Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(379)

88
201
Medium Cost
Shashankss1205 icon

CodeGraphContext

by Shashankss1205

Sec8

An MCP server that indexes local code into a Neo4j graph database to provide real-time, accurate context and relationship analysis to AI assistants for understanding, writing, and refactoring code.

Setup Requirements

  • ⚠️Requires a running Neo4j database instance (Docker or local binary installation is guided by `cgc setup`).
  • ⚠️Requires `NEO4J_URI`, `NEO4J_USERNAME`, and `NEO4J_PASSWORD` environment variables to connect to Neo4j.
  • ⚠️Indexing packages for specific languages (e.g., Go, JavaScript/TypeScript, Ruby, C/C++) requires their respective language tooling (e.g., `go`, `npm`, `gem`, `pkg-config`) to be installed and accessible in the system's PATH.
Verified SafeView Analysis
The server uses environment variables for Neo4j credentials, which is a good practice. It explicitly disallows write operations (CREATE, MERGE, DELETE, etc.) in `execute_cypher_query_tool` by stripping string literals before checking for forbidden keywords, mitigating Cypher injection risks for read-only queries. The `package_resolver.py` module uses `subprocess.run` to execute external commands (`npm`, `go`, `gem`, `pkg-config`), which introduces an inherent, albeit managed, risk if command arguments are not sufficiently sanitized or if the system's PATH is compromised. The setup wizard (`setup_wizard.py`) may execute `sudo` commands for local binary installations, requiring user trust.
Updated: 2025-11-19GitHub
81
22
Medium Cost
kitwork icon

kitwork

by kitwork

Sec3

KitWork is a serverless engine and workflow automation platform that allows users to define and run scheduled tasks, backend APIs, and web automation using YAML files.

Setup Requirements

  • ⚠️Requires Golang development environment
  • ⚠️Chromium browser installation might be needed for 'chromedp' actions (often handled by the library, but a dependency)
  • ⚠️Proper secret management for API keys and database credentials is critical and left to the user to configure securely (e.g., via environment variables or encrypted files, not raw YAML).
Review RequiredView Analysis
The system allows defining 'cmd' actions, which execute arbitrary system commands, posing a critical Remote Code Execution (RCE) risk if workflow definitions are user-provided or not strictly controlled. The 'chromedp' action for browser automation can expose the host to vulnerabilities from untrusted web content. While JavaScript via 'v8go' is sandboxed, the overall lack of explicit, robust sandboxing for 'cmd' and 'chromedp' actions, coupled with file-based routing and potential for direct execution of user-controlled YAML, makes it highly susceptible to exploits. Placeholder secrets in config files (e.g., `key: "key-api"`) indicate a risk of hardcoding sensitive information if not carefully managed by the user.
Updated: 2025-12-03GitHub
81
2
Low Cost
ecos-labs icon

ecos

by ecos-labs

Sec9

Transforms AWS Cost and Usage Reports (CUR) into enriched datasets for FinOps analysis and AI-powered cost insights.

Setup Requirements

  • ⚠️Requires Python 3.8+ and dbt Core for data transformation.
  • ⚠️Requires AWS CLI installed and configured with appropriate credentials.
  • ⚠️Requires AWS Cost and Usage Reports (CUR) to be enabled and configured for Athena query.
  • ⚠️Requires `dbt-athena-community` adapter installed (`pip install dbt-athena-community`).
  • ⚠️GITHUB_TOKEN environment variable is optional but recommended to avoid GitHub API rate limits when downloading transform models.
Verified SafeView Analysis
The project uses standard practices for AWS interactions (loading credentials via SDK) and GitHub API access (GITHUB_TOKEN environment variable). File operations (e.g., tar.gz extraction) include path traversal checks. No direct use of `eval` or obvious malicious patterns found. The `code/mcp` directory, which would contain the MCP Server implementation, is not detailed enough in the provided source to audit for server-specific vulnerabilities.
Updated: 2025-12-01GitHub
79
367
High Cost
graphlit icon
Sec8

The Model Context Protocol (MCP) Server integrates with the Graphlit Platform to provide an LLM-enabled knowledge API, enabling ingestion, search, retrieval, RAG, and publishing of content from various data connectors for MCP clients.

