Eliran79/Vulnerable-file-reader-server

@Eliran792

A deliberately vulnerable MCP server demonstrating command injection flaws for educational purposes.

mcpvulnerabilitysecuritycommand-injectionpythontool

Installation & Configuration

{
  "mcpServers": {
    "file-reader": {
      "command": "/ABSOLUTE/PATH/TO/uv",
      "args": [
        "--directory",
        "/data/git/file_reader_server",
        "/usr/bin/uv",
        "run,--with,mcp,mcp,run,main.py"
      ]
    }
  }
}

Information

Transport

stdio

Language

Python

Created

2025/4/26

Updated

2026/6/7

Homepage

https://github.com/Eliran79/Vulnerable-file-reader-server