Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

32
2
Medium Cost
mo-mostafa-123 icon

fastestmcp

by mo-mostafa-123

Sec2

Framework and CLI tool for rapidly generating and developing modular MCP (Model Context Protocol) servers and clients, with capabilities for API integration, code generation, and component-based development.

Setup Requirements

  • ⚠️Python 3.10+ required
  • ⚠️Requires `git` command-line tool to be installed and accessible in PATH for repository operations
  • ⚠️HTTP servers require `httpx`, `fastapi`, `uvicorn`
Review RequiredView Analysis
`eval()` is used in a demo script (src/fastestmcp/demo.py) with an explicit warning about its dangers. A critical vulnerability exists in the `clone_git_repository` tool (src/server/stdio/app/tools.py), which allows a client to specify an arbitrary `target_directory`. This enables cloning a repository into any writable location on the server's file system, potentially leading to arbitrary file writes, overwriting system files, or placing executable code, if the server is exposed to untrusted input. Hardcoded 'demo-token' for authentication is present in `src/server/stdio/app/auth.py` for demonstration purposes.
Updated: 2026-01-19GitHub
32
3
Medium Cost
moorcheh-ai icon

moorcheh-mcp

by moorcheh-ai

Sec9

Provides a Model Context Protocol (MCP) interface for Moorcheh's AI services, including embedding, vector storage, semantic search, and AI-powered answer generation.

Setup Requirements

  • ⚠️Requires a Moorcheh API Key, which must be obtained from the Moorcheh Dashboard and set as MOORCHEH_API_KEY environment variable.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️An MCP client (e.g., Claude Desktop, Cursor IDE) is necessary to effectively interact with the server's tools and resources.
Verified SafeView Analysis
The server uses Zod for robust input validation, preventing common injection vulnerabilities. API keys are loaded from environment variables and checked for validity, with no hardcoded secrets. Network requests are confined to Moorcheh's official API endpoints. The file upload tool includes validation for file size (max 10MB) and allowed extensions (.pdf, .docx, .xlsx, .json, .txt, .csv, .md), mitigating risks associated with arbitrary file uploads. Non-JSON-RPC stdout output is redirected to stderr, enhancing protocol stability and security. No 'eval' or obfuscation is present.
Updated: 2026-01-08GitHub
32
2
High Cost
rb58853 icon

fastchat-mcp

by rb58853

Sec1

A Python client for integrating Language Models with Model Context Protocol (MCP) servers, allowing natural language interaction with external tools, resources, and prompts.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid)
  • ⚠️Requires 'fastchat.config.json' file for server and database configurations
  • ⚠️Requires 'CRIPTOGRAFY_KEY' environment variable for token data storage
  • ⚠️Requires 'MASTER_TOKEN' environment variable for admin access
Review RequiredView Analysis
CRITICAL: The server exposes WebSocket endpoints that accept an 'aditional_servers' header. This header's content is parsed as JSON and can add or override MCP server configurations. If an authenticated attacker provides a malicious 'stdio' protocol server configuration (e.g., specifying '/bin/sh -c "rm -rf /"' as the command), the `stdio_client` will execute arbitrary commands on the server. This constitutes a severe Remote Code Execution (RCE) vulnerability for authenticated users. The `fastchat.config.json` should be treated as a trusted configuration, and user-provided configuration overrides must be carefully sanitized or restricted.
Updated: 2025-12-08GitHub
32
2
Low Cost
axone-protocol icon

axone-mcp

by axone-protocol

Sec7

Acts as a gateway for AI-powered tools (like Claude) to interact with the Axone blockchain's dataverse via the Model-Context Protocol (MCP), primarily to retrieve governance code for resources.

Setup Requirements

  • ⚠️Requires Golang to build from source.
  • ⚠️Requires access to an Axone node gRPC endpoint.
  • ⚠️Designed to be consumed by an MCP-compatible client (e.g., Claude Desktop, IDEs, or other AI tools).
Verified SafeView Analysis
The server's gRPC client connection to the Axone node offers flags (`--grpc-no-tls`, `--grpc-tls-skip-verify`) to disable or skip TLS certificate verification. While `--grpc-tls-skip-verify` enforces TLS 1.2 minimum, disabling TLS or skipping verification can expose the connection to security risks (e.g., man-in-the-middle attacks) if used with untrusted gRPC endpoints. There are no hardcoded secrets or obvious malicious patterns in the provided source code. The default `dataverseAddr` in `smithery.yaml` is a public contract address.
Updated: 2026-01-13GitHub
32
2
Medium Cost
rdwj icon
Sec9

A production-ready template for building Model Context Protocol (MCP) servers with dynamic tool/resource loading, Python-based prompts, and seamless OpenShift deployment capabilities for AI agents.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Requires 'cmcp' for local testing
  • ⚠️Requires 'oc' (OpenShift CLI) for OpenShift deployment
  • ⚠️Requires 'fips-agents' CLI tool for scaffolding new components
  • ⚠️Files created by Claude Code may have restrictive 600 permissions, requiring a 'chmod 644' fix before deployment (though handled by deploy script).
Verified SafeView Analysis
The server template includes JWT authentication with scope-based authorization, using environment variables for sensitive keys. It explicitly addresses potential file permission issues during deployment. Error handling uses `ToolError` to prevent internal traceback exposure. `fastmcp.settings.mask_error_details` can be configured to hide detailed error information from clients. No obvious `eval` or malicious code patterns were found.
Updated: 2025-12-14GitHub
32
1
Low Cost
Pritahi icon

mcp-proxy-saas

by Pritahi

Sec9

An API gateway/proxy for Model Context Protocol (MCP) servers, providing authentication, security, and logging for multi-tenant applications.

