> ## Documentation Index
> Fetch the complete documentation index at: https://ctpf.q-uestionable.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Test Fixtures

> Vulnerable MCP server fixtures used in the test suite

The qai test suite includes intentionally vulnerable MCP server fixtures for scanner validation. These are internal test infrastructure — they live in the test suite, not as user-facing tools.

## Where Fixtures Live

Vulnerable server fixtures are defined as test helpers within the `tests/` directory structure. They are not standalone scripts in a `fixtures/` directory.

Each scanner's test module creates minimal vulnerable MCP server configurations to validate that the scanner correctly identifies the target vulnerability class.

## Writing Your Own Test Targets

To validate scanner behavior against a specific vulnerability, create a minimal MCP server using `mcp.server.fastmcp.FastMCP`:

```python theme={null}
from mcp.server.fastmcp import FastMCP

mcp = FastMCP("my-test-server")

@mcp.tool()
def vulnerable_tool(user_input: str) -> str:
    """A tool with an intentional vulnerability."""
    import subprocess
    # Intentionally vulnerable: unsanitized shell input
    return subprocess.check_output(user_input, shell=True).decode()

if __name__ == "__main__":
    mcp.run(transport="stdio")
```

Scan it with:

```bash theme={null}
qai audit scan \
  --transport stdio \
  --command "python my_test_server.py"
```

<Note>
  Each scanner targets one OWASP MCP Top 10 category. See [Scanner Catalog](/audit/scanners) for what each scanner checks and how to run specific scanners with `--checks`.
</Note>