Setup Requirements

  • ⚠️Requires Node.js 18.x or higher.
  • ⚠️Requires an active account on the Graphlit Platform with API access.
  • ⚠️Many tools require specific API keys/tokens configured as environment variables (e.g., SLACK_BOT_TOKEN, NOTION_API_KEY) for their respective data connectors.
Verified SafeView Analysis
The server primarily relies on environment variables for sensitive credentials (Graphlit API keys, various connector tokens, etc.), which is good practice. The server uses a StdioServerTransport, meaning it communicates over standard I/O rather than opening a network port, reducing external attack surface. However, the 'ingestFile' tool uses 'fs.readFileSync' which could pose a risk if the 'filePath' parameter is controlled by an untrusted or malicious MCP client, potentially allowing arbitrary file reads from the server's filesystem. This risk is mitigated by the implied trusted relationship with MCP clients in the typical deployment model.
Updated: 2025-12-05GitHub
75
188
Medium Cost
hyprmcp icon

jetski

by hyprmcp

Sec9

Jetski is an Open Source MCP Analytics and Authentication Platform designed to simplify installation, authentication, and provide logs/analytics for Model Context Protocol (MCP) servers.

Setup Requirements

  • ⚠️Requires Docker for local setup (Postgres, Dex, Mailpit).
  • ⚠️Uses Mise for managing development environment tools (Go, Node, pnpm, Helm, etc.).
  • ⚠️Requires a local host file entry for 'host.minikube.internal' for Dex setup.
  • ⚠️pnpm is used as the frontend package manager.
Verified SafeView Analysis
The application follows good security practices: uses OAuth2/OIDC (Dex) for authentication, handles secrets via environment variables (e.g., GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET), and integrates Sentry and Posthog for error tracking and analytics. Local development credentials for Dex and PostgreSQL are clearly marked and not suitable for production. No obvious 'eval' or malicious patterns were found in the provided code.
Updated: 2025-12-06GitHub
75
294
High Cost
pab1it0 icon
Sec9

Enables AI assistants to query and analyze Prometheus metrics through a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires an accessible Prometheus server.
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop, VS Code, Cursor).
  • ⚠️Relies heavily on Docker for straightforward deployment.
  • ⚠️Requires Python 3.10 or higher for local development/execution.
Verified SafeView Analysis
Authentication credentials (username/password or bearer token) are handled via environment variables and marked as secrets in the MCP server configuration. The server supports disabling SSL verification for Prometheus connections (`PROMETHEUS_URL_SSL_VERIFY`), which is insecure and explicitly warned against for production. Docker images are designed to run as a non-root user (`app`) and expose port 8080. No 'eval' or malicious code patterns were identified. Structured logging is used for better observability.
Updated: 2025-11-22GitHub
73
207
High Cost
Muvon icon

octocode

by Muvon

Sec8

Octocode is an intelligent code indexer, semantic search engine, and knowledge graph builder that provides AI-powered assistance for developers.

Setup Requirements

  • ⚠️Requires Voyage AI API Key (free tier available, but registration required for embeddings)
  • ⚠️Requires OpenRouter API Key for AI features (optional, registration required for LLM capabilities)
  • ⚠️Requires Rust toolchain (1.70+)
  • ⚠️Local-first embedding models (FastEmbed, SentenceTransformer) are only fully offline on macOS; other platforms or cloud models require internet access.
  • ⚠️Indexing requires a Git repository or `--no-git` flag to be specified.
Verified SafeView Analysis
The system follows good practices for API key management (environment variables). The Model Context Protocol (MCP) server runs locally, limiting external exposure. However, AI-powered features for descriptions, relationships, commits, and reviews may send code snippets or metadata to external LLM providers (Voyage AI, OpenRouter), which is a data privacy/egress consideration. Local-first embedding options (FastEmbed, SentenceTransformer) are available, but only fully offline on macOS.
Updated: 2025-11-29GitHub
64
180
High Cost
dynatrace-oss icon

dynatrace-mcp

by dynatrace-oss

Sec9

Enables AI assistants to interact with the Dynatrace observability platform, providing real-time data for debugging, security analysis, and automation.

