Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(68)

0
0
Low Cost
Indrapuma icon
Sec1

A basic implementation of a client-server communication system, likely demonstrating a custom or simplified protocol ('MCP').

Review RequiredView Analysis
Source code was not provided in the prompt, therefore a comprehensive security audit is impossible. Without reviewing the implementation details, it is impossible to determine if the server contains vulnerabilities such as unsanitized input, hardcoded secrets, dangerous functions like 'eval', or improper network handling. Running any software without code review is inherently risky.
Updated: 2025-12-03GitHub
0
0
Low Cost
crypticsaiyan icon

phosphor

by crypticsaiyan

Sec9

A terminal-based IRC client with modern UX, AI integration, and unique features, designed for efficiency.

Setup Requirements

  • ⚠️Python 3.11+ required.
  • ⚠️Docker must be installed, running, and user must have appropriate permissions for '/ai docker-...' commands to function.
  • ⚠️Azure SDK (`azure-identity`, `azure-mgmt-containerinstance`) and environment variables (`AZURE_SUBSCRIPTION_ID`, `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET`, `AZURE_TENANT_ID`, `AZURE_RESOURCE_GROUP`) are required for Azure integration.
  • ⚠️The `magic-wormhole` command-line tool must be installed for file transfers (`/send`, `/grab`).
  • ⚠️`simpleaudio` (and underlying system audio libraries like `libasound2-dev` on Linux) is required for audio feedback.
Verified SafeView Analysis
The application uses `subprocess` for various system commands (e.g., `docker`, `uname`, `wormhole`, audio players) and file system operations. These are generally implemented by passing arguments as lists to `subprocess.run` or `asyncio.create_subprocess_exec`, avoiding `shell=True` and direct user input interpolation into command strings, which significantly reduces command injection risks. File operations via `/ai list-files`, `/ai read-file`, `/ai search-files` use Python's `pathlib` for safer file system interaction. Hardcoded secrets are avoided in favor of environment variables for Azure integration. Overall, a good effort to minimize common security pitfalls related to external command execution.
Updated: 2025-12-05GitHub
0
0
Medium Cost
mkornreich icon

mcp

by mkornreich

Sec8

A client-server application demonstrating how Claude can use external tools via the MCP protocol, specifically showcasing a job fetching tool.

Setup Requirements

  • ⚠️Requires Anthropic API Key (e.g., ANTHROPIC_API_KEY in .env)
  • ⚠️Requires Python 3.10 or higher
  • ⚠️Client requires the server script path as a command-line argument
Verified SafeView Analysis
The `server.py` code itself is relatively secure, using standard libraries (`httpx`) for controlled external requests and operating over `stdio` which limits direct network exposure. It does not contain `eval`, obfuscation, or hardcoded secrets. The primary security consideration for the *overall system* lies in the client's ability to execute arbitrary server scripts (Python/Node.js) specified via command-line arguments. This means that if the client is used with an untrusted `server_script_path`, it could lead to arbitrary code execution. This is a design characteristic of how the MCP client launches a server, rather than a vulnerability in `server.py` itself.
Updated: 2025-11-23GitHub
0
0
Low Cost
Ramakrishna-Gedala icon

mcp_emi_server

by Ramakrishna-Gedala

Sec9

This server exposes loan Equated Monthly Installment (EMI) calculation endpoints to MCP clients, acting as a proxy to a backend REST API.

Setup Requirements

  • ⚠️Requires Python 3.10+ and 'uv' package manager for environment management and execution.
  • ⚠️A separate EMI calculation REST API backend must be running and accessible at the `EMI_API_BASE_URL` (defaults to http://localhost:8000/api) for the server to function.
Verified SafeView Analysis
The server functions as a lightweight proxy and does not appear to contain malicious patterns, 'eval', or hardcoded sensitive secrets. It relies on an external, configurable backend for actual calculations, meaning its overall security is also dependent on the security of the proxied API. Input sanitization is implicitly handled by the backend API it calls.
Updated: 2025-11-27GitHub
0
0
Medium Cost
alk231 icon
Sec9

Automate the processing of unread emails by summarizing, categorizing, and executing actions like replying or marking as read using an AI agent.

