Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

36
8
Medium Cost
docdyhr icon
Sec9

Integrates Simplenote with Claude Desktop as a memory backend or content source via the Model Context Protocol (MCP), enabling AI interaction with user notes.

Setup Requirements

  • ⚠️Requires Simplenote account credentials (email and password).
  • ⚠️For non-Docker installs, Python 3.10+ is required.
  • ⚠️Running MCP evaluations (optional) requires an OpenAI API key (paid) and Node.js dependencies.
Verified SafeView Analysis
The project demonstrates a high commitment to security best practices, including multi-stage Docker builds, non-root user execution, read-only filesystems, and built-in health checks. CI/CD pipelines incorporate automated security scanning (Bandit, pip-audit, Trivy, Cosign, SBOM generation) and `scripts/security.py` validates inputs against common vulnerabilities. Environment variables are used for sensitive credentials, avoiding hardcoding. No 'eval' or similar dangerous patterns are apparent for user input.
Updated: 2026-01-19GitHub
36
3
Medium Cost
MiniMax-AI icon
Sec7

A specialized Model Context Protocol (MCP) server for MiniMax AI, providing web search and image analysis tools specifically tailored for coding development workflows.

Setup Requirements

  • ⚠️Requires a MiniMax API Key (a paid service).
  • ⚠️Requires the `uv` Python package manager to be installed.
  • ⚠️The `MINIMAX_API_HOST` environment variable must be regionally aligned with your `MINIMAX_API_KEY` to avoid 'invalid api key' errors.
  • ⚠️Windows users integrating with Claude Desktop must enable 'Developer Mode'.
  • ⚠️If 'uvx' command is not in your system's PATH, you may need to specify its absolute path in the MCP client configuration.
Verified SafeView Analysis
The `process_image_url` function can download images from arbitrary HTTP/HTTPS URLs or read from local file paths. If the server processes untrusted input for `image_source`, this could be a vector for Server-Side Request Forgery (SSRF) or resource exhaustion attacks, particularly if deployed in a multi-user or cloud environment. While the image content isn't directly executed, fetching arbitrary external data poses an indirect risk. No `eval` or direct code execution vulnerabilities are apparent, and API keys are handled securely via environment variables.
Updated: 2025-11-20GitHub
36
9
Low Cost
CorgiBoyG icon

mcp-server-weixin

by CorgiBoyG

Sec9

Provides a service for AI systems to send templated messages to WeChat public account users.

Setup Requirements

  • ⚠️Requires WeChat Public Account AppID, AppSecret, TemplateID, User OpenID, and Original ID.
  • ⚠️JDK 17+ and Maven 3.6+ required for local development/build.
  • ⚠️Mandatory configuration in `src/main/resources/application.yml` for WeChat API parameters.
Verified SafeView Analysis
The application follows good practices for handling sensitive information by externalizing configurations to `application.yml` for WeChat API credentials. It explicitly warns users against committing `AppSecret` to code repositories. Access tokens are properly cached with a 2-hour expiry. A hardcoded example access token exists in a test file, but it's for testing and immediately overwritten by a real token fetch, posing minimal risk. No 'eval' or malicious patterns were found. The Docker push script uses a local config file for credentials, which is good practice for CI/CD.
Updated: 2025-11-22GitHub
36
35
Medium Cost
infranodus icon
Sec4

Integrates InfraNodus knowledge graph and text network analysis capabilities into LLM workflows and AI assistants for generating knowledge graphs, detecting content gaps, identifying topics, and performing SEO analysis.

Setup Requirements

  • ⚠️Requires a (potentially paid) InfraNodus API Key to avoid rate limits and access full functionality.
  • ⚠️OAuth client registrations are stored in-memory and will not persist across server restarts, impacting client session stability.
  • ⚠️The HTTP server uses an OAuth2 authorization flow that may require a deeper understanding of OAuth for manual setup.
Review RequiredView Analysis
The server's JWT access tokens contain the InfraNodus API key directly in their unencrypted payload. While the token is signed, any compromise of the access token immediately exposes the API key, allowing unauthorized access to the InfraNodus API. OAuth client registrations are stored in-memory and will not persist across server restarts, which means clients would need to re-register after server restarts if relying on the registration endpoint. Extensive logging of request and response bodies may expose sensitive information in logs if not properly managed.
Updated: 2025-12-31GitHub
36
7
Medium Cost
binalyze icon

air-mcp

by binalyze

Sec9

A Node.js server implementing Model Context Protocol (MCP) for Binalyze AIR, enabling natural language interaction with AIR's digital forensics and incident response capabilities.

