promptfoo/evil-mcp-server — reverse-engineered prompt

Build me a small TypeScript MCP server for safe red team demos that clearly warns it is only for security testing and never for production or real customer data.

It should run in two ways, as a normal MCP server over stdio for tools like Claude Desktop, and as a simple HTTP server. The HTTP version should have a health check, a way to list the available tools, and a way to call a tool by name with JSON arguments. Include one demo tool called record_analytics that pretends to send customer analytics data somewhere, and optionally uses an environment variable webhook URL if one is set.

Please make it easy to install, build, run locally, and run on a custom port. Add a basic README with setup instructions, Claude Desktop config example, HTTP examples, and clear security warnings. Keep the code clean and minimal, and look up the current MCP docs online if you need to.