Setup Requirements

  • ⚠️Requires a Groq API Key (Paid) for the LLM, typically set as GROQ_API_KEY environment variable.
  • ⚠️Requires a Google Cloud Project with Gmail API enabled and OAuth 2.0 Client ID credentials. The 'client_secret.json' content must be provided via the GMAIL_CREDENTIALS environment variable.
  • ⚠️The first run will require interactive user authentication through a browser for Gmail access if GMAIL_TOKEN environment variable is not pre-set.
  • ⚠️The 'main.py' script contains hardcoded absolute paths for the Python executable and 'server.py' (e.g., C:/Users/DELL/... and E:/Langgraph/...). These must be updated to reflect the user's local environment paths for the application to run correctly.
Verified SafeView Analysis
The system uses environment variables for sensitive credentials (Groq API Key, Gmail API credentials), which is good practice. Gmail authentication leverages a standard OAuth 2.0 flow. No 'eval' or malicious patterns were found. The 'gmail.modify' scope for Gmail API is broad but justified by the application's functionality (reading, replying, modifying labels). The base64 decoding and regex for email body extraction are standard and appear safe.
Updated: 2025-11-19GitHub
0
0
High Cost
sk3tch icon

glkvm-mcp

by sk3tch

Sec6

Control KVM devices (mouse, keyboard, screenshot, OCR) directly over HTTPS with mTLS for agent-driven GUI automation on remote computers.

Setup Requirements

  • ⚠️Requires Tesseract OCR (`tesseract-ocr`) and FFmpeg (`ffmpeg`) to be installed locally on the machine running the MCP server.
  • ⚠️The target KVM device must be running Linux with USB HID gadget support and `ustreamer` for video capture, which may require specific hardware and kernel configuration.
  • ⚠️Requires a multi-step, manual process for generating and managing mutual TLS (mTLS) certificates (CA, client, and per-KVM server certs), which is complex and prone to misconfiguration.
Verified SafeView Analysis
The KVM-side HID server, which facilitates direct control of the physical device, is designed to run with root privileges to access HID gadget devices (`/dev/hidg0`, `/dev/hidg1`). A compromise of this server would grant full root access to the controlled machine, representing a critical risk. While mutual TLS (mTLS) is implemented for secure communication and authentication, the setup involves manual certificate management across multiple machines, which is prone to human error. External dependencies like `ffmpeg` and `tesseract` introduce additional attack surfaces if those binaries contain vulnerabilities or if their invocation arguments could be manipulated (though current usage appears safe). The README itself highlights the 'terrifying' ease of building such a powerful tool.
Updated: 2025-12-05GitHub
0
0
Low Cost

mcp-demo-server

by MomentaryChen

Sec9

A demo server demonstrating basic real-time communication using the @mcp-socket/server library, sending welcome and 'Ping!' messages to connected clients.

Setup Requirements

  • ⚠️Requires Node.js and npm/yarn
  • ⚠️TypeScript project requires compilation (npm run build) before running the start command.
Verified SafeView Analysis
The code is simple and demonstrates basic server functionality without complex user input processing, 'eval' usage, or hardcoded secrets. It listens on port 8080 as expected for a server and primarily logs messages and sends fixed strings.
Updated: 2025-11-27GitHub
0
0
Medium Cost

ssh-mcp-streamable

by Xxx00xxX33

Sec3

Establishes a multi-channel, streamable communication server over SSH, enabling secure and multiplexed data transfer.

Setup Requirements

  • ⚠️Requires SSH host key pair generation and configuration.
  • ⚠️Requires a specific network port (e.g., 22, 2222) to be open and accessible.
  • ⚠️Likely depends on specific Node.js modules for SSH handling (e.g., 'ssh2').
Review RequiredView Analysis
Without the actual source code, a definitive security audit is impossible. However, the project name 'ssh-mcp-streamable' indicates it likely implements or wraps an SSH server. SSH servers, by their nature, handle external, untrusted input and often involve executing commands or managing file descriptors. This makes them inherently high-risk components if not implemented with extreme care, requiring robust input validation and sanitization. Common vulnerabilities include command injection, improper authentication/authorization, denial-of-service, and mishandling of data streams. The absence of a README further increases the risk as no best practices or security considerations are documented. The potential for 'eval' or similar dangerous patterns is high in custom server implementations if not carefully managed. Given these inherent risks and the lack of inspectable code, a low security score is assigned.
Updated: 2025-11-25GitHub
0
0
Low Cost
wenzhuo4657 icon

NotifierBot

by wenzhuo4657

Sec8

This microservice provides dynamic real-time notification to third-party platforms (e.g., Telegram Bot, Gmail) based on incoming text, notification type, and validation parameters.

