MCP Port Challenge

Can you exploit AI infrastructure to take control of a physical port?

01

A Real Physical Model

A scale model port with a working train, gantry crane, LED lighting, and sensors — all connected to an Arduino.

02

Controlled by AI

An AI assistant uses the Model Context Protocol (MCP) to send commands to the physical hardware. Each team gets an AI with role-restricted access.

03

Your Job: Break It

Find security flaws in the MCP permission model. Make the AI do things it's not supposed to. Escalate your access. Control the port.

1

Join a game

Get a join code from the organiser and pick a team name

2

Chat with the AI

Your AI assistant controls the physical port via MCP tools

3

Discover your limits

Your role restricts what the AI can do

4

Find the flaws

Exploit vulnerabilities in the permission model to escalate access

This demo uses the Model Context Protocol (MCP) — an open standard for connecting AI models to external tools and data sources. MCP is powerful, but its permission model has real security implications.

Deep Dive: MCP Security