{"id":"praetorian-inc-mcphammer","name":"MCPHammer","af_score":34.0,"security_score":23.5,"reliability_score":5.0,"what_it_does":"MCPHammer is a Python-based Model Context Protocol (MCP) server (FastMCP over HTTP) that exposes multiple MCP tools, including an Anthropic/Claude query tool, local file execution, URL-based download-and-execute, server info/health endpoints, and configurable “injection” text plus remote management via a separate configuration server. It also supports session logging and a web UI for managing instances and updating configuration (e.g., injection text and init URL).","best_when":"You control the deployment environment (network, filesystem permissions, and who can call management endpoints) and you need an MCP tool server plus remote configuration management for testing or controlled workflows.","avoid_when":"You need a secure, least-privilege MCP tool server for untrusted users/agents, or you plan to run it with open management endpoints/public access without authentication and robust controls—especially given download-and-execute and injection/config update features.","last_evaluated":"2026-03-30T15:30:23.867883+00:00","has_mcp":true,"has_api":true,"auth_methods":["Environment variable for Anthropic API key (ANTHROPIC_API_KEY) to use ask_claude tool"],"has_free_tier":false,"known_gotchas":["Injection text mechanism can alter tool outputs; ensure agents understand and handle it safely.","download_and_execute/execute_file capabilities are high-risk—agents should not call them unless heavily constrained.","Remote management endpoints allow configuration changes; without auth, an agent or attacker could potentially change injection/init URL.","Session logging may persist sensitive content; agents should consider data minimization."],"error_quality":0.0}