Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

33
1
Low Cost
AlekMel icon
Sec9

Integrates the Weeek API with AI clients by exposing all Weeek API endpoints as Model Context Protocol (MCP) tools.

Setup Requirements

  • ⚠️Requires a Weeek API token (WEEEK_TOKEN) for authentication with the Weeek API.
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️For network access (SSE mode), a strong `MCP_API_KEY` (minimum 32 characters recommended) must be set for server authentication.
Verified SafeView Analysis
The server demonstrates strong security practices: Weeek API tokens are not logged (automatic redaction via `RedactingFilter`), secrets are loaded from environment variables (e.g., `.env`), and API key authentication for SSE mode uses `secrets.compare_digest` for constant-time comparison to prevent timing attacks. HTTPS is recommended for production deployments behind a reverse proxy. While `forwarded_allow_ips='*'` is used in uvicorn settings, this is generally safe when behind a trusted proxy (e.g., nginx with SSL, as recommended).
Updated: 2025-12-13GitHub
33
3
Medium Cost
m2ux icon
Sec9

This MCP server provides conceptual search, document analysis, and library exploration capabilities over a knowledge base using LanceDB and LLM-based concept extraction.

Setup Requirements

  • ⚠️Requires OPENROUTER_API_KEY (Paid LLM service) for core functionality like concept extraction and summarization.
  • ⚠️Requires Python 3 and the NLTK library for WordNet integration.
  • ⚠️Requires LanceDB (local vector database) to be set up and seeded with data.
  • ⚠️Requires Tesseract OCR installed for processing image-based PDF documents if no text layer is present.
Verified SafeView Analysis
The server reads OPENROUTER_API_KEY from environment variables, avoiding hardcoded secrets. It executes Python scripts via `child_process.spawn` for WordNet lookups; the script content is internal and not directly user-controlled, mitigating injection risks. Database interactions with LanceDB use API methods which abstract SQL-like queries, and includes explicit SQL string escaping for user-provided values, reducing SQL injection vulnerabilities. The primary network risk is connecting to `openrouter.ai` for LLM inference, which is inherent to its RAG functionality.
Updated: 2026-01-19GitHub
33
1
Low Cost
corytodd icon

civ5-mcp

by corytodd

Sec9

Connects Civilization 5 game state to an external AI agent via the Model Context Protocol for turn-based analysis and strategic advice.

Setup Requirements

  • ⚠️Requires Sid Meier's Civilization V (Brave New World expansion on Windows, specifically tested).
  • ⚠️Requires the companion Civ 5 MCP Bridge mod to be installed in the game's MODS directory.
  • ⚠️Requires Python 3.13 or newer.
Verified SafeView Analysis
The server uses standard I/O for communication (stdio_server), limiting direct network exposure. All SQLite database interactions utilize parameterized queries, effectively preventing SQL injection vulnerabilities. There is no usage of 'eval' or other dynamic code execution functions observed in the provided Python source code. The game state data, though a JSON blob, is generated by the Lua mod within a sandboxed environment and then safely parsed using `json.loads` by the Python server. The hardcoded database path points to a standard user game data directory.
Updated: 2026-01-18GitHub
33
3
Medium Cost
feed-mob icon

fm-mcp-servers

by feed-mob

Sec9

This repository hosts a collection of Model Context Protocol (MCP) servers designed to integrate with various external platforms for data reporting, analytics, and internal tool management. Specific use cases include fetching advertising campaign performance (e.g., Singular, Jampp, AppSamurai, TapJoy, AppLovin, IronSource, Mintegral, Inmobi, Liftoff, Smadex, RTB House), managing internal client/team contact information, searching Slack messages, querying HubSpot tickets, interacting with GitHub issues, managing work journals, processing images via ImageKit, and recording AI-generated media assets from Civitai.

Setup Requirements

  • ⚠️Each specific MCP server requires individual API keys, tokens, and/or base URLs for the external service it integrates with, which must be correctly configured as environment variables (e.g., SINGULAR_API_KEY, JAMPP_CLIENT_ID, FEEDMOB_API_BASE).
  • ⚠️Requires a Node.js runtime environment (versions specified vary, generally >=16.0.0, some dependencies might push it to >=18.0.0).
  • ⚠️Servers like `civitai-records` have additional external dependencies, such as a PostgreSQL database, which need to be set up and configured separately.
Verified SafeView Analysis
The analyzed source code snippets for the various MCP servers demonstrate good security practices overall. Environment variables (e.g., API keys, secrets, base URLs) are consistently loaded using `dotenv` and explicitly checked for existence, preventing hardcoding. Input validation is performed using Zod schemas for tool parameters, reducing risks from malformed input. Network requests are handled by `axios` or `node-fetch`, and error responses from external APIs are caught and returned. No `eval` or similar dangerous patterns were detected. A minor deduction is due to the inherent risks of integrating with many third-party APIs, where the security largely depends on the user's correct configuration of sensitive credentials and the security posture of the integrated services. This analysis is based on truncated code snippets and general patterns across the repository.
Updated: 2026-01-18GitHub
33
1
Medium Cost
ulasbilgen icon

map-skills-plugins

by ulasbilgen

Sec3

Automate Chrome browser tasks, perform web testing, web scraping, performance analysis, and debugging using the Chrome DevTools Protocol.

