Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

37
12
Low Cost
padmarajnidagundi icon

Cypress-POM-Ready-To-Use

by padmarajnidagundi

Sec8

This repository provides a production-ready Cypress automation framework for UI, API, accessibility, and visual regression testing, and it can expose its testing templates and documentation via the Model Context Protocol (MCP) as a filesystem server for AI assistants.

Setup Requirements

  • ⚠️Requires Node.js 18.x+ and npm 8.x+.
  • ⚠️Running ChatGPT API tests (cypress/e2e/api/chatgpt/chatCompletion.cy.js) requires an OpenAI API Key, which is a paid service.
  • ⚠️To use it as an MCP server, you'd need to install `@modelcontextprotocol/server-filesystem` and configure an MCP client.
Verified SafeView Analysis
The framework itself is a client-side testing tool; its primary security considerations are related to network requests made during tests. Hardcoded test credentials for a demo site are present in some test files, which is a minor security anti-pattern. When acting as an MCP server, it serves static Markdown files from a specified directory, posing a low inherent risk. No 'eval' or malicious obfuscation is detected. OpenAI API keys are correctly managed via environment variables.
Updated: 2026-01-17GitHub
37
9
Low Cost
kirbah icon

mcp-youtube

by kirbah

Sec9

Empowers AI language models to retrieve token-optimized, structured YouTube data for video search, detail retrieval, transcript fetching, channel analysis, and trend discovery.

Setup Requirements

  • ⚠️Requires a YouTube Data API v3 Key (usage is subject to Google's daily quota).
  • ⚠️The 'findConsistentOutlierChannels' tool requires a MongoDB connection string (`MDB_MCP_CONNECTION_STRING`) and hardcodes the database name to 'youtube_niche_analysis'.
  • ⚠️Requires Node.js version `>=20.0.0`.
Verified SafeView Analysis
The server demonstrates strong security practices including explicit use of environment variables for sensitive API keys and connection strings (`YOUTUBE_API_KEY`, `MDB_MCP_CONNECTION_STRING`). Robust input validation using Zod schemas is applied to all tool parameters, mitigating common injection risks. External network interactions are confined to legitimate services (YouTube Data API, MongoDB, youtube-caption-extractor) essential for its functionality. There are no indications of code obfuscation or use of `eval`.
Updated: 2026-01-16GitHub
37
4
Medium Cost
ShunsukeHayashi icon

miyabi-mcp-bundle

by ShunsukeHayashi

Sec9

An all-in-one MCP server providing a vast array of development, monitoring, and automation tools, enabling Claude Desktop and AI agents to perform complex software development, operations, and analysis tasks efficiently and securely.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️Full functionality requires various external CLI tools (e.g., git, tmux, docker, kubectl, sqlite3, psql, mysql, openssl, curl, nc) to be installed and in the system's PATH.
  • ⚠️GitHub API Key (`GITHUB_TOKEN`) is highly recommended; without it, GitHub integration will be severely limited or non-functional. `MIYABI_REPO_PATH` defaults to `process.cwd()`, but for specific project contexts, it often needs explicit configuration.
Verified SafeView Analysis
The project demonstrates a strong commitment to security, implementing dedicated utilities for input sanitization (`sanitizeShellArg`), path traversal protection (`sanitizePath`), hostname validation (`isValidHostname`), and PID validation (`isValidPid`). It explicitly handles common vulnerabilities and documents its security posture. Shell command execution (`execAsync`) is central but is consistently wrapped with robust input filtering. A minor concern is a hardcoded default for `PUSHCUT_API_KEY`, but it's an optional feature and is likely intended to be overridden by environment variables.
Updated: 2026-01-12GitHub
37
14
Medium Cost
Wael-Rd icon

gns3-mcp-server

by Wael-Rd

Sec7

Enables AI assistants to programmatically create, manage, and simulate network topologies within GNS3.

Setup Requirements

  • ⚠️Requires a running GNS3 server, by default on http://localhost:3080.
  • ⚠️Requires GNS3 device templates (e.g., routers, switches, VPCS) to be installed in GNS3 for full functionality.
  • ⚠️The `run.sh` script utilizes `uv` for virtual environment and dependency management; ensure `uv` is installed or modify the script to use `pip`.
Verified SafeView Analysis
The server's core functionality involves sending CLI commands to simulated network devices via Telnet. While this is the intended purpose for network automation, a malicious AI could potentially inject harmful commands into the simulated environment. The underlying API client (httpx) and Telnet client (socket) are standard. No hardcoded sensitive credentials or direct code execution vulnerabilities on the host system were identified. Telnet itself is an unencrypted protocol, which is a known characteristic for console access in many lab environments.
Updated: 2026-01-06GitHub
37
6
High Cost
molaco icon

rust-code-mcp

by molaco

Sec9

Semantic code search, navigation, and analysis for Rust codebases, integrating with an MCP client.

