Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

34
4
Low Cost
GBA-BI icon
Sec2

Orchestrates Bio-OS workflows and Docker image builds via an MCP server, integrating with Dockstore for workflow discovery and a reranker for search relevance.

Setup Requirements

  • ⚠️Requires `uv` (Python package manager) for local installation.
  • ⚠️Requires `Cromwell` (WDL workflow execution engine), typically installed via `brew install cromwell` (macOS).
  • ⚠️Requires `MIRACLE_ACCESS_KEY` and `MIRACLE_SECRET_KEY` environment variables or explicit parameters for Bio-OS interactions.
  • ⚠️Tightly coupled to 'Miracle Cloud' internal infrastructure (`dockstore.miracle.ac.cn`, `bio-top.miracle.ac.cn`, and internal IP addresses for reranking/Docker build services), making it non-portable outside this specific environment.
Review RequiredView Analysis
A critical security vulnerability exists in `src/bioos_mcp/tools/dockstore_search.py` where a full `ory_kratos_session` cookie is hardcoded in the `self.headers` dictionary. This cookie likely grants authenticated access to `dockstore.miracle.ac.cn` and could lead to unauthorized access or data exposure. Additionally, the server relies on hardcoded internal IP addresses (`http://10.22.17.85:10802/rerank`, `http://10.20.16.38:3001/build`) for backend services, which poses a risk if these services are not properly secured or if the network environment is not trusted. While credentials (`MIRACLE_ACCESS_KEY`, `MIRACLE_SECRET_KEY`) are generally handled via environment variables, the hardcoded session cookie is a severe oversight.
Updated: 2026-01-14GitHub
34
3
High Cost
babelcloud icon

gbox-mcp-server

by babelcloud

Sec8

Enable AI agents to automate Android devices, Linux environments, and browser sessions.

Setup Requirements

  • ⚠️Requires GBOX_API_KEY from gbox.ai/dashboard or a prior `gbox login` CLI setup.
  • ⚠️Requires Node.js (v18.17.0, v20.3.0, or >=v21.0.0).
  • ⚠️Local Android device control (physical devices) might require `scrcpy` installation, which the server attempts to manage.
Verified SafeView Analysis
The server uses JWT for authentication, which is a standard and secure approach. Remote shell execution (`adb_shell` tool) and device control (`gbox-sdk`) are core functionalities and inherently involve executing commands on remote (potentially sandboxed) environments. Local `execSync` and `spawn` calls are primarily for managing the `scrcpy` tool for local device interaction, an expected setup step. No direct `eval` or obvious hardcoded secrets were found.
Updated: 2025-11-29GitHub
34
1
Medium Cost
FlorianSp2000 icon

secure-cluster-mcp

by FlorianSp2000

Sec7

Manage SLURM cluster jobs for ML experiments using AI assistants, enabling seamless experiment management, code transfer, job submission, and monitoring with safety guardrails.

Setup Requirements

  • ⚠️DRY_RUN defaults to `false`, meaning live commands will execute unless explicitly configured to `true`.
  • ⚠️Requires SSH access with key-based authentication to a SLURM-managed HPC cluster.
  • ⚠️All remote paths (files, scripts, logs) must be under the configured `REMOTE_BASE_PATH`.
Verified SafeView Analysis
The server implements strong guardrails including strict path validation (`validate_remote_path`) to confine operations to `REMOTE_BASE_PATH`, a comprehensive blocklist (`DANGEROUS_PATTERNS`) for hazardous commands like `rm -rf`, and rate limiting to prevent cluster spam. A significant security concern is that `DRY_RUN` mode defaults to `False` in `src/secure_cluster_mcp/config.py`. This means the server will perform real cluster operations immediately upon launch unless the user explicitly sets `DRY_RUN=true` in their `.env`. While `CLAUDE.md` instructs AI agents to prioritize `DRY_RUN=true`, the application's default behavior is risky for first-time users or accidental deployments. The SSH client uses `paramiko.AutoAddPolicy()`, which automatically adds unknown host keys, a convenience that slightly reduces security compared to manual host key verification.
Updated: 2026-01-18GitHub
34
4
High Cost
cloudinary icon

mcp-servers

by cloudinary

Sec8

Provides Model Context Protocol (MCP) servers to integrate Cloudinary's media management platform with Large Language Models (LLMs) for natural language asset management, transformation, analysis, and organization.