Setup Requirements

  • ⚠️Requires `AIR_HOST` environment variable to be set (URL of Binalyze AIR API).
  • ⚠️Requires `AIR_API_TOKEN` environment variable to be set (API token for Binalyze AIR, obtained from the console).
  • ⚠️Requires Node.js runtime (version 16 or higher).
Verified SafeView Analysis
The server uses environment variables for sensitive configurations like `AIR_API_TOKEN` and `AIR_HOST`. It employs `zod` for robust input validation on all tool arguments, significantly reducing risks from malformed inputs. Standard `axios` library is used for external API interactions. Error handling is present for API calls. No obvious malicious patterns or unsafe code execution (`eval`) were found.
Updated: 2025-12-02GitHub
36
5
High Cost
hp0912 icon
Sec2

This server acts as a Model Context Protocol (MCP) gateway, integrating various AI capabilities (image recognition, TTS, image/video generation, chat summarization, personality analysis) and WeChat-specific functions (song requests, emoji extraction, group management) for a WeChat robot.

Setup Requirements

  • ⚠️Requires a MySQL database for configuration storage and message history, with tenant databases created dynamically based on 'RobotCode'.
  • ⚠️Relies on external AI service providers (e.g., OpenAI, Doubao, Jimeng, GLM, Hunyuan) for AI capabilities, which will incur API usage costs.
  • ⚠️Assumes the existence of a separate 'WeChat client' component that this server communicates with via HTTP for sending messages.
Review RequiredView Analysis
CRITICAL vulnerability identified: The `buildDSNForRobot` function constructs a MySQL DSN using `robotCode` directly as the database name. If `robotCode` can be controlled or influenced by an attacker, this allows for database name injection, potentially enabling access to arbitrary databases on the MySQL server or causing denial of service by repeatedly attempting to connect to non-existent databases. Additionally, the server makes external HTTP requests to various AI service providers (e.g., OpenAI, Doubao, Jimeng, GLM, Hunyuan) and a music API (`api.cenguigui.cn`). While parameters are typically encoded, the reliability and security of these third-party services are external dependencies. AI API keys and other sensitive settings are stored in the database, requiring robust database security. No 'eval' or obvious obfuscation detected.
Updated: 2026-01-17GitHub
36
8
High Cost
SpaceFrontiers icon

mcp

by SpaceFrontiers

Sec9

This server acts as an interface to the Space Frontiers API, allowing language models to perform semantic search, resolve document identifiers, and retrieve filtered document content or metadata from various data sources.

Setup Requirements

  • ⚠️Requires Space Frontiers API Key for authentication (obtainable from https://spacefrontiers.org/developers/keys, likely paid).
  • ⚠️Requires Python version 3.10 or 3.11 (specified as '>=3.10,<4').
  • ⚠️Requires 'uv' for running and dependency management, with a specific Git source configured for the 'mcp' dependency.
Verified SafeView Analysis
The code appears well-structured, using `fastmcp` for the server and `spacefrontiers-clients` for API interaction. Input validation is handled via Pydantic annotations. Authentication relies on API keys passed via environment variables or request headers, which is standard practice. No `eval`, `exec`, or direct shell commands are observed. A minor note is that `pyproject.toml` points to a GitHub branch for a specific `mcp` dependency via `tool.uv.sources`, which, while not inherently insecure, implies a custom or non-PyPI source that would require further vetting in a high-security context. However, the core `fastmcp` dependency is from PyPI.
Updated: 2025-12-02GitHub
36
37
High Cost
PaddleHQ icon
Sec9

Provides LLMs and AI agents with tools for interacting with the Paddle Billing API to manage payments, subscriptions, and other billing-related entities.

Setup Requirements

  • ⚠️Requires a Paddle API Key (for sandbox or production environments).
  • ⚠️Requires an MCP-compatible client (e.g., Cursor, Claude Desktop, Windsurf) to function as a tool server for an LLM/AI agent.
  • ⚠️Node.js and pnpm (or npm/yarn) are needed for local development/installation.
Verified SafeView Analysis
The server implements robust parameter validation using Zod schemas for all incoming tool arguments, significantly reducing the risk of injection vulnerabilities. API keys are handled securely via environment variables or CLI arguments and are not hardcoded. The code primarily acts as a wrapper around the official Paddle Node.js SDK, and includes explicit warnings within prompts to LLMs regarding destructive or sensitive actions.
Updated: 2026-01-05GitHub
36
6
Low Cost
sysdiglabs icon

sysdig-mcp-server

by sysdiglabs

Sec7

Serves as a Model Context Protocol (MCP) server, enabling Large Language Models (LLMs) to query and interact with the Sysdig Secure platform for security events and Kubernetes metrics.

