Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

35
1
Medium Cost
LeeSinLiang icon

godot-mcp

by LeeSinLiang

Sec7

Enables AI assistants to control and access the Godot game engine for tasks like launching the editor, managing projects, editing scenes, and remote debugging.

Setup Requirements

  • ⚠️Requires the Godot engine executable to be installed and its path correctly configured (via GODOT_PATH environment variable, .mcp.json, or auto-detection by the init script).
  • ⚠️The project must be built with `npm run build` before installation or configuration (`npm link`, `godot-mcp-init`).
  • ⚠️UID management tools (`get_uid`, `update_project_uids`) are only compatible with Godot 4.4 or later versions.
Verified SafeView Analysis
The server executes system commands and spawns Godot processes using `child_process.execAsync` and `child_process.spawn`. Input parameters are passed to Godot scripts as JSON strings, with efforts made to escape quotes for the shell. Path validation (`validatePath`) is present to mitigate basic path traversal. The remote debugging feature connects to local ports (6006/6007) and can execute GDScript via the Debug Adapter Protocol (DAP), posing a risk if the AI input were to be malicious. However, the screenshot feature's GDScript is hardcoded by the server, reducing injection risk there. The primary security model relies on the AI agent being trustworthy and the internal Godot scripts correctly interpreting parameters. The setup scripts (`init.js`, `bin/godot-mcp-init.js`) prompt for paths and perform checks like `existsSync` and `godot --version` validation.
Updated: 2025-12-04GitHub
35
4
Medium Cost
seranking icon
Sec9

This server integrates the SE Ranking SEO data API with AI assistants via the Model Context Protocol (MCP), enabling natural language queries for a wide range of SEO analysis tasks.

Setup Requirements

  • ⚠️Requires an active SE Ranking Account and API Token (which may be a paid service).
  • ⚠️Requires Docker and Docker Compose plugin installed for AI assistant integration.
  • ⚠️Requires Node.js 20+ installed if running directly as an HTTP server.
  • ⚠️Requires either Claude Desktop App or Gemini CLI configured with MCP to interact with an AI assistant.
Verified SafeView Analysis
The server uses environment variables (SERANKING_API_TOKEN) or Authorization headers for API token management, preventing hardcoded secrets. Input validation is extensively implemented using Zod, mitigating common injection risks. No 'eval' or obfuscation is present. Authentication is checked for most API calls. The external API calls are made over HTTPS. Overall, it follows good security practices for an API wrapper.
Updated: 2025-12-04GitHub
35
4
Medium Cost
panbanda icon

omen

by panbanda

Sec9

Provides code analysis metrics and insights to AI assistants via the Model Context Protocol (MCP) to help understand and improve codebases.

Setup Requirements

  • ⚠️Requires `git` CLI to be installed and accessible on the system.
  • ⚠️If using external embedding providers (e.g., OpenAI, Cohere, Voyage), requires an API key for the chosen service, which may incur costs.
  • ⚠️Initial setup (indexing for semantic search, or first run of local embedding models/Tree-sitter parsers) may involve downloading large files, requiring an internet connection and disk space.
Verified SafeView Analysis
The project uses environment variables for API keys (e.g., OPENAI_API_KEY) for external embedding providers, which is good practice. It leverages `gix` for Git operations and `tree-sitter` for parsing, both robust libraries. Network operations (for external embeddings or the optional `report serve` command) use standard Rust libraries like `reqwest` and `TcpListener`. No obvious hardcoded secrets or malicious patterns were found in the provided code snippets.
Updated: 2026-01-19GitHub
35
5
Low Cost
LerianStudio icon

lerian-mcp-server

by LerianStudio

Sec9

Provides AI assistants with comprehensive, up-to-date documentation, learning resources, and SDK code generation for Lerian's financial ledger (Midaz), observability (Tracer), workflow (Flowker), and analytics (Reporter) products.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️While it uses `npx`, it's an HTTP server (stdio transport), not a CLI tool; usage is typically via AI assistant configurations (e.g., Claude Desktop `mcpServers` config).
  • ⚠️Some environment variables have a dual `MIDAZ_` and `LERIAN_` prefix for backward compatibility, which can be confusing (e.g., `MIDAZ_DOCS_URL` vs `LERIAN_DOCS_URL`). Prefer `LERIAN_` branded variables for clarity.
  • ⚠️Outputs can be long, potentially leading to high token usage for the consuming LLM, although the server itself has internal mechanisms to truncate responses based on client capabilities. The `show-all-tools` prompt is an example of a potentially very long output.
Verified SafeView Analysis
The server explicitly operates in 'Documentation-Only Mode', meaning it does NOT connect to Lerian backend APIs, significantly reducing external attack surface. It utilizes `child_process.spawn` for development (`dev-server.js`) and for its `npx` execution wrapper (`bin/lerian-mcp-server.js`), which is standard and justified. Sensitive data like `CURSOR_SECRET` and `CACHE_ENCRYPTION_KEY` are either provided via environment variables or securely auto-generated and stored with `0o600` permissions. Comprehensive input validation (`zod`), output sanitization, rate limiting, and audit logging features are implemented (`security.js`, `output-sanitizer.js`, `config-validator.js`, `error-monitoring.js`). The `config-security.js` module enforces localhost-only backend URLs, further enhancing security for configurations that might still hint at backend connectivity. Overall, a strong focus on security is evident.
Updated: 2026-01-19GitHub
35
3
High Cost
domibies icon

