Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(157)

0
0
Low Cost
BlockSecCA icon

ubuntu-shell-mcp

by BlockSecCA

Sec8

Execute bash commands on a remote Ubuntu server from Claude Desktop via a persistent SSH connection.

Setup Requirements

  • ⚠️This repository is DEPRECATED and superseded by `generic-ssh-mcp`, meaning it will not receive further updates.
  • ⚠️Requires manual SSH key setup (generation and placement of public key on the Ubuntu server and explicit private key path on Windows).
  • ⚠️Does not support interactive commands, which are automatically detected and rejected.
  • ⚠️No persistent shell state; each command runs in a fresh bash environment.
Verified SafeView Analysis
The server (`server/index.js`) uses the well-vetted `ssh2` Node.js library for persistent SSH connections. Sensitive configuration (host, user, private key path) is provided by the user via arguments, not hardcoded. It includes a robust mechanism to detect and reject common interactive commands (e.g., `sudo` without arguments, `vim`, `top`, `python` without script files), which helps prevent hanging sessions and potential misuse. Direct command execution is its core function, and while this always carries inherent risk, the tool's design mitigates common pitfalls. The SSH client configuration in `server/index.js` does not disable host key checking, relying on standard SSH security practices. A significant vulnerability (`-o StrictHostKeyChecking=no`) was identified in an older, non-primary entry point (`ubuntu_server_js.js`), but this is not used by the current `2.0.0` version based on `package.json` and `manifest.json` configuration. Therefore, the security score reflects the active `server/index.js` implementation.
Updated: 2025-11-21GitHub
0
0
Medium Cost
M-Asan0 icon
Sec9

A minimal MCP server for Cursor to safely inspect project files and structure for the Coloraid project during debugging.

Setup Requirements

  • ⚠️Docker required for building and running the server image.
  • ⚠️Manual MCP configuration required in Cursor's `mcp.json` file and enabling in settings.
  • ⚠️Requires the host Coloraid project directory to be explicitly mounted into the Docker container.
  • ⚠️WSL integration is presented as the primary setup for Windows users, adding an extra layer of configuration.
Verified SafeView Analysis
The `_safe_join` function robustly prevents path traversal attacks by resolving paths and ensuring they remain strictly within the defined `PROJECT_ROOT`. Communication is via stdio, minimizing the network attack surface. File access is read-only within the mounted volume.
Updated: 2025-11-29GitHub
0
0
Low Cost
MontoyaAndres icon

anju

by MontoyaAndres

Sec8

A scalable API server for managing organizations and projects, designed for a 'no-code' platform, with user authentication and database interaction.

Setup Requirements

  • ⚠️Requires a PostgreSQL database connection string (DATABASE_URL).
  • ⚠️Requires various environment variables for authentication (JWT_SECRET, GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET) and API/web URLs.
  • ⚠️Cloudflare account and Wrangler CLI are required for deployment to Cloudflare Workers (production setup).
Verified SafeView Analysis
The server uses Zod for input validation, which helps prevent malformed requests. Authentication is handled by 'better-auth', configured with environment variables for secrets (JWT_SECRET, Google OAuth credentials). CORS is properly configured to whitelist trusted origins. Error handling returns generic messages to clients, preventing information leakage. Database operations using Drizzle ORM typically guard against SQL injection. No 'eval' or direct command execution vulnerabilities were identified in the truncated code. The use of external authentication and database tools (better-auth, Drizzle ORM) generally contributes to good security posture, assuming these libraries are free from critical vulnerabilities.
Updated: 2025-12-13GitHub
0
0
Low Cost
cocolizh icon

mcp-demo-repo

by cocolizh

Sec1

The specific use case cannot be determined as no source code was provided for analysis.

Review RequiredView Analysis
CRITICAL: No source code was provided for analysis, making a security audit impossible. Therefore, a security score of 1 is assigned as safety cannot be verified.
Updated: 2025-11-20GitHub
0
0
High Cost
bivex icon

ILSpy-Mcp

by bivex

Sec9

Provides .NET assembly decompilation and analysis capabilities to developer tools via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires .NET 8.0 SDK to build and run.
  • ⚠️Requires a compatible IDE (e.g., Cursor) with MCP support for full integration.
  • ⚠️Manual editing of the IDE's MCP configuration file (e.g., .cursor/mcp.json) is necessary for setup.
Verified SafeView Analysis
The server design emphasizes security: all operations are read-only, assembly paths and inputs are validated, operations are timeout-protected to prevent resource exhaustion, and error messages are sanitized to avoid leaking sensitive information. There are no indications of 'eval', obfuscation, hardcoded secrets, or malicious network patterns. It relies on environment variables or appsettings.json for configuration, allowing secrets to be managed externally.
Updated: 2025-12-08GitHub
0
0
Low Cost
aplaceforallmystuff icon

aplaceforallmystuff.github.io

by aplaceforallmystuff

Sec1

Unable to determine the specific use case as the source code was not provided for analysis.

Setup Requirements

  • ⚠️Source code missing, unable to identify specific setup requirements or friction points.
Review RequiredView Analysis
Source code was not provided in the prompt, rendering a security audit impossible. Without access to the code, it's impossible to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. Therefore, a security score of 1 is assigned as a default due to the unknown nature and inherent risk of running unanalyzed code. Cannot confirm if this project is safe to run.
Updated: 2025-12-01GitHub
0
0
Low Cost
pranavkrishna-sn icon

TESTING-FS

by pranavkrishna-sn

Sec9

A boilerplate or testing framework for building modular web applications with a FastAPI backend and React frontend.