Setup Requirements

  • ⚠️Requires a Sysdig Secure API Token (paid service access).
  • ⚠️The `generate_sysql` tool does not work with Service Account tokens; a regular user API token is required for this specific tool.
  • ⚠️Explicit Sysdig API Permissions (`metrics-data.read`, `policy-events.read`, `risks.read`, `sage.exec`) must be configured for the API token used.
Verified SafeView Analysis
The server offers an option (`SYSDIG_MCP_API_SKIP_TLS_VERIFICATION=true`) to skip TLS verification, which, while useful for self-signed certificates in specific deployments (e.g., on-prem), introduces a significant security risk for Man-in-the-Middle (MITM) attacks if used improperly in production environments. The `generate_sysql` tool has a known limitation where it does not work with Service Account tokens and returns a 500 error, requiring a regular user API token instead. Tools dynamically filter based on user permissions, which is a strong positive security control. Direct SysQL execution is possible via `run_sysql`, and while SysQL is designed for secure querying, a robust prompt engineering or validation layer is crucial on the LLM side to prevent unintended data exposure or resource strain. No obvious hardcoded secrets or malicious patterns were found in the provided code snippet; API tokens are loaded from environment variables or HTTP headers, which is good practice.
Updated: 2025-12-09GitHub
36
45
Medium Cost
railsblueprint icon

blueprint-mcp

by railsblueprint

Sec7

Enable AI assistants and coding agents to control and automate real web browsers (Chrome, Firefox, Opera) through a browser extension, maintaining logged-in sessions and avoiding bot detection.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run the server.
  • ⚠️Requires a separate browser extension to be installed (Chrome Web Store, Firefox Add-ons, or manual install).
  • ⚠️Requires configuration within your MCP client (e.g., Claude Desktop, VS Code/Cursor) to specify the command and arguments.
  • ⚠️PRO features (cloud relay, multi-browser) require an OAuth login via `auth action='login'`.
Verified SafeView Analysis
The server's core functionality involves executing arbitrary JavaScript in the browser context (`Runtime.evaluate`) and performing privileged browser actions, which is inherently powerful and carries risk if the AI agent or MCP client is compromised. By default, the server only accepts local WebSocket connections (localhost:5555), limiting direct network exposure for the free tier. PRO mode uses OAuth for authentication to a cloud relay. The browser extension requires explicit user action to connect. Token decoding for user info on the local server does not validate JWT signatures, which is a minor concern but likely relies on the PRO relay for full validation. The use of `child_process.exec` to open a browser for OAuth flow is controlled, opening a predefined URL. Overall, the project acknowledges and attempts to mitigate risks through local-only defaults and explicit user/authentication steps, but its powerful nature means high trust in the connecting AI client is required.
Updated: 2025-12-21GitHub
35
6
Medium Cost
EOSC-Data-Commons icon

matchmaker

by EOSC-Data-Commons

Sec9

A web application for searching scientific datasets using natural language queries, providing AI-ranked results and the ability to dispatch datasets to Virtual Research Environments (VREs).

Setup Requirements

  • ⚠️Requires a separate 'EOSC Data Commons MCP server' backend running on port 8000.
  • ⚠️Requires Node.js version 20 or newer for local development setup.
  • ⚠️Optional VRE dispatch functionality requires Docker and potentially GitHub Container Registry (GHCR) authentication.
Verified SafeView Analysis
The frontend code demonstrates good security practices with no obvious hardcoded secrets or direct use of 'eval'. It uses a `fetchWithTimeout` utility to prevent hanging requests and logs errors differently in development vs. production to avoid leaking sensitive information. External API calls are made to trusted services like DOI.org and a FileMetrix API. The primary network risks involve the backend (EOSC Data Commons MCP server) it communicates with, including its LLM interactions and dispatcher services, which are external to this frontend's codebase.
Updated: 2026-01-19GitHub
35
4
High Cost
ValerianRey icon

RagThisCode

by ValerianRey

Sec8

Set up a RAG (Retrieval-Augmented Generation) system to chat with the code of any public or private GitHub repository.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid).
  • ⚠️Requires GitHub Access Token (for fetching public and/or private repositories).
  • ⚠️Python 3.13+ is required according to `pyproject.toml`, which is very restrictive as Python 3.13 is still in pre-release.
Verified SafeView Analysis
Secrets (API keys, tokens) are correctly handled via environment variables. CORS is configured for local development and should be adapted for production. The frontend uses `dangerouslySetInnerHTML` with LLM-generated content, which carries a minor risk if an LLM generates malicious HTML/JS, though the `marked.parse` function mitigates this for standard markdown.
Updated: 2025-12-03GitHub
PreviousPage 126 of 713Next