Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

35
1
High Cost
MythEclipse icon

rust-mcp-server

by MythEclipse

Sec9

Provides AI-assisted code analysis tools for Rust projects, enabling AI agents to perform advanced code analysis, navigation, and refactoring suggestions.

Setup Requirements

  • ⚠️Requires Docker for recommended deployment and ease of use.
  • ⚠️For full file analysis functionality (e.g., `index_workspace`), a workspace volume must be mounted into the Docker container (e.g., `-v $(pwd):/workspace`).
  • ⚠️Uses Rust nightly for specific MCP SDK features, which might be a consideration for manual builds or specific Rust toolchain environments.
Verified SafeView Analysis
The server primarily performs static code analysis using the `syn` crate, which is robust. It communicates via stdio within a container, explicitly avoiding exposed network ports, significantly reducing the network attack surface. File access for analysis is expected to be within a mounted workspace volume, limiting potential arbitrary file read risks to the sandboxed container context. No 'eval' or similar dangerous patterns were found. No hardcoded secrets are evident.
Updated: 2025-11-25GitHub
35
3
Medium Cost
JustinBeckwith icon

gongio-mcp

by JustinBeckwith

Sec9

Provides an MCP (Model Context Protocol) interface to query Gong.io calls, transcripts, and user data for AI clients like Claude.

Setup Requirements

  • ⚠️Requires Node.js 18+ (or Bun) runtime environment.
  • ⚠️Requires Gong API credentials (Access Key and Secret) obtained from Gong.io admin settings.
  • ⚠️Gong API credentials must be set as environment variables (GONG_ACCESS_KEY, GONG_ACCESS_KEY_SECRET).
Verified SafeView Analysis
Secrets (Gong API credentials) are correctly handled via environment variables, preventing hardcoding. All API interactions use Zod for robust input validation, mitigating common injection risks. Network requests are directed to the official Gong API. No 'eval' or other obvious malicious patterns were found in the provided source code.
Updated: 2026-01-19GitHub
35
4
High Cost
Blakeem icon
Sec9

Orchestrates AI agents for project management and development workflows by linking structured markdown specifications and tasks.

Setup Requirements

  • ⚠️Requires an existing Model Context Protocol (MCP) server environment to run as a plugin, not a standalone application.
  • ⚠️Relies heavily on local file system structure, defaulting to `.ai-prompt-guide/` directories within the configured workspace for documents, archives, and coordinator tasks.
  • ⚠️Primarily designed for Claude models with tool-use capabilities, implying an orchestrating agent will need access to a Claude API or similar LLM.
Verified SafeView Analysis
The server heavily relies on local file system operations. Robust path sanitization, validation (e.g., `DANGEROUS_CHARS_REGEX`, `MAX_PATH_LENGTH`, `PATH_TRAVERSAL` checks), and a security audit logger (`SecurityAuditLogger`) are implemented in `src/fsio.ts` to mitigate path traversal and other file-related risks. No `eval` or direct network vulnerabilities found in core logic. `fetch` is used by documented tools (`fetch-markdown`, `fetch-raw-html`) which agents could potentially call. Internal use of `bypassValidation: true` in `fsio` is acceptable given prior path sanitization layers. The system's operation is confined to the local file system within a defined workspace.
Updated: 2025-11-27GitHub
35
6
Medium Cost
DanielAvdar icon

dev-kit-mcp-server

by DanielAvdar

Sec7

A Model Context Protocol (MCP) server targeted for agent development tools, providing scoped authorized operations in the root project directory.

Setup Requirements

  • ⚠️Requires `git` installed and configured in the environment for Git operations.
  • ⚠️Uses `uv` for command execution examples; ensure `uv` or `pip` is available for installation/execution.
  • ⚠️Requires Python 3.10 or newer.
Verified SafeView Analysis
The server is designed to perform file system operations, git operations, and execute shell commands (via make targets and predefined commands) within a user-specified root directory. It implements crucial safeguards such as path validation (`_validate_path_in_root`) to prevent operations outside this designated root directory, mitigating path traversal risks. For predefined commands, `shlex.split` is used for parsing, and a regex (`VALID_PARAM_REGEX`) is applied to parameters to prevent common command injection vectors. However, the base commands themselves, defined in `pyproject.toml` or `custom_commands.toml`, are considered trusted configuration. Git operations rely on the `GitPython` library. No `eval`, obvious obfuscation, or hardcoded secrets were identified. The primary security consideration is the inherent risk of executing developer-defined commands and file manipulations, requiring users to trust the source of these configurations and understand the server's capabilities.
Updated: 2026-01-18GitHub
35
4
Medium Cost
N-lia icon