Setup Requirements

  • ⚠️Requires Redis or Valkey for distributed caching and QPS limiting; `HOST1` environment variable must be set for the cache host.
  • ⚠️Requires Telegram Bot Token (environment variable `tgBot`) for Telegram notifications.
  • ⚠️Requires Gmail App Password (environment variable `GMAIL_PASSWORD`) for Gmail notifications.
Verified SafeView Analysis
The application handles sensitive credentials (Telegram bot tokens, Gmail passwords) via environment variables, which is good practice. Lua scripts are loaded from class path resources and executed via SHA1, which minimizes direct script injection risks. However, the `CorsConfig` allows `*` for origins, methods, and headers, which is a very broad policy and might pose a security risk in a production environment if not carefully managed or if sensitive data were involved. For a public-facing notification API, this might be acceptable, but it should be noted.
Updated: 2025-11-28GitHub
0
0
Medium Cost
RITVIKKAMASETTY icon

mcp_servers_clients

by RITVIKKAMASETTY

Sec4

A React frontend interacts with a FastAPI backend, which acts as an AI agent (powered by Groq) to route mathematical queries to a local FastMCP microservice.

Setup Requirements

  • ⚠️Requires Groq API Key (paid service)
  • ⚠️Requires Python dependencies (FastAPI, uvicorn, groq, fastmcp)
  • ⚠️Requires Node.js/npm for the React frontend development server
Review RequiredView Analysis
The backend server uses CORSMiddleware with `allow_origins=["*"]`, which permits requests from any origin, posing a security risk if deployed publicly. Additionally, `uvicorn.run` binds to `host="0.0.0.0"`, making it accessible on all network interfaces, which is dangerous without proper network segmentation or firewall rules in a production environment. The Groq API key is a required, sensitive credential that should be loaded from an environment variable for security, rather than being a blank placeholder in the source code.
Updated: 2025-11-22GitHub
0
0
Low Cost
jxcks48 icon

mcp-server-ch5

by jxcks48

Sec9

This server demonstrates a basic Model Context Protocol (MCP) server exposing simple utility tools (greeting, arithmetic, server info) over standard I/O (stdio).

Setup Requirements

  • ⚠️Requires the 'mcp' Python library to be installed (e.g., via pip).
  • ⚠️Requires Node.js and npm to install the MCP Inspector (`npm install -g @modelcontextprotocol/inspector`) to view in the inspector.
Verified SafeView Analysis
The provided source code is simple and defines pure functions as tools. It does not contain direct security vulnerabilities like 'eval', 'exec', hardcoded credentials, or direct shell command execution. The communication via stdio inherently relies on the security of the parent process and overall system environment. No external network connections are initiated by the server itself beyond the stdio interface.
Updated: 2025-11-28GitHub
0
0
Medium Cost
LLMTooling icon
Sec9

Enables LLMs to send messages and rich embeds to Discord via webhooks for notifications, monitoring, and integrations.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️Requires a Discord webhook URL to be set as an environment variable (DISCORD_WEBHOOK_URL).
Verified SafeView Analysis
The server correctly leverages environment variables for sensitive data (Discord Webhook URL), a best practice for secret management. Comprehensive input validation is implemented across all tool functions (`send_message`, `send_embed`, `send_embed_with_fields`) and the `EmbedBuilder`, preventing common issues like oversized messages/embeds and malformed data. The webhook URL itself is validated for format. No 'eval' or other directly exploitable malicious patterns were identified in the provided source code. The primary external interaction is with the Discord API, a known and generally secure platform.
Updated: 2025-12-01GitHub
PreviousPage 2 of 6Next