Is Mcp Chaos Rig safe to use?

Mcp Chaos Rig has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install Mcp Chaos Rig?

Mcp Chaos Rig supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Mcp Chaos Rig do?

Mcp Chaos Rig provides 10 tools: echo, add, get-time, random-number, reverse and 5 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Mcp Chaos Rig?

Mcp Chaos Rig is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Mcp Chaos Rig actively maintained?

Mcp Chaos Rig is actively maintained — last commit was 6 days ago. It has 10 GitHub stars.

Mcp Chaos Rig

Name: Mcp Chaos Rig
Author: Typewise

mcp-chaos-rig · by Typewise

A local MCP server that breaks on demand. Test your client against auth failures, disappearing tools, flaky responses, and token expiry, all from a web UI.

10 148/wk 10 tools GitHub npm

No known CVEs

MIT license

Actively maintained

Last commit 6d ago

Works with most clients

Transport: stdio, sse, http

10 tools · ~393 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

Developer Tools Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mcp-chaos-rig": {
      "args": [
        "-y",
        "mcp-chaos-rig"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-chaos-rig)](https://mcppedia.org/s/mcp-chaos-rig)

Read me

What Mcp Chaos Rig does

You're building an MCP client. You need to test OAuth flows, token refresh, tool discovery, error handling, and session lifecycle. Production servers don't fail on command. You need a server that does.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'mcp-chaos-rig' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

90/100across 5 weighted dimensions

How we score →

0255075100

−10

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked mcp-chaos-rig against OSV.dev.

Inventory

Tools (10)

Click any tool to inspect its schema.

~393 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Chaos Rig safe to use?: Mcp Chaos Rig has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Mcp Chaos Rig?: Mcp Chaos Rig supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Chaos Rig do?: Mcp Chaos Rig provides 10 tools: echo, add, get-time, random-number, reverse and 5 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Chaos Rig?: Mcp Chaos Rig is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Mcp Chaos Rig actively maintained?: Mcp Chaos Rig is actively maintained — last commit was 6 days ago. It has 10 GitHub stars.

Similar servers

Others in developer-tools / security

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

MCP Security Weekly

Get CVE alerts and security updates for Mcp Chaos Rig and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Developer Tools Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mcp-chaos-rig": {
      "args": [
        "-y",
        "mcp-chaos-rig"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-chaos-rig)](https://mcppedia.org/s/mcp-chaos-rig)

Read me

What Mcp Chaos Rig does

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'mcp-chaos-rig' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

MCP Chaos Rig

A local MCP server that breaks on demand. Test your client against auth failures, disappearing tools, flaky responses, and token expiry, all from a web UI.

The problem

What Chaos Rig does

Run a local MCP server where you control everything:

Break authentication: force 401s and 500s mid-session, expire tokens on demand, reject refresh tokens
Break tools: disable tools to trigger tools/changed, switch schema versions live
Break reliability: add random latency, make tool calls fail at configurable rates
See everything: live request log shows inbound JSON-RPC calls and outbound SSE responses, with click-to-expand bodies

Test scenarios

Scenario	How to test it
OAuth 2.1 consent flow	Use the interactive consent page: approve, decline, invalid code, tampered state
Fixed header auth	Switch to Headers mode, configure key-value pairs, verify client sends them
Missing/wrong headers	Send requests with missing or mismatched headers — 401 with details
Token rejection mid-session	Toggle "Reject OAuth" to 401 or 500 while client is connected
Token expiry and refresh	Set access token TTL to a short value, watch the client refresh
Reject refresh tokens	Toggle "Reject refresh tokens" to force re-authentication
Wrong client refreshing	Enable "Enforce refresh token ownership" — catches clients that lose credentials and re-register
Scope discovery conflict	Set different scopes in metadata vs WWW-Authenticate header, test which the client trusts
Tool disappearing	Disable a tool in the Tools tab. Clients receive `tools/changed`
Tool schema changing	Switch echo or add between v1 and v2 schemas
Flaky tool calls	Set failure rate 0-100%. Failed calls return `isError: true`
Slow responses	Enable slow mode with configurable latency range
PKCE code exchange	OAuth consent page offers "Wrong Code" and "Wrong State" options
Database-backed tools	CRUD operations on a real SQLite contact database

Quick start

npx mcp-chaos-rig

Control panel at localhost:4100/ui, MCP endpoint at http://localhost:4100/mcp. Requires Node 20+.

If you prefer a global install:

npm install -g mcp-chaos-rig
mcp-chaos-rig

Or run from source:

git clone https://github.com/Typewise/mcp-chaos-rig.git
cd mcp-chaos-r

... [View full README on GitHub](https://github.com/Typewise/mcp-chaos-rig#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

90/100across 5 weighted dimensions

How we score →

0255075100

−10

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked mcp-chaos-rig against OSV.dev.

Inventory

Tools (10)

Click any tool to inspect its schema.

~393 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Chaos Rig safe to use?: Mcp Chaos Rig has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install Mcp Chaos Rig?: Mcp Chaos Rig supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Chaos Rig do?: Mcp Chaos Rig provides 10 tools: echo, add, get-time, random-number, reverse and 5 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Chaos Rig?: Mcp Chaos Rig is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Mcp Chaos Rig actively maintained?: Mcp Chaos Rig is actively maintained — last commit was 6 days ago. It has 10 GitHub stars.