MonteWalk

by N-lia

Sec9

Provides institutional-grade quantitative trading tools and analytics for AI agents, enabling real-time market data access, risk management, and strategy backtesting through the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Python 3.12+ for local execution.
  • ⚠️Requires an Alpaca Paper Trading Account (free) and corresponding API keys (`ALPACA_API_KEY`, `ALPACA_SECRET_KEY`).
  • ⚠️A NewsAPI Key (`NEWSAPI_KEY`) is optional but recommended for comprehensive news aggregation (free tier available). Sentiment analysis via Modal requires `MODAL_ENDPOINT_URL` (a public endpoint is provided by default, but can be replaced).
Verified SafeView Analysis
The server uses environment variables for all sensitive API keys (Alpaca, NewsAPI, Modal), preventing hardcoded secrets. Alpaca integration is explicitly set to paper trading (`ALPACA_PAPER_TRADING = True`), significantly reducing real financial risk. The codebase is clear, well-structured, and does not exhibit `eval` or obfuscation. Pre-trade risk checks are implemented to prevent oversized positions. All external network calls are to reputable financial data providers and AI model endpoints. Reliance on external APIs carries inherent, standard network risks.
Updated: 2026-01-18GitHub
35
1
Low Cost
three-water666 icon

open-mcp-servers-market

by three-water666

Sec8

An automated directory and market for Model Context Protocol (MCP) servers, allowing developers to discover, filter, and connect to various AI-powered services by aggregating metadata from official and community sources.

Setup Requirements

  • ⚠️Python 3 and its dependencies (`requirements.txt`) are required for local data generation and serving the static site.
  • ⚠️A GitHub Token (optional, provided as an environment variable `GITHUB_TOKEN`) is necessary for fetching GitHub star counts; otherwise, this data point will be missing for listed servers.
  • ⚠️Full automation of data updates and deployment is configured via GitHub Actions, requiring familiarity with CI/CD workflows for custom modifications.
Verified SafeView Analysis
The project's backend scripts (`convert_mcp_lists.py`, `top_mcp_servers.py`) are primarily data aggregators for a static website. They fetch content from remote GitHub URLs and make GraphQL API calls to retrieve repository star counts, requiring a `GITHUB_TOKEN`. While fetching external content and using an API token introduces inherent risks (e.g., potential for supply chain attacks if markdown parsing is vulnerable, or token exposure if not properly scoped), no direct execution of arbitrary code (`eval`, `os.system`) or obvious command injection vectors were found within the provided Python scripts. The core data processing relies on standard `json` and `re` libraries. The frontend is a static site served via GitHub Pages, which is generally secure. The security score reflects a good posture for its stated purpose, with standard precautions needed for handling API tokens and external data sources.
Updated: 2026-01-19GitHub
35
3
High Cost
Eugenio-BAYE icon

Clartat-MCP

by Eugenio-BAYE

Sec9

Integrate GitHub Projects v2 data with GitHub Copilot Chat for viewing project items and creating issues.

Setup Requirements

  • ⚠️Requires a GitHub Personal Access Token (PAT) with `repo`, `read:org`, and `read:project` scopes.
  • ⚠️Requires `GITHUB_OWNER` (organization/user login) and `GITHUB_REPO` (project number) to be set as environment variables.
  • ⚠️The 'create-github-issue' tool requires custom GitHub Project fields named 'Size' (with options XS, S, M, L, XL) and 'Priority' (with options P0-P5) to be pre-configured for setting these fields.
Verified SafeView Analysis
The server correctly handles sensitive information by requiring a GitHub Personal Access Token (PAT) via environment variables, not hardcoding it. It uses standard and well-vetted libraries for HTTP communication (sttp.client3) and JSON parsing (Circe). Critically, it implements explicit GraphQL string escaping (`escapeGraphQLString`) for user-provided input (issue title, body) when constructing mutation queries, which is a strong defense against GraphQL injection vulnerabilities. No 'eval' or dynamic code execution is observed. Network communication is exclusively with the official GitHub GraphQL API over HTTPS. The token scopes requested (repo, read:org, read:project) are appropriate for its stated functionality.
Updated: 2025-12-14GitHub
35
5
High Cost
blake365 icon

options-chain

by blake365

Sec9

Provides real-time (delayed by 15 min) options chain data and historical prices from the Tradier Sandbox API to AI assistants within Claude Desktop.

