MCP Catalogs
Home

vulnerable-mcp-servers-lab vs filesystem

Side-by-side comparison to help you pick between these two MCP servers.

vulnerable-mcp-servers-lab
by appsecco
filesystem
by modelcontextprotocol
Stars★ 256★ 85,748
30d uses
Score4877
Official
Categories
SecurityAI / LLM ToolsDeveloper Tools
File SystemDeveloper ToolsProductivity
LanguageJavaScriptTypeScript
Last commit5 mo agothis month

vulnerable-mcp-servers-lab · Summary

A collection of intentionally vulnerable MCP servers for security training and research into common attack vectors.

filesystem · Summary

A feature-rich MCP server for filesystem operations with dynamic directory access control.

vulnerable-mcp-servers-lab · Use cases

  • Security research on MCP server vulnerabilities
  • Hands-on training for AI penetration testing
  • Developing security tests for AI applications

filesystem · Use cases

  • Enable AI models to read and write project files during development
  • Allow Claude or other MCP clients to browse and analyze codebases
  • Provide secure sandboxed access to specific directories for content generation

vulnerable-mcp-servers-lab · Install

Each vulnerable server lives in its own directory with specific installation instructions. To use:

  1. Clone the repository: git clone https://github.com/appsecco/vulnerable-mcp-servers-lab.git
  2. Navigate to the specific vulnerable server directory (e.g., cd vulnerable-mcp-server-filesystem-workspace-actions)
  3. Follow the README instructions in that directory

For Claude Desktop integration, many servers include a claude_config.json snippet that should be merged into your Claude Desktop configuration. For example:

{
  "mcpServers": {
    "vulnerable-filesystem": {
      "command": "node",
      "args": ["index.js"]
    }
  }
}

filesystem · Install

Installation

Using NPX

{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-filesystem",
        "/path/to/allowed/directory"
      ]
    }
  }
}

Using Docker

{
  "mcpServers": {
    "filesystem": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "--mount", "type=bind,src=/path/to/allowed/dir,dst=/projects/allowed/dir",
        "mcp/filesystem",
        "/projects"
      ]
    }
  }
}

VS Code Extension

Click the installation buttons in the README to install directly in VS Code.

Comparison generated from public README + GitHub signals. Last updated automatically.