Setup Requirements

  • ⚠️Requires Dynatrace Platform Environment URL (DT_ENVIRONMENT) to be configured.
  • ⚠️Authentication requires Dynatrace Platform Token or OAuth Client, with specific scopes (interactive browser flow if only client ID is provided).
  • ⚠️Dynatrace OAuth scopes must be manually configured in your Dynatrace environment.
Verified SafeView Analysis
The server implements robust security practices, including cryptographic token generation (PKCE), use of environment variables for sensitive credentials, and input validation via Zod. A notable feature is the human approval mechanism for potentially destructive or open-world actions like sending emails, Slack messages, or creating workflows. No direct use of 'eval' or obvious obfuscation was found. Network risks are managed through standard HTTP client practices and proxy configuration. The only minor consideration preventing a perfect 10 is the inherent complexity of external API integrations and the interactive OAuth flow that opens a browser, which could be a minor security context shift.
Updated: 2025-12-04GitHub
64
10
Medium Cost
DavidFuchs icon

mcp-uptime-kuma

by DavidFuchs

Sec9

Provides a Model Context Protocol (MCP) interface for real-time Uptime Kuma monitoring data.

Setup Requirements

  • ⚠️Requires a running Uptime Kuma v2 instance.
  • ⚠️Requires Node.js 18+ to run directly, or Docker for containerized deployment/testing.
  • ⚠️Authentication requires Uptime Kuma URL and credentials (username/password/2FA token or JWT token) as environment variables.
Verified SafeView Analysis
No direct 'eval' or malicious patterns found. Uses Zod for input/output validation, and filters sensitive data like `steamAPIKey` from settings. CORS defaults to '*' for HTTP transport, which is common but less restrictive than specific origins. Authentication credentials are handled via environment variables.
Updated: 2025-11-29GitHub
60
60
Low Cost
agntcy icon
Sec8

Provides currency exchange functionalities as an MCP (Model Context Protocol) server for consumption by agentic services, integrating with AGNTCY Identity Service for identity and access management.

Setup Requirements

  • ⚠️Docker is required to run the full sample ecosystem and the core Identity Service.
  • ⚠️Python 3.12 or later is required.
  • ⚠️The AGNTCY Identity Service must be running and configured (requiring OIDC setup for user authentication and API keys for agents/MCP servers) as this MCP server relies on it for authorization.
  • ⚠️An external currency exchange API URL (`CURRENCY_EXCHANGE_API_URL`) must be provided for the MCP server to fetch exchange rates.
Verified SafeView Analysis
The MCP Server integrates with the IdentityServiceMCPMiddleware for robust authentication, requiring an API key to authenticate with the central AGNTCY Identity Service and validating incoming requests. This is a strong security measure for agent-to-server communication. The server makes outbound HTTP requests to a configurable `CURRENCY_EXCHANGE_API_URL`. In a production environment, this URL must be carefully managed to prevent Server-Side Request Forgery (SSRF) if it can be influenced by untrusted input. Development setup scripts create default `.env` values (e.g., `VAULT_DEV_ROOT_TOKEN`, default DB credentials), which are acceptable for development but must be overridden for production deployments.
Updated: 2025-12-05GitHub
59
105
High Cost
kubeflow icon
Sec8

Connect AI agents to Apache Spark History Server for intelligent job analysis and performance monitoring.

Setup Requirements

  • ⚠️Python 3.12+ required
  • ⚠️Requires 'uv' package manager for development setup
  • ⚠️Requires an existing Spark History Server to be running and accessible
  • ⚠️Docker required for local testing of the Spark History Server itself
Verified SafeView Analysis
The project uses standard libraries (requests, boto3) and explicitly includes a pre-commit hook to prevent hardcoded credentials in `config.yaml`, advocating for environment variables. SSL verification is configurable. EMR integration uses AWS best practices with presigned URLs. Local testing scripts log output, which could contain sensitive information if not properly managed in production-like scenarios, but overall, it promotes secure practices.
Updated: 2025-12-02GitHub
58
110
Low Cost
kapilduraphe icon

mcp-watch

by kapilduraphe

Sec8

A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in MCP implementations.

Setup Requirements

  • ⚠️Requires Git CLI installed (if not using Docker option)
  • ⚠️Requires Node.js 16.0 or higher (if not using Docker option)
Verified SafeView Analysis
The scanner itself is designed with security in mind, including sanitization of sensitive information in reports and use of temporary directories for cloned repositories. It executes 'git clone' with a user-supplied URL in a controlled temporary environment, which is necessary for its function but represents an external process call. The use of `--depth 1` for cloning helps mitigate some risks associated with large or malicious repositories.
Updated: 2025-12-02GitHub
PreviousPage 2 of 32Next