Setup Requirements

  • ⚠️Requires Chrome/Chromium browser installed.
  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️Requires 'mcp2rest' installed globally and running in the background.
Review RequiredView Analysis
The 'evaluate_script' tool allows executing arbitrary JavaScript code within the local Chrome browser's context. If a malicious script is provided or the AI agent misinterprets user intent, this could lead to local browser compromise, data exfiltration from web pages, or navigation to malicious sites. While local to the user's machine and requiring explicit invocation, this capability presents a significant security risk without robust sandboxing of the browser instance or strict input validation/sanitization.
Updated: 2025-11-24GitHub
33
2
Medium Cost
NickCrews icon

airtable-kit

by NickCrews

Sec8

A library for building type-safe Airtable API clients and integrating with LLM-powered MCP tools.

Setup Requirements

  • ⚠️Requires an Airtable Personal Access Token (PAT) with appropriate permissions for API access.
  • ⚠️A Workspace ID is necessary for creating new Airtable bases via the API.
  • ⚠️Setting up the test environment involves executing a dedicated script to create and configure a real Airtable base, which requires an active internet connection and Airtable API access.
Verified SafeView Analysis
The `src/codegen/generator.ts` module facilitates writing files to a user-specified `outPath` during code generation. While this is intended functionality for a code generation tool, it could present a risk if deployed in an environment where untrusted input controls the `outPath`, potentially leading to arbitrary file writes. However, in its typical usage as a local development utility or within a trusted build pipeline, this risk is mitigated. The included web application (SPA) stores API keys in the client's local storage, a practice that is clearly communicated to the user. No critical vulnerabilities such as `eval` or unvalidated command execution through network requests were identified.
Updated: 2025-12-06GitHub
33
6
Medium Cost
jimmcq icon
Sec9

Provides genuine dice rolls for AI assistants to ensure true randomness and gaming integrity in applications like tabletop RPGs and simulations.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️Requires manual configuration in AI assistant clients (e.g., `claude_desktop_config.json`) for local integration.
  • ⚠️ChatGPT connector compatibility is currently in Developer Mode.
Verified SafeView Analysis
Uses `crypto.randomInt()` for cryptographically secure randomness. Robust input validation with explicit limits on dice count and size (`count * size > 100000`) prevents excessive computation and potential Denial-of-Service (DoS) attacks. No `eval`, code obfuscation, or hardcoded secrets found. The overall design prioritizes secure processing of dice notation.
Updated: 2026-01-07GitHub
33
6
High Cost
drewdrewH icon

code-graph-context

by drewdrewH

Sec6

A Model Context Protocol (MCP) server that builds and queries a knowledge graph of TypeScript codebases in Neo4j, supporting semantic search, impact analysis, dead code detection, and multi-agent coordination through stigmergy.

Setup Requirements

  • ⚠️Requires Docker to be installed and running for the Neo4j database.
  • ⚠️Requires Neo4j database with APOC plugin installed. The server attempts to auto-start a Dockerized Neo4j instance.
  • ⚠️Requires OPENAI_API_KEY environment variable (paid service) for semantic search and natural language to Cypher conversion. Without it, these features are disabled.
  • ⚠️Insecure default Neo4j password 'PASSWORD' if NEO4J_PASSWORD is not set.
Verified SafeView Analysis
The default Neo4j password 'PASSWORD' is a critical security vulnerability if the server is used without overriding the NEO4J_PASSWORD environment variable. The server interacts with external services (Neo4j, OpenAI), requiring secure configuration of connection details and API keys. The NL-to-Cypher tool includes validation steps (`EXPLAIN` and `validateProjectIdFilters`) to mitigate Cypher injection risks and enforce project isolation. File path inputs are validated against traversal attacks. There is no explicit user authentication or authorization built into the MCP server itself, implying it's expected to run in a trusted environment or behind an authenticated client.
Updated: 2026-01-07GitHub
33
3
High Cost
SimplyMinimal icon

fleet-mcp

by SimplyMinimal

Sec8

Provides a Model Context Protocol (MCP) interface for AI agents to interact with Fleet DM, enabling automated device management, security monitoring, policy enforcement, and osquery execution across a fleet of computers.

