Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

38
4
Medium Cost
levino icon
Sec9

Semantic search engine for public documents of Nordstemmen municipality, integrated with AI platforms via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js 18+ and Python 3.11+ for different components.
  • ⚠️Requires external API keys for Jina AI (for query embeddings) and Qdrant (vector database).
  • ⚠️Requires Backblaze B2 credentials for PDF file hosting, necessitating an active B2 bucket and application key.
  • ⚠️Initial setup involves `git lfs pull` to download PDF documents and a potentially complex Python environment setup, including system-level Tesseract OCR for scanned PDFs.
Verified SafeView Analysis
Sensitive API keys (Jina AI, Qdrant, Backblaze B2) are correctly loaded from environment variables, preventing hardcoded secrets. Error responses are explicitly sanitized in production environments to avoid leaking internal details. All external API calls are to expected services (Jina AI, Qdrant, Backblaze B2) essential for the application's core functionality, which are assumed to be secure endpoints. No 'eval' or obfuscation is present in the provided code.
Updated: 2025-12-02GitHub
38
201
Medium Cost
delorenj icon
Sec8

This server provides tools for interacting with Trello boards, enabling automation of project management, task management, and reporting workflows.

Setup Requirements

  • ⚠️Requires Trello API Key (Free, but needs setup)
  • ⚠️Requires Trello Token (Free, but needs generation)
  • ⚠️Bun runtime recommended for optimal performance (Node.js fallback for npx/npm)
Verified SafeView Analysis
The server uses environment variables for sensitive API keys and tokens, avoiding hardcoded secrets. Input validation is handled via Zod schemas before API calls, mitigating common injection risks. File attachment logic includes checks for local file paths, which is a sensitive area, but the implementation aims to limit risks. There is no direct use of 'eval' or other easily exploitable patterns observed.
Updated: 2025-12-18GitHub
38
23
Low Cost
cqfn icon
Sec2

Provides static code analysis feedback (most critical design issue) to AI agents for Java code refactoring via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js 18+ and Npm for server execution.
  • ⚠️Requires Python and Pip for the Aibolit static analyzer.
  • ⚠️Requires the `aibolit` Python package (version 1.3.0 or newer) to be installed and accessible in the system PATH.
Review RequiredView Analysis
The server uses `execSync` to run `aibolit` (a Python tool). The `path` variable, which is a user-provided argument from the AI agent, is directly interpolated into the shell command string (e.g., `python3 -m aibolit check --full --filenames ${path}`). This creates a command injection vulnerability, allowing an attacker to execute arbitrary shell commands by crafting a malicious file path.
Updated: 2026-01-07GitHub
38
1
High Cost
Helms-AI icon

rpg

by Helms-AI

Sec3

A markdown-driven multi-language code generation tool that translates natural language specifications into idiomatic code across multiple programming languages, exposed as an MCP server for AI agents.

Setup Requirements

  • ⚠️Requires Go 1.21+ to build and run.
  • ⚠️Requires an MCP-compatible AI client (e.g., Claude Code, Cursor, VS Code Continue) for interaction.
  • ⚠️Requires Git installed for `import_spec_from_github` functionality.
  • ⚠️Requires specific language toolchains (e.g., Java JDK, Rust toolchain, Python interpreter, .NET SDK, TypeScript compiler) installed for deep analysis (`deep_analyze_source`) and generation in those respective languages.
  • ⚠️GitHub Personal Access Token (PAT) required via `GITHUB_TOKEN` environment variable or tool parameter for private repository imports.
Review RequiredView Analysis
The server includes tools like `import_spec_from_github` and `import_spec_from_source` which clone or analyze external source code. The `internal/importer/semantic/subprocess_analyzer.go` explicitly shows execution of external language toolchains (e.g., `javac`, `dotnet`, `python`, `rustc`, `tsc`) on this potentially untrusted code. This poses a significant Remote Code Execution (RCE) risk if malicious code is introduced via an imported repository or local source, especially if build scripts are also processed without strict sandboxing. No obvious hardcoded secrets or 'eval' of untrusted strings are found in the truncated Go source, but the direct execution of external compilers/interpreters on arbitrary project files is a critical vulnerability.
Updated: 2026-01-19GitHub
38
12
Low Cost
Cris-0k icon
Sec8

