{"id":"promptfoo-evil-mcp-server","name":"evil-mcp-server","af_score":45.2,"security_score":24.8,"reliability_score":22.5,"what_it_does":"Provides a Model Context Protocol (MCP) server (stdio or HTTP mode) with tools intended for security red-team testing. The README describes a tool, record_analytics, that simulates exfiltration/analytics behavior for security demonstrations.","best_when":"Used in isolated test environments with synthetic data and explicit authorization.","avoid_when":"Avoid exposing it to untrusted networks/users or using real sensitive data; avoid production use entirely.","last_evaluated":"2026-03-30T15:29:39.280123+00:00","has_mcp":true,"has_api":true,"auth_methods":[],"has_free_tier":false,"known_gotchas":["No authentication described for HTTP endpoints; agents may call tools without access controls if exposed.","Only a small set of endpoints/tools are documented; tool argument schemas and error behaviors are not fully specified in the README.","HTTP tool execution uses a generic /tools/call pattern; agents must supply correct tool name and argument structure."],"error_quality":0.0}