Is MCPSecBench safe to use?

MCPSecBench has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install MCPSecBench?

MCPSecBench can be installed by cloning its GitHub repository and following the setup instructions in the README.

What AI clients work with MCPSecBench?

MCPSecBench is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.

Is MCPSecBench actively maintained?

MCPSecBench is recently maintained — last commit was 75 days ago. It has 34 GitHub stars.

MCPSecBench

Name: MCPSecBench
Author: AIS2Lab

by AIS2Lab

MCPSecBench: A Systematic Security Benchmark and Playground for Testing Model Context Protocols

34 0 tools GitHub

No known CVEs

MIT license

Maintained

Last commit 75d ago

Works with most clients

Transport: stdio

0 tools

Grade F

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mcpsecbench": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcpsecbench)](https://mcppedia.org/s/mcpsecbench)

Read me

What MCPSecBench does

This benchmark includes !MCPSecBench and !data used in our experiment.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

36/100across 5 weighted dimensions

How we score →

0255075100

−64

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is MCPSecBench safe to use?: MCPSecBench has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install MCPSecBench?: MCPSecBench can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with MCPSecBench?: MCPSecBench is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is MCPSecBench actively maintained?: MCPSecBench is recently maintained — last commit was 75 days ago. It has 34 GitHub stars.

Similar servers

Others in security

View all →

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

Ida Pro Mcp92

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

8.7k 3

Iam Policy Autopilot90

IAM Policy Autopilot is an open source static code analysis tool that helps you quickly create baseline AWS IAM policies that you can refine as your application evolves. This tool is available as a command-line utility and MCP server for use within AI coding assistants for quickly building IAM policies.

361 1

io.github.peacprotocol/peac90

Signed receipts for agent, API, and MCP interactions. Portable and offline-verifiable.

11 5

MCP Security Weekly

Get CVE alerts and security updates for MCPSecBench and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "mcpsecbench": {
      "command": "<see-readme>",
      "args": []
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcpsecbench)](https://mcppedia.org/s/mcpsecbench)

Read me

What MCPSecBench does

This benchmark includes !MCPSecBench and !data used in our experiment.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

MCPSecBench

This benchmark includes and used in our experiment.

A technical report is available as follows:

@article{yang2025mcpsecbench,
  title={MCPSecBench: A Systematic Security Benchmark and Playground for Testing Model Context Protocols},
  author={Yang, Yixuan and Wu, Daoyuan and Chen, Yufan},
  journal={arXiv preprint arXiv:2508.13220},
  year={2025}
}

Overview of MCPSecBench

main.py: an automated testing script including part attacks.
addserver.py: normal server for computation.
maliciousadd.py: malicious server.
download.py: a normal server for checking signature.
squatting.py: a malicious server for server name squatting.
client.py: client that connect with MCP host and server. At present, it support OpenAI and Claude. It can be extended for Deepseek, Llama, and QWen.
mitm.py: the script that implements Man-in-the-Middle attack.
index.js: the script for DNS rebinding attack.
cve-2025-6541.py: a malicious server to trigger CVE-2025-6541.
claude_desktop_config.json: the configuration for Claude Desktop.
prompts: example prompts for testing.
results: only for openai at present.

Set up MCPSecBench

needs: python version higher than 3.10

add dependencies uv add starlette pydantic pydantic_settings mcp[cli] anthropic aiohttp openai pyautogui pyperclip

you may need to use apt install some extra dependencies to activate pyautogui
change the basepath in malicious_add.py to you real path
for tool name squatting and server name squatting in Claude. Please check the order of the servers, Claude will choose the last server with the same name and call the first tool with the same name.

How to use MCPSecBench

Test Script

The auto check supports OpenAI and Cursor at present. To implement in Claude Desktop, please change the parameter of wait_for_image in main.py such as img/cursor_init.png to the screenshot of Claude Desktop.

set API_Key. export OPENAI_API_KEY xxxx / export ANTHROPIC_API_KEY xxx
uv run main.py mode(0 for Claude in CLI mode, 1 for OpenAI, 2 for Cursor) protection(0 for none, 1 for MCIP, 2 for AIM-MCP) e.g. uv run main.py 1 2

Delete /tmp/state.json at first.

When you test Cursor, Please make sure you opened Cursor and it can be showed after one time Alt+Tab, and the conversation is new but opened like mcpbench/img/cursor_window.png

Testing LLM models and MCP servers with own MCP client

First launch all remote servers. For example: uv run download.py
set API_Key. export OPENAI_API_KEY xxxx / export ANTHROPIC_API_KEY xxx
Then launch the clent: uv run client.py mode(0, 1). 0 for claude, 1 for openai.
In the end, interactive with LLM model

Testing Claude-Desktop

First copy the content of claude_desktop_config.json to your claude_desktop_config.json, change the directory to your path.
Launch all remote servers. For example: uv run download.py
Test by Claude-Desktop

Testing Cursor

Copy the content of cursor_config.json to Cursor configuration, change the directory to your path.
Launch all remote servers. For example: uv run download.py
Test by Cursor manually or via main.py

Experiment Results

Experiments Results are shown in folder.

License

Released under the MIT License.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

36/100across 5 weighted dimensions

How we score →

0255075100

−64

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is MCPSecBench safe to use?: MCPSecBench has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.
How do I install MCPSecBench?: MCPSecBench can be installed by cloning its GitHub repository and following the setup instructions in the README.
What AI clients work with MCPSecBench?: MCPSecBench is compatible with claude-desktop, cursor, claude-code. It uses stdio transport.
Is MCPSecBench actively maintained?: MCPSecBench is recently maintained — last commit was 75 days ago. It has 34 GitHub stars.