Setup Requirements

  • ⚠️Requires Cloudinary API Key, API Secret, and Cloud Name for authentication.
  • ⚠️Requires npm/Node.js for local server setup or Docker for containerized deployment.
  • ⚠️Some advanced features may require a paid Cloudinary plan.
Verified SafeView Analysis
The provided source code consists of README documentation and JSON configuration examples, not core application logic. There are no direct indications of 'eval', obfuscation, or hardcoded secrets. It explicitly guides users to configure credentials via environment variables, headers, or command-line arguments, which is a secure practice. The primary security considerations would stem from the underlying npm packages and the user's handling of their Cloudinary API keys and secrets. Remote servers utilize HTTPS. The 'CLOUDINARY_DEBUG' environment variable should be used cautiously in production environments.
Updated: 2025-12-02GitHub
34
4
Low Cost
marcominerva icon

McpServerAspNetCore

by marcominerva

Sec4

Provides a minimal ASP.NET Core server for AI agents to discover and utilize external tools via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires an OpenWeatherMap API Key (free account registration needed) for the weather tool to function.
  • ⚠️The hardcoded API key for server authentication in `appsettings.json` ('f1I7S5GXa4wQDgLQWgz0') must be changed for secure deployment.
Verified SafeView Analysis
The server includes a hardcoded API key (f1I7S5GXa4wQDgLQWgz0) in `appsettings.json` for server authentication, which is a critical security risk for production deployment. `AllowedHosts` is set to `*`, which is generally not recommended for production. CORS is enabled but configurable, requiring careful setup. No 'eval' or malicious patterns were observed in the provided source code.
Updated: 2026-01-15GitHub
34
4
Medium Cost
ellyseum icon

ellymud

by ellyseum

Sec7

A Multi-User Dungeon (MUD) game server with support for Telnet, WebSocket, and a Model Context Protocol (MCP) for AI agent integration and programmatic control.

Setup Requirements

  • ⚠️Requires an OpenAI API Key (OPENAI_API_KEY) for optional AI room generation features in the Admin API.
  • ⚠️Requires 'ELLYMUD_MCP_API_KEY' environment variable for the MCP server, with an interactive setup script to generate it if missing.
  • ⚠️Database/Storage Backend Configuration: Supports JSON files, SQLite, or PostgreSQL, configurable via 'STORAGE_BACKEND' and 'DATABASE_URL' environment variables. Default is 'auto' which typically resolves to SQLite.
Verified SafeView Analysis
The server uses JWT for admin API authentication and a specific API key (ELLYMUD_MCP_API_KEY) for the powerful MCP server. Passwords are hashed with PBKDF2 and sensitive input is masked from logs. Path traversal vulnerabilities in state snapshot loading are explicitly prevented. The initial 'admin' user is set with a default 'admin' password, which triggers a forced change on first login. The use of 'child_process.execFileSync' for syncing scripts in the MCP server is a potential risk, though currently it appears to be invoked with an empty argument array, mitigating direct RPC injection. Overall, good security practices are in place for user data and access control, but the extensive administrative and AI agent APIs require careful key management and environment configuration.
Updated: 2026-01-19GitHub
34
18
Medium Cost
Hypersequent icon

qasphere-mcp

by Hypersequent

Sec9

Enables Large Language Models (LLMs) to interact with QA Sphere test cases for discovery, summarization, and direct referencing within AI-powered IDEs.

Setup Requirements

  • ⚠️Requires a QA Sphere account with API access (potentially a paid subscription).
  • ⚠️Requires manual generation of an API key from QA Sphere settings.
  • ⚠️Requires your company's specific QA Sphere tenant URL.
Verified SafeView Analysis
The server demonstrates strong security practices by requiring API keys via environment variables and applying extensive input validation using Zod for all tool parameters. It communicates via standard I/O (StdioServerTransport), thereby avoiding direct network exposure. Robust error handling differentiates between various HTTP status codes to prevent general error message leakage, and logging uses a file path also specified by an environment variable, preventing hardcoded paths. No 'eval' or direct arbitrary 'child_process' usage was found beyond standard package execution.
Updated: 2026-01-06GitHub
34
3
Low Cost
Iterable icon

mcp-server

by Iterable

Sec9

Allows AI assistants to interact with Iterable marketing platform data and APIs using natural language queries and instructions.

Setup Requirements

  • ⚠️Requires Node.js >= 20 (v22 LTS recommended) and an Iterable API key.
  • ⚠️Some AI clients (Windsurf, Antigravity) have a 100-tool limit. Enabling all permissions exposes 104 tools, exceeding this limit. Users must configure restricted permissions via the `--advanced` setup flag to stay under the limit if using these clients.
  • ⚠️After switching API keys or modifying configuration, the AI client application must be fully restarted to load the new settings.
Verified SafeView Analysis
The server employs robust security measures, including platform-specific secure storage for API keys (macOS Keychain, Windows DPAPI, or restricted file permissions on Linux) via the `KeyManager`. Input validation is performed using Zod schemas for all tool calls, mitigating common injection vulnerabilities. Execution of external commands uses `child_process.execFile` and `spawn` with array arguments, preventing shell injection. Strict permission controls (PII, writes, sends) can be configured per API key, limiting the scope of actions an AI can take. Sensitive data in HTTP request logs is sanitized to prevent PII leakage.
Updated: 2026-01-12GitHub
34
3
Low Cost
askdba icon
Sec9

Acts as a read-only MySQL server proxy that exposes database introspection and query execution tools to AI clients via the Model Context Protocol (MCP) or a REST API.

