RootInj3c/MCP-Security-Workshop
If you are the rightful owner of MCP-Security-Workshop and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.
A Vulnerable MCP Server Implementation to demonstrate how to defend and protect MCP server along with a paper on DigitalWhisper magazine.
DigitalWhisper - MCP Security Workshop
This repository contains a vulnerable MCP server implementation designed for educational and research purposes. It demonstrates common security pitfalls and real-world exploitation scenarios targeting MCP (Model Context Protocol) systems along with practical techniques to detect, defend, and harden your own MCP-based applications. This project complements my article published in DigitalWhisper magazine, where I explore the offensive and defensive aspects of:
- AI agent orchestration
- Prompt injection
- RAG-layer abuse
📰 Read the article (Hebrew only): https://www.digitalwhisper.co.il/
What's Inside
An intentionally vulnerable MCP server covering the following topics:
- ⚙️ Intro to MCP – Working and debugging with a simple MCP server
- 💉 Prompt Injection – Direct prompt injection analysis and exploitation
- 🧪 Tool Poisoning – Two real-world use cases used by AI attackers
- 🧠 Indirect Prompt Injection – RAG-based simulation to explore context abuse and multi-hop attacks
Who This Is For
- 🛡️ Security Researchers – Exploring LLM/MCP threat models and vulnerabilities
- 👨💻 Developers – Building safer, more robust MCP / Agent frameworks
- 🎓 Educators & Trainers – Teaching offensive AI/LLM behavior in workshops and labs
- 🔴 Red Teamers – Simulating prompt injection and RAG abuse in controlled environments
📝 License
Copyright (c) 2025 Maor Tal. This project is licensed under the .