Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

32
2
Medium Cost
cosmonic-labs icon

openapi2mcp

by cosmonic-labs

Sec7

Generates MCP (Model Context Protocol) server tools in TypeScript from OpenAPI 3.x specifications.

Setup Requirements

  • ⚠️Requires Rust toolchain with `wasm32-wasip2` target for building from source.
  • ⚠️Requires Node.js 18+ for running or building from source.
  • ⚠️Requires `jco` (JavaScript Component Runtime) for building from source.
  • ⚠️Generated code is intended for use with a specific MCP server template (`mcp-server-template-ts`), which must be cloned first.
Verified SafeView Analysis
The core function is code generation, transforming OpenAPI specifications into TypeScript files that define MCP server tools. The generated TypeScript code then uses an `httpClient` to make API calls based on the original OpenAPI definitions. The `openapi2mcp` generator itself appears to implement reasonable safeguards against code injection into the generated output, such as escaping quotes and newlines for descriptions (`comment` function) and sanitizing names for variable generation (`cleanup_string` function). However, the ultimate runtime security of the *generated MCP server* is highly dependent on the security of the input OpenAPI specification (e.g., preventing malicious URLs or content if derived from untrusted sources) and the robustness of the external `httpClient` library (not provided in full source for analysis) to handle potentially malformed or malicious API call parameters safely.
Updated: 2026-01-19GitHub
32
1
High Cost
johnneerdael icon

google-mailpilot

by johnneerdael

Sec9

AI-native command center for Gmail and Google Workspace, enabling LLMs to read, triage, respond to, and manage email autonomously with calendar integration.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose.
  • ⚠️Requires a Gmail account with OAuth2 credentials (Google Cloud Project) or an App Password.
  • ⚠️Requires PostgreSQL 16+ with the pgvector extension (SQLite is not supported for AI features).
  • ⚠️Requires API keys for external LLM/embedding providers (e.g., OpenAI, Gemini, Cohere, LiteLLM), which are typically paid services.
  • ⚠️Bearer token (UUID) must be generated and configured for MCP client authentication.
Verified SafeView Analysis
The project emphasizes Human-in-the-Loop (HITL) safety for all mutations (e.g., email sending, calendar event creation require explicit user confirmation). It strongly recommends and documents bearer token authentication for the MCP endpoint and reverse proxy/TLS for web UI/API exposure. OAuth tokens are stored separately from config.yaml, preventing accidental exposure. The internal Engine API (port 8001) is not exposed publicly. The codebase shows no signs of 'eval', obfuscation, or malicious patterns.
Updated: 2026-01-17GitHub
32
2
Medium Cost
Valennmg icon

solscan-mcp

by Valennmg

Sec9

This server provides a natural language interface to query Solana blockchain data via the Solscan API, enabling retrieval of information on tokens, accounts, transactions, blocks, markets, and NFTs.

Setup Requirements

  • ⚠️Requires `SOLSCAN_API_KEY` environment variable to be set.
  • ⚠️Requires Rust toolchain installed to build the project from source.
Verified SafeView Analysis
The server correctly fetches the `SOLSCAN_API_KEY` from environment variables, preventing hardcoded secrets. All external communication uses HTTPS via `reqwest`, and the API key is passed in the standard `token` header. Error handling for API requests is implemented to prevent detailed internal error messages from being exposed to the client. No `eval` or similar dynamic code execution or unsafe deserialization patterns were found in the provided source code, indicating a secure implementation of the API wrapper.
Updated: 2026-01-19GitHub
32
1
High Cost
coston icon
Sec8

This server provides a lightweight, read-only interface for interacting with an MSSQL database, allowing users to list tables, describe their structure, and execute SELECT queries.

Setup Requirements

  • ⚠️Requires an existing MSSQL server with network access from where the server is run.
  • ⚠️Requires MSSQL authentication credentials (username and password) to be provided via environment variables.
  • ⚠️Requires Node.js and npm/npx environment.
Verified SafeView Analysis
The server explicitly enforces read-only operations for all tools by validating that queries start with 'SELECT' and checking for dangerous keywords ('INSERT', 'UPDATE', 'DELETE', 'DROP', 'CREATE', 'ALTER', 'TRUNCATE', 'EXEC', 'EXECUTE'). It also prevents multiple statements. Parameterized queries are used for 'list_table' and 'describe_table' to prevent SQL injection for structured inputs. While the 'read_data' tool accepts raw SQL, its sanitization efforts, including a 10,000 row limit, significantly mitigate common injection and denial-of-service risks. Credentials are handled via environment variables, not hardcoded.
Updated: 2025-11-24GitHub
32
1
Low Cost
nemesiscodex icon