Setup Requirements

  • ⚠️Requires a running MySQL database instance to connect to.
  • ⚠️Requires a dedicated read-only MySQL user for optimal security (quickstart script assists with creation).
  • ⚠️Vector search features require MySQL 9.0+.
  • ⚠️Configuration is required via environment variables or a YAML/JSON file.
Verified SafeView Analysis
The server implements a robust, multi-layered security model for read-only access. It uses both regex and AST-based SQL parsing (defense-in-depth) to strictly block DDL, DML, administrative commands, transaction control, multi-statement queries, and dangerous functions (e.g., SLEEP, LOAD_FILE). Access to system schemas like `mysql`, `information_schema`, `performance_schema`, and `sys` is also explicitly blocked. It recommends and helps create a dedicated read-only MySQL user. DSNs are masked in logs and output. HTTP mode includes configurable rate limiting and mindful handling of X-Forwarded-For headers. Audit logging is available for transparency. No direct `eval` or dynamic code execution is observed, and the Go codebase appears clean and purpose-built.
Updated: 2026-01-17GitHub
34
4
High Cost
COBACOBAINI icon

vibe

by COBACOBAINI

Sec8

A fast cross-platform desktop tool for transcribing audio locally using Whisper models and optionally summarizing with OpenAI (Claude) or Ollama.

Setup Requirements

  • ⚠️Requires internet connection for initial model downloads.
  • ⚠️Optional summarization feature requires an OpenAI API Key (paid service) or a locally running Ollama instance.
  • ⚠️Building from source requires Rust toolchain, Bun, Clang, CMake, and platform-specific dependencies like FFmpeg and OpenBLAS.
Verified SafeView Analysis
The application is a desktop app built with Tauri and Rust, utilizing a frontend (React/SvelteKit) and a Rust backend. It emphasizes privacy by default, processing audio locally. Optional online features like OpenAI summarization require user-provided API keys and explicit consent. Deep links (`vibe://`) are handled with user confirmation for model downloads. External binaries like `yt-dlp` and `ffmpeg` are used for audio processing and downloads from URLs, requiring careful management of their execution and paths. The Tauri configuration (`capabilities/main.json`) grants broad filesystem access (`fs:scope:allow: '**'`), which is common for desktop applications interacting with user files but could be a vector if combined with other vulnerabilities. There are no obvious hardcoded secrets or direct `eval` calls of untrusted input. The `transcribe` command is wrapped in a panic catcher, improving stability but not preventing all potential exploits. Overall, security practices appear reasonable for a desktop application of this nature, with user interaction for sensitive operations and explicit permission declarations.
Updated: 2026-01-19GitHub
34
3
Medium Cost
hummbl-dev icon

mcp-server

by hummbl-dev

Sec9

A Model Context Protocol (MCP) server that provides AI clients, like Claude Desktop, access to the HUMMBL Base120 mental models framework and a Self-Dialectical AI Systems methodology.

Setup Requirements

  • ⚠️Requires `HUMMBL_API_KEY` environment variable for the `recommend_models` tool and other external API interactions, with usage tiers (Free, Pro, Enterprise).
  • ⚠️Full functionality, especially for persistent storage (sessions, relationships), relies on Cloudflare D1 (SQL database) and KV (key-value store), along with Upstash Redis, necessitating a Cloudflare account and provisioning these services.
  • ⚠️Requires Node.js 18.0.0 or higher, as specified in `package.json`.
Verified SafeView Analysis
The server employs robust input validation and sanitization using Zod schemas and custom utilities, mitigating common injection risks. Authentication middleware for the REST API validates API keys against a KV store, and administrative endpoints enforce permission checks. While test API keys are present in the repository, the design expects production keys to be managed securely via environment variables and Cloudflare KV. Outbound network calls to external APIs (for recommendations) and a Redis instance (for session management) are inherent to the hybrid architecture, requiring secure configuration. The project has an explicit `SECURITY.md` and `CODE_OF_CONDUCT.md` outlining responsible disclosure and best practices. There is no usage of `eval` or obvious obfuscation.
Updated: 2026-01-12GitHub
34
4
Low Cost
Alonxoo icon
Sec10

A curated directory of Model Context Protocol (MCP) servers, acting as a central resource for AI models to discover and integrate with diverse local and remote capabilities.

Verified SafeView Analysis
This repository functions as a documentation resource, providing a curated list of Model Context Protocol (MCP) servers. It does not contain executable server code; therefore, it presents no direct risks such as 'eval' execution, code obfuscation, hardcoded secrets, or runtime network vulnerabilities from its own source. The security posture of any listed third-party MCP servers must be evaluated independently.
Updated: 2025-12-15GitHub
PreviousPage 144 of 713Next