Setup Requirements

  • ⚠️Requires a database (e.g., PostgreSQL, SQLite) for the SQLAlchemy backend models.
  • ⚠️Python environment with FastAPI and SQLAlchemy dependencies.
  • ⚠️Node.js environment with React dependencies. The main FastAPI application entry point ('main.py') and frontend 'package.json' are not provided, making setup and execution instructions incomplete.
Verified SafeView Analysis
No immediate critical vulnerabilities like 'eval' or hardcoded secrets found in the provided truncated code. The frontend uses 'https://api.example.com' as a placeholder for its API base URL.
Updated: 2025-11-27GitHub
0
0
Low Cost
LinkedInLearning icon
Sec10

This repository serves as course material for a LinkedIn Learning course, providing practical exercises and setup instructions for development practices, potentially including server-related topics, through the use of GitHub Codespaces.

Setup Requirements

  • ⚠️Requires installation of Chrome, Visual Studio Code (with GitHub Copilot), Node.js, and optionally Python to follow the course exercises.
  • ⚠️GitHub Copilot (mentioned as a requirement for VS Code) may require a separate subscription or account.
  • ⚠️Familiarity with Git and GitHub Codespaces is beneficial for navigating course branches and environments.
Verified SafeView Analysis
The provided 'SOURCE CODE' consists entirely of documentation (CONTRIBUTING.md, README.md) and instructions. There is no executable server application code to analyze for security vulnerabilities such as 'eval', obfuscation, network risks, or hardcoded secrets. The high security score reflects the safety of the documentation files themselves, not any potential server application that might be developed or used as part of the course exercises (which are not provided).
Updated: 2025-12-02GitHub
0
0
Low Cost
C45h888 icon

888.MCP

by C45h888

Sec9

High-speed Redis-based pub/sub message bus and central nervous system for an agentic trading system, handling market data, sentiment, and trading signals.

Setup Requirements

  • ⚠️Requires a running Redis instance for operation (local or external).
  • ⚠️An `MCP_API_KEY` is mandatory for all authenticated endpoints in production mode (`MCP_DEV=false`); API keys must be managed securely via provided admin endpoints.
  • ⚠️Full functionality for historical data archiving and retrieval (`/tool/retrieve`) depends on S3 configuration (`S3_DATA_BUCKET`, `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`). Without these, retrieval endpoints will return `501 Not Implemented`.
  • ⚠️The optional RAG endpoint (`/tool/search_rag`) requires specific environment variables (`VECTOR_DB_TYPE`, `VECTOR_DB_URL`, `VECTOR_DB_API_KEY`) to connect to an external vector database. It defaults to a mock engine for development.
Verified SafeView Analysis
The MCP Server demonstrates a robust security posture, incorporating multi-key API authentication with granular role-based access control (RBAC), SHA256 hashing for API keys, and triple-tier rate limiting (IP, per-key, and per-endpoint) to mitigate various attack vectors including DoS and brute force. Comprehensive input validation (Pydantic and JSON Schema) prevents data injection, and structured JSON logging with secret sanitization ensures no sensitive information is leaked. HTTPS enforcement (via Render.com), proper security headers, and least-privilege IAM policies for S3 (with encryption and versioning) further harden the system. A clearly defined development mode (`MCP_DEV=true`) bypasses authentication, but its use is explicitly flagged for non-production environments. Administrative endpoints for key management are strictly secured with admin-only permissions. The RAG endpoint (Phase 6) has been specifically remediated to comply with these strong security standards.
Updated: 2025-12-13GitHub
0
0
Low Cost
joecwales-outlawmindai icon

mcp-servers

by joecwales-outlawmindai

Sec1

Provides server implementations primarily for Minecraft-related development and modding activities.

Review RequiredView Analysis
Source code was not provided for analysis beyond the README title. Therefore, a comprehensive security audit could not be performed for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. The score reflects an inability to verify safety due to missing information.
Updated: 2025-12-03GitHub
0
0
Medium Cost
CeeArEx icon
Sec9

An autonomous Model Context Protocol (MCP) server designed for LLMs to build, debug, and maintain Rust projects, specifically architected to help LLMs create other MCP servers.

Setup Requirements

  • ⚠️Requires Rust and Cargo to be installed on the host system.
  • ⚠️Requires the 'rust-docs' component to be added via `rustup component add rust-docs` for full documentation search functionality.
  • ⚠️Requires an initialized Git repository in the working directory for `git_operations` to function.
  • ⚠️Client configuration needs an absolute path to the compiled `mcp-rust-builder` executable.
Verified SafeView Analysis
The server uses `std::process::Command` extensively to run `cargo` and `git` commands. Inputs to these commands are generally validated and constrained (e.g., specific project paths, crate names, predefined git operations, regex-validated error codes), limiting arbitrary command injection. Path arguments are explicitly converted to `PathBuf` and checked for existence. The `patch_file` tool operates with a first-match replacement and provides diagnostics for whitespace errors rather than full file overwrites, enhancing safety. 'cargo add' and 'cargo test' inherently involve network requests to crate registries, which is expected behavior for a Rust development agent. No direct use of 'eval' or hardcoded secrets found. The overall design prioritizes controlled execution within a development context.
Updated: 2025-11-25GitHub
0
0
Low Cost
LuluBeatson icon

mcp-test-repo-nov24

by LuluBeatson

Sec10

This repository serves as a test bed for an MCP server, designed to validate the functionality of 18 associated tools.

Verified SafeView Analysis
The provided source code consists only of a README.md file. This file contains no executable logic, sensitive information, or patterns like 'eval', obfuscation, or network calls. Therefore, no security risks are identifiable within the provided content. A comprehensive security audit of the actual MCP server or its tools would require their full source code, which is not provided.
Updated: 2025-11-24GitHub
PreviousPage 5 of 14Next