RRepoGEO

REPOGEO REPORT · LITE

harishsg993010/damn-vulnerable-MCP-server

Default branch main · commit 79734c19 · scanned 5/15/2026, 5:53:07 PM

GitHub: 1,295 stars · 150 forks

AI VISIBILITY SCORE
23 /100
Critical
Category recall
0 / 2
Not recommended in any query
Rule findings
1 pass · 0 warn · 1 fail
Objective metadata checks
AI knows your name
2 / 3
Direct prompts that named your repo
HOW TO READ THIS REPORT

Action plan is what to do next — copy-pasteable changes prioritized by impact. Category visibility is the real GEO test: when a user asks an AI a brand-free question that should surface harishsg993010/damn-vulnerable-MCP-server, does the AI actually recommend you — or your competitors? Objective checks verify the metadata signals AI engines weight first. Self-mention check detects whether AI even knows you exist by name.

Action plan — copy-paste fixes

3 prioritized changes generated by gemini-2.5-flash. Mark items done after you ship the fix.

OVERALL DIRECTION
  • highreadme#1
    Reposition the README's first sentence to clarify its AI/LLM security focus

    Why:

    CURRENT
    A deliberately vulnerable implementation of the Model Context Protocol (MCP) for educational purposes.
    COPY-PASTE FIX
    A deliberately vulnerable implementation of the Model Context Protocol (MCP), designed for educational purposes to demonstrate security vulnerabilities in AI context handling for Large Language Models (LLMs).
  • hightopics#2
    Add relevant topics to improve categorization

    Why:

    COPY-PASTE FIX
    security, vulnerable-by-design, llm, ai, model-context-protocol, cybersecurity-training, education
  • highlicense#3
    Add a LICENSE file to the repository

    Why:

    COPY-PASTE FIX
    Create a LICENSE file in the repository root with the content of the MIT License.

Category GEO backends resolved for this scan: google/gemini-2.5-flash, deepseek/deepseek-v4-flash

Category visibility — the real GEO test

Brand-free queries asked to google/gemini-2.5-flash. Did AI recommend you, or someone else?

Same questions for every model — switch tabs to compare answers and rankings.

Recall
0 / 2
0% of queries surface harishsg993010/damn-vulnerable-MCP-server
Avg rank
Lower is better. #1 = top recommendation.
Share of voice
0%
Of all named tools, what % are you?
Top rival
OWASP Juice Shop
Recommended in 1 of 2 queries
COMPETITOR LEADERBOARD
  1. OWASP Juice Shop · recommended 1×
  2. Damn Vulnerable AI (DVAI) · recommended 1×
  3. OWASP WebGoat · recommended 1×
  4. Google's AI Explanations (AIX) Toolkit · recommended 1×
  5. Adversarial Robustness Toolbox (ART) · recommended 1×
  • CATEGORY QUERY
    Need a vulnerable server to practice exploiting security flaws in AI context protocols.
    you: not recommended
    AI recommended (in order):
    1. OWASP Juice Shop
    2. Damn Vulnerable AI (DVAI)
    3. OWASP WebGoat
    4. Google's AI Explanations (AIX) Toolkit
    5. Adversarial Robustness Toolbox (ART)
    6. Metasploitable3

    AI recommended 6 alternatives but never named harishsg993010/damn-vulnerable-MCP-server. This is the gap to close.

    Show full AI answer
  • CATEGORY QUERY
    Educational platform for understanding and mitigating security risks in LLM context handling.
    you: not recommended
    AI recommended (in order):
    1. OWASP Top 10 for LLM Applications
    2. Giskard
    3. Lakera Guard
    4. Radar
    5. NB Defense
    6. Rebuff
    7. Portkey.ai
    8. Microsoft Azure AI Content Safety

    AI recommended 8 alternatives but never named harishsg993010/damn-vulnerable-MCP-server. This is the gap to close.

    Show full AI answer

Objective checks

Rule-based audits of metadata signals AI engines weight most.

  • Metadata completeness
    fail

    Suggestion:

  • README presence
    pass

Self-mention check

Does AI even know your repo exists when asked about it directly?

  • Compared to common alternatives in this category, what is the core differentiator of harishsg993010/damn-vulnerable-MCP-server?
    pass
    AI named harishsg993010/damn-vulnerable-MCP-server explicitly

    AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?

  • If a team adopts harishsg993010/damn-vulnerable-MCP-server in production, what risks or prerequisites should they evaluate first?
    pass
    AI named harishsg993010/damn-vulnerable-MCP-server explicitly

    AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?

  • In one sentence, what problem does the repo harishsg993010/damn-vulnerable-MCP-server solve, and who is the primary audience?
    pass
    AI did not name harishsg993010/damn-vulnerable-MCP-server — likely talking about a different project

    AI answers can be confidently wrong. Read for accuracy: does it match your actual tech stack, audience, and differentiator?

Embed your GEO score

Drop this badge into the README of harishsg993010/damn-vulnerable-MCP-server. It auto-updates whenever the report is rescanned and links back to the latest report — easy public proof that you care about AI discoverability.

RepoGEO badge previewLive preview
MARKDOWN (README)
[![RepoGEO](https://repogeo.com/badge/harishsg993010/damn-vulnerable-MCP-server.svg)](https://repogeo.com/en/r/harishsg993010/damn-vulnerable-MCP-server)
HTML
<a href="https://repogeo.com/en/r/harishsg993010/damn-vulnerable-MCP-server"><img src="https://repogeo.com/badge/harishsg993010/damn-vulnerable-MCP-server.svg" alt="RepoGEO" /></a>
Pro

Subscribe to Pro for deep diagnoses

harishsg993010/damn-vulnerable-MCP-server — Lite scans stay free; this card itemizes Pro deep limits vs Lite.

  • Deep reports10 / month
  • Brand-free category queries5 vs 2 in Lite
  • Prioritized action items8 vs 3 in Lite