$ timeahead_
/mcp/blog/about
← mcp scores
61
malicious-mcp-server

A deliberately malicious MCP server for E2E testing purposes

overview

What it does

A mock MCP server that deliberately exhibits non-standard or problematic behavior, designed as a test fixture for validating how MCP clients handle edge cases, misbehaving servers, and error conditions. Implements the MCP protocol surface but with intentional deviations or omissions to stress-test client robustness and error recovery paths.

Who it's for

MCP framework maintainers, testing engineers, and client library developers who need to validate error handling, timeouts, graceful degradation, and protocol compliance. Particularly useful for teams building MCP clients that must remain stable when encountering problematic or non-compliant servers.

Common use cases

  • Test client resilience against servers that violate MCP spec or send malformed messages
  • Validate timeout and cancellation handling under adverse conditions
  • Verify graceful degradation when a server returns no tools or incomplete responses
  • Integration test MCP client libraries for robustness without side effects or external dependencies

Setup pitfalls

  • Install only in isolated test environments; not intended for production use
  • Provides no actual MCP tools — useful only for testing client behavior
  • Requires test isolation if multiple test suites share the same agent instance to prevent cross-contamination
  • No CI infrastructure — verify test compatibility manually across target platforms and Node versions
install
add to your claude desktop / cursor / windsurf mcp config:
{
  "mcpServers": {
    "malicious": {
      "command": "npx",
      "args": [
        "-y",
        "malicious-mcp-server"
      ]
    }
  }
}
per-client install guide (claude desktop · cursor · windsurf · vscode · claude code) →
owner of this server? claim your listing to get a verified badgeclaim →
score breakdown
security (35%)100
freshness (25%)30
adoption (20%)40
quality (10%)60
trust (10%)50
score history (13 updates)
4/30/20265/22/2026
capabilities · what this server can do
tool list unavailable — permissions from static analysis·auth:
low risk
● active   ○ not requested  ·  hover each badge for details
fs read fs write network exec eval secrets
why low risk: No elevated permissions requested — safe to connect.
maintenance health
maintenance data not yet available — check back later.
raw data
weekly downloads2k
github stars0
forks0
open issues0
license✓ present
readme length0 chars
last updated1d ago
install verified✓ pass · 2d ago
score drop alerts
get notified by email when this server's score drops 5+ points