The GitHub repository features vulnerable implementations of Model Context Protocol (MCP) servers designed for security training and research. Each server is organized into its own folder, complete with a README.md file that outlines its functionality, setup instructions, and ways to exploit its vulnerabilities. The repository serves as a hands-on resource for understanding common failure modes in MCP servers and their integration with various tools. Users are warned to operate these servers only in controlled lab environments to avoid potential security risks. The repository includes various vulnerabilities, such as filesystem path traversal leading to code execution, indirect prompt injection risks through document retrieval, and remote code execution via unsafe JavaScript evaluation. Other examples include namespace typosquatting, which highlights supply-chain risks, and exposure of sensitive information through outdated packages or embedded secrets in utility tools. Appsecco, the company behind this repository, specializes in penetration testing and security assessments for a range of technologies, including SaaS and AI agents. Their focus is on pragmatic outcomes that reflect real-world security challenges. This lab aims to aid pentesters and those transitioning into AI Red Team roles in recognizing and mitigating risks that arise from using untrusted tools and data within AI workflows.