Setup Requirements

  • ⚠️Requires an operational Fleet DM server to connect to.
  • ⚠️Requires a Fleet API token with appropriate permissions.
  • ⚠️Requires Python 3.10+ (due to the use of '|' for type hints).
Verified SafeView Analysis
The server itself employs good security practices, including explicit read-only modes, SELECT-only query validation in read-only mode, careful handling of secrets, and explicit disabling of dangerous operations (e.g., wipe device, delete user). The primary security concern stems from the power of the underlying Fleet DM API: if the configured API token is compromised, an attacker could leverage the MCP server to perform actions on managed devices or extract sensitive data, even with internal validations. Proper API token management and secure deployment environment are crucial. Script execution and arbitrary query capabilities, while core to Fleet DM, represent significant power that must be guarded.
Updated: 2026-01-13GitHub
33
6
Medium Cost
akiojin icon
Sec5

A server to enable AI agents or automated scripts to interact with and control the Unity Editor, performing tasks such as scene management, GameObject manipulation, asset management, input simulation, code editing, and extracting editor state.

Setup Requirements

  • ⚠️Requires a running Unity Editor instance to connect to via TCP.
  • ⚠️Designed to run within Docker, requiring Docker to be installed and configured.
  • ⚠️Automatically downloads and executes a C# Language Server Protocol (LSP) binary, which needs internet access and may face platform-specific issues.
Review RequiredView Analysis
The server downloads and executes C# Language Server Protocol (LSP) binaries from GitHub releases, relying on SHA256 checksums for integrity. A compromised GitHub release or manifest could lead to arbitrary code execution (supply-chain risk). It directly manipulates C# source files and can execute Unity Editor menu items, including file system operations and potentially sensitive actions. While some handlers implement safety checks (e.g., menu item blacklist, settings confirmation, C# syntax/LSP validation), the broad control over the Unity Editor presents a high-privilege attack surface if exploited. Communication is over TCP (local) and optionally HTTP. Running untrusted code is inherently risky.
Updated: 2026-01-07GitHub
33
2
Medium Cost
sensiblecoder icon

solar2d-mcp

by sensiblecoder

Sec8

Enables AI assistants to run, debug, and interact with Solar2D (Corona SDK) projects locally.

Setup Requirements

  • ⚠️Requires Solar2D Simulator installed locally, which needs to be configured (either auto-detected or manually provided).
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Automatically modifies the project's 'main.lua' file and creates temporary Lua modules ('_mcp_logger.lua', '_mcp_screenshot.lua', '_mcp_touch.lua') within the project directory for functionality.
Verified SafeView Analysis
The server launches external processes (Solar2D Simulator) via `subprocess.Popen` and modifies user project files (`main.lua` for injection of logging, screenshot, and touch modules). While these are core features and documented, they involve significant local system interaction. Inputs for `project_path` are resolved to absolute paths via `pathlib.Path`, and arguments to `subprocess.Popen` are passed as a list, which mitigates shell injection risks. No `eval` or direct arbitrary command execution from unsanitized user input is apparent. Temporary files are managed in standard OS temporary directories.
Updated: 2026-01-10GitHub
33
3
Medium Cost
o-b-one icon

groceries-mcp

by o-b-one

Sec7

Orchestrates automated grocery shopping using an LLM agent that interacts with various grocery vendor APIs via Model Context Protocol (MCP) tools.

Setup Requirements

  • ⚠️Requires LLM API Key/Service (e.g., Google API access for Gemini, OpenRouter, or Groq API key).
  • ⚠️Full setup requires Docker and Docker Compose for the Playwright server, MCP server, and agent.
  • ⚠️Python 3.12+ is required.
  • ⚠️Playwright browser binaries need to be installed (`playwright install`) or a Playwright server must be running (as configured in `docker-compose.yml`).
  • ⚠️Vendor-specific credentials (e.g., Shufersal USERNAME/PASSWORD) are required in the `.env` file.
Verified SafeView Analysis
The system uses environment variables for sensitive data like API keys and login credentials (USERNAME, PASSWORD), which is good practice. Playwright's `page.evaluate` is used to execute JavaScript within the browser context for cart operations, which is intended behavior for web automation but means the application can inject arbitrary code into the browser. The `_execute_browser_script` also injects logging helpers by modifying `window.console`. Ensuring secure management of environment variables and isolating the browser environment is crucial.
Updated: 2026-01-16GitHub
PreviousPage 152 of 713Next