pulse-tm

by nemesiscodex

Sec9

Pulse is a terminal-based task manager designed for developers to manage projects and tasks, offering CLI, TUI, and seamless integration with AI agents via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Bun 1.0.0 or higher; Node.js is not supported.
  • ⚠️Tasks are stored in local YAML files within a '.pulse/' directory, not cloud-synced.
  • ⚠️Automatic project root detection (via .git folder) might place the .pulse/ directory in an unexpected location if not explicitly specified with '--working-dir'.
Verified SafeView Analysis
The MCP server uses StdioServerTransport, communicating over standard I/O rather than network ports, which inherently limits direct network exposure. Task data is stored locally in YAML files within a .pulse directory. The project explicitly states no data is sent to remote servers by default and warns users about AI tools potentially reading/modifying local tasks. Input parsing for tool arguments includes validation (e.g., parseInt, trim, sanitizeTagName). No 'eval' or direct arbitrary command execution via child processes were identified in the provided runtime code.
Updated: 2025-12-02GitHub
32
2
Medium Cost
jtaleric icon

orion-mcp

by jtaleric

Sec8

Orion MCP serves as a Model Context Protocol server for automated performance regression analysis of OpenShift and Kubernetes clusters, with capabilities for PR analysis, trend visualization, and metric correlation.

Setup Requirements

  • ⚠️Requires Python 3.11 or newer.
  • ⚠️Requires access to an OpenSearch (or Elasticsearch >=7.17) endpoint with Orion-indexed benchmark results.
  • ⚠️The 'orion' analysis tool must be available in the system's PATH or runnable via Podman/Docker (if containerized 'orion' image is used).
Verified SafeView Analysis
The server relies heavily on executing an external 'orion' command via Python's subprocess module. While commands are constructed using lists to mitigate direct shell injection risks, the overall security depends on the integrity and robustness of the underlying 'orion' executable. No direct 'eval' or obvious hardcoded secrets were found. The primary external dependency is an OpenSearch/Elasticsearch endpoint, configured via environment variable, requiring appropriate security for the data source itself.
Updated: 2025-12-03GitHub
32
2
Medium Cost
starman69 icon

mcp-sanitizer

by starman69

Sec9

Provides a comprehensive security sanitization library and example implementations for Model Context Protocol (MCP) servers and general Node.js applications.

Setup Requirements

  • ⚠️Requires Node.js 20.0.0 or higher.
  • ⚠️Requires `npm install` for dependencies.
  • ⚠️The full MCP SDK integration example (`mcp-server.js`) requires `@modelcontextprotocol/sdk` to be installed.
Verified SafeView Analysis
The project is explicitly focused on security, demonstrating a strong defense-in-depth approach. It actively mitigates various injection types (SQL, Command, NoSQL, Template, Prototype Pollution), path traversal, XSS, and advanced Unicode attacks (homographs, directional overrides, null bytes, multi-encoding). The codebase includes explicit fixes for CVE-TBD-XXX issues, robust ReDoS protection, and a unified parser to prevent differential attacks. It leverages well-known security libraries like `sqlstring`, `shell-quote`, and `sanitize-filename`. While no system is perfectly impenetrable, the design and implementation show a high level of security awareness and best practices. Production policies enforce strict rules, including blocking sensitive protocols and private IPs. There are no obvious hardcoded secrets in the provided truncated source code examples, and `eval` or similar dangerous functions are used in patterns to *detect* attacks, not for internal execution.
Updated: 2026-01-14GitHub
32
2
Medium Cost
alshurov13 icon
Sec9

This MCP server provides a Python implementation for interacting with Allure TestOps API to manage test cases, launches, and test plans for comprehensive test management integration.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires Poetry package manager for dependency management.
  • ⚠️Requires `ALLURE_TESTOPS_URL`, `ALLURE_TOKEN`, and `PROJECT_ID` environment variables to be set for API access.
Verified SafeView Analysis
The server demonstrates good security practices by explicitly requiring API tokens and sensitive URLs to be set via environment variables, with multiple warnings against hardcoding or committing such credentials. It uses the `httpx` library for asynchronous HTTP requests, which is a modern and generally secure client. Input schemas are defined for tools, and implemented handlers (e.g., in `test_case_controller.py`) construct API requests by filtering `None` arguments, mitigating some injection risks. No `eval()` calls or direct shell command executions based on user input were identified. A large number of controller handlers are marked as 'TODO' and currently raise `NotImplementedError`, meaning they do not yet implement functionality, thus posing no immediate security risk but indicating incomplete feature implementation.
Updated: 2026-01-19GitHub
32
1
Medium Cost
V3RON icon
Sec3