Setup Requirements

  • ⚠️Requires an NVIDIA GPU (Maxwell or newer) with CUDA 12.x and cuDNN 9.x for GPU-accelerated embeddings, otherwise performance will be significantly slower.
  • ⚠️Requires careful configuration of `LD_LIBRARY_PATH` for CUDA to function correctly when the server is spawned by an MCP client, or use the provided Nix flake for automated setup.
  • ⚠️The `fastembed` crate (via `ort`) will download ONNX Runtime binaries and embedding models (~80MB for all-MiniLM-L6-v2) to `~/.cache/ort.pyke.io/` on first run, requiring internet access and disk space.
Verified SafeView Analysis
The project demonstrates strong security awareness by implementing a `SecretsScanner` and `SensitiveFileFilter` to prevent sensitive data (e.g., API keys, private keys, .env files) from being indexed. Communication uses `stdio` transport, which is local and minimizes network attack surface. While Rust itself provides memory safety, `fastembed` (via the `ort` crate) relies on ONNX Runtime, which may involve FFI and C/C++ code where memory safety isn't guaranteed by Rust, but this is an external, widely-used dependency.
Updated: 2026-01-09GitHub
37
8
Medium Cost
hugoduncan icon

mcp-tasks

by hugoduncan

Sec7

Manages development tasks and workflows for AI agents using the Model Context Protocol (MCP), enabling persistent planning, category-based organization, and story-based development.

Setup Requirements

  • ⚠️Requires Clojure CLI tools for installation via git dependency method (Windows users must use this method).
  • ⚠️Requires `curl` or `wget` for binary installation via the `install` script (Linux/macOS only).
  • ⚠️Native Windows binaries are not available due to file locking complexities.
  • ⚠️Binary installation to `/usr/local/bin` via the `install` script may require `sudo`.
Verified SafeView Analysis
The system involves downloading and executing pre-built native binaries from GitHub releases (via `curl`/`wget` scripts) and installing them to system-wide paths (potentially requiring `sudo`). This introduces a supply chain risk if the GitHub repository or release artifacts are compromised. Automatic execution of these scripts via Claude Code SessionStart hooks further amplifies this risk. The system heavily relies on external command execution (`git`, `clojure`, `bb`) for core functionality like version control and task management, which should be auditable. Input validation is present via Malli schemas. No obvious `eval` of arbitrary user input or intentional obfuscation was found in the Clojure source.
Updated: 2026-01-16GitHub
37
9
Medium Cost
RohanAnandPandit icon

trading212-mcp-server

by RohanAnandPandit

Sec9

This server provides a Model Context Protocol (MCP) interface for seamless data connectivity and advanced interaction capabilities with the Trading212 trading platform.

Setup Requirements

  • ⚠️Requires Trading212 API Key (TRADING212_API_KEY environment variable).
  • ⚠️Requires Python >= 3.11.
  • ⚠️Environment variable 'ENVIRONMENT' must be set to 'demo' or 'live' depending on the API key type.
Verified SafeView Analysis
The server primarily uses `os.getenv` for sensitive information like API keys, which is a good security practice. HTTP requests are handled by `httpx` with `hishel` for caching, standard and generally safe libraries. No 'eval' or direct un-sanitized shell command execution is observed. A minor concern is the generic `Exception` raised on HTTP errors in `_make_requests`, which might expose internal error details, though this is less critical in an MCP server context than a public API.
Updated: 2025-11-29GitHub
37
6
Medium Cost
EstebanForge icon

mcp-cli-ent

by EstebanForge

Sec6

Orchestrates Model Context Protocol (MCP) servers and their tools on-demand for AI agents, without loading tool definitions directly into the agent's context window.

Setup Requirements

  • ⚠️Requires Go 1.21+ for building from source.
  • ⚠️Requires Node.js and npx for most default MCP servers (e.g., chrome-devtools, context7, brave-search).
  • ⚠️Requires various API keys (e.g., ENT_CONTEXT7_API_KEY, ENT_BRAVE_API_KEY, ENT_OPENAI_API_KEY, ENT_ANTHROPIC_API_KEY) set as environment variables for specific servers.
Verified SafeView Analysis
The primary security consideration is that mcp-cli-ent's core function is to execute external commands (e.g., 'npx') as defined in user-editable configuration files (`mcp_servers.json`). If this configuration file is compromised or contains malicious command definitions, mcp-cli-ent will execute arbitrary code on the local system. The default `mcp_servers.example.json` utilizes `npx` to fetch and run `@latest` versions of external MCP servers (e.g., `chrome-devtools-mcp@latest`), introducing a supply-chain risk if these upstream npm packages are compromised. However, the Go source code itself does not contain obvious vulnerabilities like 'eval' or direct shell injection when constructing commands via `os/exec.CommandContext`, and environment variable substitution is handled safely with regular expressions. The daemon functionality is designed to run locally (localhost or Unix socket), limiting direct network exposure.
Updated: 2026-01-19GitHub
37
6
Low Cost
stacklok icon
Sec8