Setup Requirements

  • ⚠️Requires a Tradier account with Sandbox API access token.
  • ⚠️Requires Node.js to be installed on the system.
  • ⚠️Manual configuration in Claude Desktop's `claude_desktop_config.json` file is necessary.
  • ⚠️Sandbox API market data is delayed by 15 minutes.
Verified SafeView Analysis
The server uses `process.env.token` for the API key, preventing hardcoding of sensitive information. All network requests are directed to the well-known Tradier Sandbox API (`https://sandbox.tradier.com`). No `eval` or arbitrary code execution is observed. Input parameters are defined with schemas, and internal filtering logic for options data helps control context size and appears benign.
Updated: 2026-01-17GitHub
35
1
Low Cost

Conductor

by Joncik91

Sec8

A local tool for discovering, managing, and auditing MCP (Model Context Protocol) servers across your system.

Setup Requirements

  • ⚠️Requires Node.js and npm/yarn to run locally.
  • ⚠️Requires Docker Desktop for full MCP server discovery from Docker's registry.
Verified SafeView Analysis
The project implements robust security audit features, including pattern matching for dangerous commands (`eval`, `exec`, shell operators), sensitive file paths, credential exposure in environment variables, and supply chain risks (unpinned packages, unverified sources from MCP Registry). It explicitly warns about these to the user. Internally, the application uses `child_process.exec` in two places: 1. `src/app/api/open-folder/route.ts`: To open config file locations (`explorer` on Windows, `open` on macOS). User-provided `filePath` is strictly validated by `validatePath` (checks for `..` and ensures it's within known/allowed system directories) and the command itself (`explorer` or `open`) is whitelisted by `validateCommand`. This minimizes risk. 2. `src/lib/scanners/docker-scanner.ts`: To list running Docker containers (`docker ps`). This is an internal command execution not directly controlled by user input and is essential for Docker integration. The internal use of `exec` is accompanied by validation and whitelisting measures, and rate limiting (`RateLimiter`) is implemented for API endpoints to prevent abuse. No obvious hardcoded secrets or malicious patterns are found. The overall approach is to proactively identify and warn against security risks in discovered MCP servers, while implementing reasonable safeguards for its own operations.
Updated: 2025-11-28GitHub
35
5
Medium Cost
gowinston-ai icon

winston-ai-mcp-server

by gowinston-ai

Sec9

This MCP server provides an interface to Winston AI's services for detecting AI-generated text and images, checking for plagiarism, and comparing texts.

Setup Requirements

  • ⚠️Requires Winston AI API Key (Paid service)
  • ⚠️Requires Node.js 18+
Verified SafeView Analysis
The source code appears well-structured and follows good security practices. It uses environment variables for API keys and `zod` for input validation, which helps prevent common injection vulnerabilities. All external API calls are directed to a hardcoded, trusted endpoint (`https://api.gowinston.ai`). There is no direct use of `eval` or other highly dangerous functions with untrusted input. The server is built on the Model Context Protocol (MCP) SDK, which is designed for structured interactions. The `process.exit(1)` call on missing API key is a good fail-safe.
Updated: 2026-01-15GitHub
35
6
Low Cost
cbrgm icon
Sec8

Provides tea information as a Model Context Protocol (MCP) server for AI/LLM clients, primarily for learning and understanding the MCP specification.

Verified SafeView Analysis
The server uses standard Go libraries and JSON-RPC 2.0 for communication. It includes basic security headers (X-Content-Type-Options, X-Frame-Options, X-XSS-Protection) and configurable timeouts for HTTP connections, which mitigates some common network risks. Request handling dispatches to predefined methods, preventing dynamic code execution from arbitrary input. CORS is set to `Access-Control-Allow-Origin: *`, which is permissive but common for local/development servers. No obvious hardcoded secrets or malicious patterns were found. For production use, further hardening (e.g., stricter CORS, authentication) would be necessary, though the project explicitly states it's for learning purposes.
Updated: 2026-01-16GitHub
35
5
Medium Cost
tomer132246 icon
Sec3

Provides a JSON-RPC bridge for x32dbg/x64dbg, allowing external automations to inspect and control a debugged process without direct UI interaction.

Setup Requirements

  • ⚠️Requires x64dbg or x32dbg to be installed and running, as it functions as a plugin.
  • ⚠️Windows-only due to extensive use of Windows API and Winsock.
  • ⚠️Requires a C++ development environment (CMake, Visual Studio 2022) for building.
Review RequiredView Analysis
The server lacks any authentication or authorization mechanisms, binding to 0.0.0.0 (all network interfaces) by default. This exposes powerful debugger control capabilities to anyone who can connect to the TCP port, making it highly vulnerable if deployed in an untrusted network environment. While the JSON-RPC commands themselves are designed for debugger interaction, the absence of access control presents a critical security risk.
Updated: 2025-11-22GitHub
PreviousPage 131 of 713Next