This server bridges React Native DevTools to AI assistants, enabling debugging, profiling, and inspection of React Native applications through the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a running React Native application for the Metro Inspector Proxy (defaulting to http://localhost:8081).
  • ⚠️Project is highly experimental; APIs may change without notice and it's not recommended for production use.
  • ⚠️The server itself runs on port 3000 by default, which is hardcoded and cannot be configured via environment variables in the provided source.
Review RequiredView Analysis
The server exposes an `evaluate-javascript` tool that allows arbitrary JavaScript code execution on the connected React Native application via CDP's Runtime.evaluate. While this is its intended functionality for AI debugging, it presents a significant security risk if the server is exposed to untrusted networks or inputs, potentially leading to remote code execution. The README explicitly labels it 'WORK IN PROGRESS' and 'highly experimental' and 'not recommended for production use', which reinforces the need for extreme caution.
Updated: 2025-12-01GitHub
32
2
Medium Cost
sohail123op icon

markitdown-mcp

by sohail123op

Sec9

Converts various document and media formats to Markdown using the Model Context Protocol (MCP), primarily for integration with AI workflows like Claude Desktop.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires `pipx` for installation and dependency management (`pipx install --force git+https://github.com/trsdn/markitdown-mcp.git`).
  • ⚠️Full file format support (e.g., advanced PDF, Office documents, audio) requires additional optional dependencies (`pipx inject markitdown-mcp 'markitdown[all]' openpyxl xlrd pandas tabulate pymupdf pdfplumber pydub speechrecognition`).
  • ⚠️Requires manual configuration in Claude Desktop's `claude_desktop_config.json` to register the MCP server.
Verified SafeView Analysis
The server implements strong path validation and sanitization (`validate_and_sanitize_path`) to prevent path traversal, system file access, and execution of dangerous file types. It checks for '..' patterns, resolves absolute paths against a whitelist of safe directories (current, home subdirectories, temp, fixtures), and blacklists dangerous file extensions and system paths. Base64 file content is handled using temporary files that are explicitly unlinked. Error messages are sanitized to prevent information leakage. The server runs as a local subprocess, limiting direct network exposure. The primary remaining risk is potential vulnerabilities within the upstream 'MarkItDown' library itself, which is external to this codebase's direct control. No 'eval' or hardcoded secrets were found.
Updated: 2026-01-19GitHub
32
2
Medium Cost
spre-sre icon
Sec9

Provides an AI assistant with specialized tools to monitor, analyze, troubleshoot, predict, and simulate changes in Kubernetes, OpenShift, and Tekton environments for SREs and DevOps.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires a compatible MCP client (e.g., Claude Desktop/Code CLI, Gemini CLI, Cursor IDE).
  • ⚠️Requires valid Kubernetes/OpenShift cluster access with appropriate read-only RBAC permissions.
  • ⚠️Advanced metrics and forecasting features require access to a Prometheus server.
Verified SafeView Analysis
The server is designed to be strictly read-only by default. It leverages existing Kubernetes RBAC for permissions and explicitly advises the principle of least privilege. Security documentation is comprehensive, covering network security and warning against hardcoded credentials. Risks primarily stem from misconfigured RBAC or exposing the server externally, which are external configuration concerns.
Updated: 2026-01-19GitHub
32
2
Medium Cost
Facets-cloud icon

facets-module-mcp

by Facets-cloud

Sec9

This MCP (Model Context Protocol) server enables AI agents to assist developers in generating, validating, testing, and managing Terraform modules for infrastructure-as-code within the Facets.cloud platform.

Setup Requirements

  • ⚠️Requires 'uv' (universal Python package installer and resolver) to be installed.
  • ⚠️Requires a Facets.cloud account and valid credentials (FACETS_USERNAME, FACETS_TOKEN, CONTROL_PLANE_URL or FACETS_PROFILE) configured either as environment variables or in ~/.facets/credentials.
  • ⚠️Requires Python 3.11 or newer.
Verified SafeView Analysis
The server implements strong security measures for file operations, ensuring all read/write actions are strictly confined to the designated 'working_directory' using `ensure_path_in_working_directory`. Sensitive credentials (FACETS_TOKEN, FACETS_USERNAME, CONTROL_PLANE_URL) are handled through environment variables or a secure configuration file (`~/.facets/credentials`), preventing hardcoding. `ftf-cli` commands are executed via a Click test runner, which is generally safer than direct shell execution. No 'eval' or obvious malicious patterns were detected.
Updated: 2025-12-01GitHub
PreviousPage 166 of 713Next