dotbox-mcp

by domibies

Sec3

An MCP server that enables LLMs to execute .NET workloads in isolated Docker containers for C# code execution, project management, and web API hosting.

Setup Requirements

  • ⚠️Requires Docker Desktop to be installed and running.
  • ⚠️Currently only supports Claude Desktop as a client.
  • ⚠️Windows users must enable 'Expose daemon on tcp://localhost:2375 without TLS' in Docker Desktop, which poses a security risk.
Review RequiredView Analysis
The MCP server itself (dotbox-mcp container) requires access to the host's Docker daemon via `/var/run/docker.sock` (macOS) or TCP port 2375 (Windows), granting it root-equivalent privileges on the host. The Windows installation explicitly requires enabling 'Expose daemon on tcp://localhost:2375 without TLS', which is a significant security risk if the machine is on an untrusted network. While .NET workloads run in isolated sandbox containers with resource limits and restricted filesystems (`/workspace`), a compromised MCP server or an erroneous LLM instruction could potentially leverage its host Docker privileges for malicious actions. This tool should only be run on trusted machines and networks.
Updated: 2025-11-24GitHub
35
6
Medium Cost
martinimarcello00 icon

SRE-agent

by martinimarcello00

Sec7

An autonomous multi-agent system designed for Kubernetes incident detection, diagnosis, and mitigation using LLMs and modular workflows to reduce Mean Time to Resolution (MTTR).

Setup Requirements

  • ⚠️Requires Python 3.13+
  • ⚠️Requires Poetry for dependency management
  • ⚠️Requires Docker and Kind (Kubernetes in Docker) for local cluster setup
  • ⚠️Requires Make for AIOpsLab commands
  • ⚠️Requires OpenAI API Key (Paid) for LLM access (GPT-5-mini)
  • ⚠️Requires Node.js runtime for `mcp-server-kubernetes` and `prometheus-mcp`
  • ⚠️Requires a running Prometheus server instance (URL configured via env var)
Verified SafeView Analysis
The system interacts with critical infrastructure (Kubernetes, Prometheus, Jaeger, ChromaDB) via MCP clients. While the Kubernetes MCP client enforces `ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS: true`, the overall agent has significant control over the environment. External dependencies like `npx mcp-server-kubernetes` and `uvx chroma-mcp` introduce reliance on external packages and runtimes (Node.js, Python). Environment variables are used for sensitive data (API keys, tokens), which is a good practice, but proper secret management (e.g., Kubernetes Secrets, Vault) for these environment variables is essential outside the scope of this code review.
Updated: 2026-01-19GitHub
35
8
Low Cost
CorgiBoyG icon
Sec8

This server acts as a Spring AI MCP Server component to provide cross-platform computer configuration information (OS, user, Java, and platform-specific details) to an AI agent.

Setup Requirements

  • ⚠️Requires JDK 17+ and Maven 3.6+ to build and run.
  • ⚠️Specific system commands (`systeminfo`, `system_profiler`, `lshw`) must be available on the host OS. `lshw` on Linux may require root privileges or specific permissions to execute successfully.
Verified SafeView Analysis
The server uses `Runtime.getRuntime().exec()` to run system commands (`systeminfo`, `system_profiler`, `lshw`). While these commands are hardcoded and the user input ('computer' parameter) is not used in their construction, preventing direct command injection, executing external processes always carries an inherent risk. However, for a system information service, this approach is common. No hardcoded secrets or 'eval'-like patterns were found.
Updated: 2025-11-22GitHub
35
4
Low Cost
maxzrff icon

KnowledgeMCP

by maxzrff

Sec7

An MCP server that enables AI coding assistants and agentic tools to leverage local knowledge through semantic search.