This server acts as a template for building Model Context Protocol (MCP) servers in Python, specifically demonstrating how to expose weather-related tools (get_alerts, get_forecast) by integrating with an external API (National Weather Service) to provide context and actions for AI models.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Dependencies (httpx, mcp, starlette, uvicorn) must be installed; 'uv' is recommended for dependency management.
  • ⚠️External API calls to 'api.weather.gov' are subject to external service availability, rate limits, and network connectivity issues.
  • ⚠️To integrate with Claude Desktop, specific configuration in 'claude_desktop_config.json' is needed, including absolute paths to the server script.
Verified SafeView Analysis
The server interacts with an external API (api.weather.gov). While 'httpx' is generally safe for making HTTP calls, any external interaction always carries inherent risks (e.g., API compromise, data integrity). The input parameters for tools (state, latitude, longitude) are expected to be validated by the FastMCP framework's type hinting, mitigating basic injection risks. There are no 'eval' or direct 'subprocess.run' calls without sanitization. No hardcoded sensitive API keys are present for this specific weather API (which is public). The use of 'request._send' in 'create_starlette_app' is a private API access in Starlette, which is not a security vulnerability but can lead to fragility.
Updated: 2025-12-15GitHub
38
1
Low Cost
GitHub30 icon

whois-mcp-server

by GitHub30

Sec9

Provides WHOIS lookup capabilities for IP addresses and domain names via a Model Context Protocol (MCP) server.

Verified SafeView Analysis
The code directly wraps standard Python WHOIS libraries (ipwhois, whoisit). There are no 'eval' or similar dangerous functions. No hardcoded secrets are visible. The inherent nature of a WHOIS server involves making external network requests, which these libraries handle. The risk is primarily tied to the security of the underlying WHOIS libraries and the data they retrieve, rather than malicious code within this server itself.
Updated: 2025-11-28GitHub
38
9
Medium Cost
CiscoDevNet icon
Sec9

Enables AI models to interact with Cisco RADKit-managed network devices via MCP tools for inventory, command execution, and SNMP operations.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires an active Cisco RADKit service and at least one onboarded user with appropriate privileges.
  • ⚠️Requires pre-configuration of RADKit credentials either as local certificate files or base64-encoded environment variables (assisted by provided onboarding scripts).
Verified SafeView Analysis
The server handles sensitive credentials (certificates, private keys, passwords) via environment variables or local files, with explicit cleanup of temporary files. Command execution is passed to the RADKit service, which is expected to handle RBAC. There are no obvious 'eval' or malicious code patterns. The default binding to '0.0.0.0' for network transports (SSE/HTTPS) is common but requires careful firewall configuration in production environments.
Updated: 2026-01-12GitHub
38
2
Medium Cost
scalalang2 icon

upbit-mcp-server

by scalalang2

Sec9

This server acts as an API gateway for the Upbit cryptocurrency exchange, allowing users to manage accounts, fetch market data, and perform technical analysis.

Setup Requirements

  • ⚠️Requires Upbit API Access Key and Secret Key.
  • ⚠️Requires Go runtime environment to build and run the executable.
Verified SafeView Analysis
The server reads Upbit API keys from environment variables (UPBIT_ACCESS_KEY, UPBIT_SECRET_KEY), which is a good security practice. JWT tokens are generated using standard HMAC SHA256 and SHA512 hashing for API authentication. There are no apparent uses of `eval`, obfuscation, or direct command injection vulnerabilities in the provided source code. Network requests are handled through a standard HTTP client. Overall, the implementation appears robust, with safety relying heavily on the user's secure handling of their API keys.
Updated: 2025-12-13GitHub
38
10
Medium Cost
mslavov icon
Sec9

A production-ready Cloud Run service that executes Claude Code tasks in isolated jobs, enabling AI-driven code analysis, development, and automation with secure credential handling and post-execution actions.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with billing enabled and the `gcloud` CLI installed/configured.
  • ⚠️Demands extensive Google Cloud resource setup including a GCS bucket, Cloud KMS Key Ring and Key, and a Cloud Run Job. This involves specific IAM role grants for both the API service and the job worker.
  • ⚠️Requires obtaining an Anthropic API Key or OAuth Token, which must be passed in each request's JSON payload (not as environment variables for the service itself).
Verified SafeView Analysis
The server exhibits strong security practices by offloading all task execution to isolated Cloud Run Jobs. It employs Google Cloud KMS for envelope encryption of sensitive task payloads (API keys, SSH keys, environment variables) at rest in GCS. A local proxy intercepts Claude API calls, injecting real credentials only at the outbound request, preventing the Claude CLI subprocess from direct access to sensitive tokens. Ephemeral workspaces with strict file permissions are created per request and automatically cleaned up. Webhook callbacks are secured with HMAC-SHA256 signatures. The use of `execSync` for `preExecutionCommands` is a powerful primitive, but it operates within the Cloud Run Job's sandbox, and the server itself does not use `eval` or similar patterns directly on user input. The overall design prioritizes credential isolation and secure execution.
Updated: 2026-01-19GitHub
38
13
Medium Cost
SNYCFIRE-CORE icon

