Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7)

32
2
Medium Cost
uddhav icon
Sec9

A Cloudflare Workers-based MCP server providing 28 advanced lateral thinking techniques, AI-powered idea enhancement, and deep path-dependent analysis for creative problem-solving.

Setup Requirements

  • ⚠️Requires a Cloudflare account and the Wrangler CLI for deployment.
  • ⚠️Manual setup of Cloudflare KV namespaces ('sessions', 'oauth') and subsequent update of 'wrangler.toml' with their IDs is required.
  • ⚠️Mandatory Cloudflare secrets for production: AUTH_USERNAME, AUTH_API_KEY, OAUTH_CLIENT_SECRET, and DEBUG_TOKEN.
  • ⚠️Requires Node.js 18+ to run locally or for deployment preparation.
Verified SafeView Analysis
Authentication is robust, supporting OAuth 2.0 and API keys. Deployment on Cloudflare Workers provides inherent isolation. The system implements rate limiting, input validation, and security middleware. Explicit warnings against hardcoding production secrets are present in the README. No instances of 'eval' or obvious malicious patterns were detected in the provided source code.
Updated: 2025-12-06GitHub
31
1
Low Cost
DocHatty14 icon
Sec9

Augments LLM capabilities for non-linear, associative thinking to enhance creative problem-solving, brainstorming, and divergent exploration of concepts.

Setup Requirements

  • ⚠️Requires Node.js and npm/npx to run.
  • ⚠️Designed to be integrated with an MCP-compatible LLM client (e.g., Claude Desktop, VS Code extension) via standard I/O (stdin/stdout), rather than being a standalone web service.
Verified SafeView Analysis
The server primarily uses stdio for communication as configured, limiting direct network exposure. Its core logic involves string processing and state management, without apparent use of 'eval' or other direct code execution vulnerabilities from user input. Dependencies include standard web frameworks (express) via the MCP SDK, but this specific server is configured for stdio. No hardcoded secrets were found.
Updated: 2025-12-09GitHub
31
1
Low Cost
DocHatty icon
Sec9

This server enables LLMs to engage in non-linear, associative thinking for enhanced creativity and problem-solving by providing tools to explore conceptual space, detect cognitive stagnation, and foster unexpected connections.

Verified SafeView Analysis
The server's core logic in `lib.ts` focuses on string processing, stemming, and distance calculations, which are low-risk computational operations. It uses standard TypeScript and Node.js practices with no apparent use of `eval()` or direct execution of arbitrary user-provided code. Communication is primarily via standard I/O (stdio) as an MCP server, limiting direct network exposure from this application's code. Dependencies like `zod` and `@modelcontextprotocol/sdk` are standard; the SDK is responsible for handling the protocol, but this server does not add significant new attack vectors on its own.
Updated: 2025-12-09GitHub
0
0
Medium Cost
creativeprofit22 icon

mcp-servers

by creativeprofit22

Sec9

Generate and edit images using KIE.ai Seedream v4, with optional image management and storage via Cloudinary.

Setup Requirements

  • ⚠️Requires a KIE.ai API key, which is for a paid service.
  • ⚠️Cloudinary tools require a Cloudinary account and API credentials to be configured.
  • ⚠️Requires installation of Python dependencies (mcp, httpx, cloudinary) via pip.
Verified SafeView Analysis
The server loads sensitive API keys from environment variables, which is a good security practice. It utilizes standard Python libraries and httpx for network requests and file operations, avoiding direct shell commands or known dangerous functions like 'eval'. Image saving is directed to a configurable local directory. The Cloudinary client correctly uses provided credentials. Overall, the code is well-structured and demonstrates reasonable security considerations for its functionality.
Updated: 2025-11-26GitHub
0
0
Low Cost
pudurvenu icon

AI-NextGen

by pudurvenu

Sec1

Provides user-friendly desktop tools for creators to achieve clean results and enhance creative projects.

Setup Requirements

  • ⚠️The application is distributed as pre-compiled binaries (.exe/.dmg) within a ZIP file, with no visible source code for the actual application logic to inspect.
  • ⚠️Requires manual download and installation of an executable from a direct GitHub raw content link, bypassing typical release pages or package managers that might offer more verification.
Review RequiredView Analysis
The provided 'SOURCE CODE' for analysis is exclusively the README file. No actual executable source code for the application's functionality was supplied, making it impossible to perform a comprehensive security audit for potential risks such as 'eval' usage, obfuscation, network vulnerabilities, hardcoded secrets, or malicious patterns. The project instructs users to download and install a pre-compiled ZIP file containing an .exe or .dmg directly from a GitHub raw content link. Running unverified binaries without access to their source code for inspection poses a significant security risk, as their behavior cannot be audited. Therefore, the security score is critically low due to the inability to inspect the underlying application logic.
Updated: 2026-01-19GitHub
0
0
Low Cost
MarwahManan icon

mcp-server-yt

by MarwahManan

Sec1

To host and manage a custom Minecraft server, likely for YouTube content creation or community engagement.

Setup Requirements

  • ⚠️Requires Java Runtime Environment (JRE) to be installed.
  • ⚠️Requires specific network port forwarding (e.g., 25565) to be configured for external access.
  • ⚠️Potential for high RAM usage depending on player count and installed modifications.
Review RequiredView Analysis
Full source code for 'mcp-server-yt' was not provided for analysis. Therefore, a comprehensive security audit for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns could not be performed. Running unverified code carries significant risk as its behavior cannot be confirmed.
Updated: 2025-12-06GitHub
0
0
Low Cost
dmarsters icon
Sec9

An MCP server that translates jazz improvisation structure, particularly centered on Thelonious Monk's approach, into visual sensory parameters for enhancing AI image generation prompts.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires `fastmcp` and `pyyaml` Python packages.
Verified SafeView Analysis
Uses `yaml.safe_load` for configuration, mitigating YAML injection risks. No `eval`, `exec`, `subprocess`, or hardcoded credentials found. Input parameters are type-hinted and range-checked.
Updated: 2025-11-29GitHub