Setup Requirements

  • ⚠️Requires Python 3.11+ or Python 3.12.
  • ⚠️Requires Tesseract OCR for scanned documents (and poppler-utils for PDF OCR support).
  • ⚠️Downloads embedding model (approx. 91MB) on first run or can be pre-cached manually.
Verified SafeView Analysis
The server is designed for local and private use, defaulting its HTTP listener to 127.0.0.1 and validating 'Origin' headers for local hosts. It lacks explicit user authentication/authorization mechanisms on its MCP HTTP endpoints, making it suitable for its intended local integration but potentially risky if exposed broadly without external security layers. Input validation is present for file paths, sizes, and formats. The 'knowledge-clear' tool performs a destructive operation (full database reset) with a boolean confirmation parameter which could be strengthened (e.g., with a confirmation phrase). No obvious hardcoded secrets or malicious patterns were found.
Updated: 2025-11-22GitHub
35
5
Medium Cost
meringlab icon

string-mcp

by meringlab

Sec9

Exposes STRING database functionality as a Model Context Protocol (MCP) server, allowing AI agents to access structured biological data for protein interaction analysis and functional enrichment.

Setup Requirements

  • ⚠️Requires Python >= 3.10
  • ⚠️Specific versions of 'fastmcp' (2.10.6), 'httpx' (0.28.1), and 'pydantic' (2.11.7) are required; incompatible FastMCP versions can cause crashes.
  • ⚠️A 'config/server.config' JSON file with 'base_url' and 'server_port' is mandatory.
Verified SafeView Analysis
No critical vulnerabilities like 'eval', arbitrary code execution, or hardcoded sensitive credentials were found. Configuration is externalized in 'config/server.config', which is good practice. The server listens on all network interfaces (0.0.0.0) by default, meaning it's publicly accessible and should be protected by a firewall if not intended for public exposure. The implicit trust in the `base_url` for the STRING API is assumed.
Updated: 2025-12-11GitHub
35
1
Low Cost
praveenc icon
Sec9

Provides semantic search capabilities over AWS Cloudscape Design System documentation, allowing AI agents and coding assistants to efficiently query component documentation.

Setup Requirements

  • ⚠️Requires Python 3.13+
  • ⚠️Requires ~3GB disk space for the embedding model and 8GB+ RAM recommended
  • ⚠️The ingestion process (`ingest.py`) performs a full re-index each time, overwriting the existing database and is computationally expensive for large documentation sets.
Verified SafeView Analysis
The server uses standard Python libraries (lancedb, torch, sentence_transformers) and communicates via stdio, a local transport. No 'eval' or obvious hardcoded secrets were found in the provided code. Data is stored locally in LanceDB. The primary security risk would be from a compromised execution environment or malicious input through the stdio interface, which is a general risk for any local process.
Updated: 2025-11-27GitHub
35
5
Medium Cost
exa-labs icon
Sec9

Manages web entity collections (companies, people, papers) through automated search, data enrichment, and scheduled monitoring using Exa's Websets API.

Setup Requirements

  • ⚠️Requires Node.js v18 or higher
  • ⚠️Requires an Exa API key (paid service)
  • ⚠️Requires a Model Context Protocol (MCP) compatible client (e.g., Claude Desktop, Cursor)
Verified SafeView Analysis
The server acts as a proxy/client for the Exa Websets API. It uses `axios` for API calls and handles API keys via environment variables or direct configuration, which are standard secure practices. Request and error logging is implemented. No `eval`, dynamic module loading, or other obvious code execution vulnerabilities were found. Input validation for tool parameters helps prevent malformed requests. The overall security relies heavily on the underlying Exa API security and proper API key management by the user.
Updated: 2026-01-16GitHub
35
3
Medium Cost
Coding-with-Mayank icon

advanced-bugbounty-mcp

by Coding-with-Mayank

Sec2

An AI-powered bug bounty hunting platform integrated with Claude via the Model Context Protocol (MCP) for advanced reconnaissance, vulnerability scanning, and asset discovery.

Setup Requirements

  • ⚠️Requires Docker Desktop (20.10.0+) and Docker Compose (2.0.0+)
  • ⚠️Requires Python 3.12+ (as per upgrade notes)
  • ⚠️Requires multiple API keys from Shodan, VirusTotal, Censys, GitHub, SecurityTrails, and Hunter (many of which are paid or have usage limits)
  • ⚠️8GB+ RAM and 20GB+ disk space recommended
Review RequiredView Analysis
The primary security risk is mounting `/var/run/docker.sock` into the `mcp-server` container (`bugbounty-mcp`), granting the container root access to the Docker host if the application inside is compromised (e.g., via command injection through an MCP tool call). This is a critical vulnerability. Additionally, MongoDB and Redis services have default hardcoded passwords (`bugbounty_secure_pass`, `bugbounty_redis`) that are used if environment variables are not explicitly set, and these services are exposed via `ports:` mappings in `docker-compose.yml` without explicit host firewall rules to restrict access to them in all deployment scenarios (e.g., `cloud-deploy.sh` only explicitly opens 8080/tcp, not implicitly blocking 27017/6379). The `curl | bash` installation method, while common, also presents a supply chain risk.
Updated: 2025-12-14GitHub
PreviousPage 129 of 713Next