A UI for interacting with AI models via OpenRouter and managing/utilizing MCP (Model Context Protocol) servers and their tools from a centralized catalog.

Setup Requirements

  • ⚠️Requires an OpenRouter API Key for AI model access (can be a paid service).
  • ⚠️Requires configuration with a real OIDC provider (e.g., Okta, Keycloak, Auth0) for production. Local development uses a simple mock OIDC provider.
  • ⚠️Relies on external MCP servers to be running and accessible for tool integration.
Verified SafeView Analysis
The application leverages external OIDC providers and OpenRouter for AI models. It connects to external MCP servers, which could pose a risk if server URLs or tools are not properly validated/trusted from the configured catalog. However, the provided code demonstrates standard security practices for token management (JWE, HTTP-only cookies, auto-refresh), environment variable usage for secrets, and uses a trusted authentication library ('better-auth'). Clear warnings are given for development secrets.
Updated: 2026-01-19GitHub
36
7
Low Cost
iOSDevSK icon
Sec8

Connects WordPress and WooCommerce to AI systems via Model Context Protocol, enabling AI agents to query and manage e-commerce data (products, orders, categories, shipping, payments, taxes) and content (posts, pages).

Setup Requirements

  • ⚠️Requires a running WordPress 6.4+ and PHP 8.0+ installation.
  • ⚠️WooCommerce must be active for the e-commerce-specific tools to function.
  • ⚠️WordPress Permalinks should be set to 'Post name' for proper product link generation.
  • ⚠️For Claude Desktop integration, JWT authentication must be explicitly disabled in plugin settings, and a local Node.js or PHP proxy needs to be run, which then forwards requests to the WordPress API.
Verified SafeView Analysis
The plugin prioritizes read-only operations for most exposed WordPress/WooCommerce data, with dangerous write functionalities largely removed or disabled by default. It leverages WordPress's REST API, which incorporates native sanitization and authentication. Input validation is implemented via `ToolValidator` and `SchemaValidator`. Authentication relies on JWT or standard WordPress cookies, with granular permission checks. The option to disable JWT authentication allows a 'read-only without authentication' mode specifically for local proxy integrations (e.g., Claude Desktop), which is an explicit, administrator-opt-in trade-off for convenience in a controlled environment. The `McpRestApiCrud` tool, which could expose any GET REST API endpoint, is hardcoded to be disabled by default, significantly reducing potential unintended data exposure. CORS is configured with `Access-Control-Allow-Origin: *` for the Streamable endpoint, requiring clients to manage their own authentication securely.
Updated: 2025-12-05GitHub
36
7
Low Cost
mtrudel icon

excom

by mtrudel

Sec2

Provides an MCP (Model Context Protocol) server implemented in Elixir.

Setup Requirements

  • ⚠️The project is described as 'Extremely WiP' (Work in Progress), indicating potential instability and incomplete features.
  • ⚠️Usage instructions are marked as 'WiP' and are not provided, making initial setup and operation difficult for users.
  • ⚠️Requires an Elixir development environment to build and run.
  • ⚠️As an MCP server, it will likely require understanding and potential integration with external models or tools conforming to the Model Context Protocol, the setup of which is not detailed.
Review RequiredView Analysis
A meaningful security audit cannot be performed as no server source code was provided, only README and CHANGELOG files. Therefore, it's impossible to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns within the server's actual implementation.
Updated: 2026-01-12GitHub
36
103
Medium Cost
sdcb icon
Sec9

A high-performance and secure online platform for executing C# code in isolated Docker containers, supporting both HTTP and Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for deployment.
  • ⚠️Requires an open network port (5050 by default) on the host machine.
  • ⚠️Local development requires .NET SDK installed.
Verified SafeView Analysis
The system employs a robust Host-Worker architecture with Docker container isolation for untrusted code execution. Key security features include resource limits (CPU, memory, PIDs), network isolation for worker containers, and automatic worker recycling after a configurable number of runs to maintain a clean environment. No obvious hardcoded secrets or malicious patterns were found in the provided configuration files.
Updated: 2025-12-18GitHub
PreviousPage 115 of 713Next