letta-mcp-server

by SNYCFIRE-CORE

Sec9

Universal MCP server to bridge any AI client (e.g., Claude, GitHub Copilot, Cursor) with Letta.ai's powerful stateful agents, enabling seamless interaction and tool orchestration.

Setup Requirements

  • ⚠️Requires a Letta API Key (typically associated with a paid service) for interaction with Letta Cloud.
  • ⚠️Requires Python 3.10 or newer.
  • ⚠️Full integration and performance testing often requires network connectivity to api.letta.com and access to a pre-configured AXLE agent.
Verified SafeView Analysis
API keys are handled securely via environment variables or explicitly fetched from them when loaded from YAML, preventing hardcoding. Input validation (e.g., for agent IDs) and error formatting are in place to prevent common vulnerabilities and avoid leaking sensitive internal details. The project uses `httpx` with retry logic for robust and secure API communication. No `eval` or obvious obfuscation patterns were found, and a `SECURITY.md` outlines reporting procedures and best practices.
Updated: 2026-01-19GitHub
38
12
Medium Cost
StuMason icon
Sec9

Integrate with and manage resources, applications, services, databases, and deployments on a Coolify platform via a standardized Model Context Protocol (MCP) interface.

Setup Requirements

  • ⚠️Requires a Coolify API Access Token to be set as the `COOLIFY_ACCESS_TOKEN` environment variable.
  • ⚠️Requires the base URL of your Coolify instance to be set as the `COOLIFY_BASE_URL` environment variable.
  • ⚠️Requires specific configuration in a `claude_desktop_config.json` file to correctly integrate with the Model Context Protocol environment.
Verified SafeView Analysis
The server securely handles sensitive information by requiring `COOLIFY_ACCESS_TOKEN` and `COOLIFY_BASE_URL` as environment variables, preventing hardcoded secrets. Input parameters for API calls are validated using Zod schemas, which helps mitigate common injection vulnerabilities. All external communication is performed using standard `fetch` requests, and no usage of `eval` or other potentially dangerous functions was found. The error handling for external API calls is present. The server functions as a proxy, forwarding requests to a user-configured Coolify API.
Updated: 2026-01-17GitHub
38
1
Low Cost
SamMorrowDrums icon

mcp-conformance-action

by SamMorrowDrums

Sec5

A GitHub Action for detecting changes to Model Context Protocol (MCP) server public interfaces by comparing API responses between branches.

Setup Requirements

  • ⚠️Requires `fetch-depth: 0` in the `actions/checkout` step to ensure full Git history for baseline comparison.
  • ⚠️The MCP server being tested must be runnable and bind to an accessible address (e.g., `0.0.0.0` or `127.0.0.1` for HTTP transport) within the GitHub Actions runner environment.
  • ⚠️If using a `start_command` for HTTP transport, `startup_wait_ms` or `pre_test_wait_ms` may need to be adjusted if the server takes longer to start.
Verified SafeView Analysis
This project is a GitHub Action designed to execute user-provided shell commands for installing, building, and starting an MCP server for testing. The commands (`install_command`, `build_command`, `start_command`, `pre_test_command`, `post_test_command`, `http_start_command`) are executed using `sh -c` or `spawn` without explicit input sanitization within the action's source code. This introduces a command injection vulnerability if the inputs to the action (e.g., from a pull request by an untrusted user) contain malicious shell commands. While this is a common pattern for GitHub Actions that run user scripts, it means the security depends entirely on the trustworthiness of the workflow definition and its inputs, rather than the action itself providing safeguards. It is not an MCP server itself, but a tool for testing them.
Updated: 2026-01-18GitHub
PreviousPage 107 of 713Next