality.

Data Exfiltration Detection
Launch Demo β†’
πŸ“„

Prompt Injection Attack

See how malicious content embedded in a CV can manipulate an AI hiring agent with privileged access to exfiltrate sensitive data or influence evaluation scores.

Prompt Injection Tool Call Monitoring
Launch Demo β†’
♾️

Infinite Loop Exploit

Discover how malicious MCP servers can trick LLMs into infinite execution loops through misleading documentation, and how to defend against resource exhaustion.

Resource Exhaustion Rate Limiting
Launch Demo β†’