Setup Requirements

  • ⚠️Requires a Supabase project and database for configuration, API keys, and audit logs.
  • ⚠️A PostgreSQL database must be configured with the specified `mcp_servers`, `api_keys`, `audit_logs`, and `user_usage` schemas.
  • ⚠️Requires Node.js version 20.0.0 or higher.
Verified SafeView Analysis
The server implements strong security practices: API key authentication with caching, configurable CORS, Helmet for common security headers, and an in-memory rate limiter. Critical credentials (Supabase service role key) are correctly loaded from environment variables. Tool whitelisting and content blacklisting are effective security layers. The 'trust proxy' setting is correctly enabled for cloud deployments. Input validation for `params` is not explicitly deep beyond blacklist checks, relying on downstream MCP servers, which could be an area for enhancement, but otherwise the server's security is robust.
Updated: 2025-12-09GitHub
32
2
Medium Cost
notorious-ai icon

claude-plugins

by notorious-ai

Sec7

Enhances Claude's capabilities as a Go developer by providing skills for idiomatic commit message generation and as a knowledge manager for capturing and structuring online videos and articles into an Obsidian vault.

Setup Requirements

  • ⚠️Requires Go toolchain installed for `golang-dev`.
  • ⚠️Requires yt-dlp installed for video capture (`obsidian-notes`).
  • ⚠️Requires yq installed for tag extraction (`obsidian-notes`).
  • ⚠️Must be run from the root directory of an Obsidian vault for `obsidian-notes`.
  • ⚠️Required `Gems/Videos/` and `Gems/Articles/` directories must exist in Obsidian vault, as the plugin will not create them automatically.
Verified SafeView Analysis
The `obsidian-notes` plugin executes external command-line tools (`yt-dlp`, `yq`) and fetches arbitrary web content. While designed for text extraction into Markdown, this introduces potential risks if user-provided input is not sufficiently sanitized before being passed to shell commands, or if the web fetching/processing components have vulnerabilities. The `golang-dev` plugin primarily analyzes `git diff` output and generates text, posing fewer direct security risks from external execution. The overall design relies on a trusted local execution environment (user's machine/Obsidian vault).
Updated: 2026-01-18GitHub
32
1
Medium Cost
danielwpz icon

polybrain-mcp

by danielwpz

Sec9

Connects AI agents to multiple LLM models, providing conversation history management and model switching capabilities.

Setup Requirements

  • ⚠️Requires API keys for external LLM services (e.g., OpenAI, OpenRouter), which incur usage costs.
  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Configuring multiple LLM models requires a YAML file (`~/.polybrain.yaml`), while environment variables support only a single model setup.
Verified SafeView Analysis
The server employs good security practices like input validation (Zod schemas for tools), environment variable injection for API keys (no hardcoded secrets), and careful handling of child processes. While `execSync` is used for killing processes by port, the port number is derived from trusted internal configuration, not user input, mitigating common injection risks. The HTTP server is intended for local agent communication, and exposing it publicly would require additional security considerations. No 'eval' or malicious obfuscation patterns were found.
Updated: 2025-11-25GitHub
32
2
Medium Cost
tlockney icon

obsidian-mcp

by tlockney

Sec9

Enables AI models to interact with Obsidian vaults by exposing Obsidian Local REST API functionality as MCP tools.

Setup Requirements

  • ⚠️Requires Obsidian with the 'Local REST API' plugin installed, enabled, and configured with an API key (optional but recommended for security).
  • ⚠️For running from source or development, Deno 2.x must be installed.
  • ⚠️User must manually generate and provide an API key from Obsidian's Local REST API plugin settings if authentication is enabled.
Verified SafeView Analysis
The project uses Deno's built-in tooling and standard practices for handling API keys (via env vars/CLI). It makes HTTP requests to a user-configured Obsidian Local REST API endpoint. Error responses from the API are parsed safely with graceful fallback. The `install.sh` script removes macOS quarantine attributes, which is common for unsigned binaries but the user should be aware it overrides some OS security warnings for a downloaded executable.
Updated: 2025-12-14GitHub
32
4
Medium Cost
coucya icon
Sec8

An MCP server that provides HTTP request capabilities, enabling LLMs to fetch and process web content, including saving to files.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires MCP Client with 'root' capability for file operations relative to workspace root ('--use-root' flag)
Verified SafeView Analysis
The server allows arbitrary HTTP requests to external URLs and supports writing fetched content to the local filesystem. File writing operations include robust checks against path traversal attacks and writing to common protected system directories (e.g., /etc, C:\Windows). The `--use-root` and `--allow-external-file-access` options, if enabled, increase the potential risk profile by allowing broader file access, but require explicit opt-in via command-line flags. No 'eval' or other critical, obvious vulnerabilities like hardcoded secrets or malicious patterns were found in the provided source.
Updated: 2025-11-21GitHub
32
2
High Cost
ThreeFish-AI icon

data-extractor

by ThreeFish-AI

Sec8

A commercial-grade MCP Server designed for robust web page and PDF content extraction and conversion to Markdown, purpose-built for long-term enterprise deployment.

Setup Requirements

  • ⚠️Requires Python 3.12+ (recommend 3.13).
  • ⚠️Requires 'uv' package manager for setup and execution.
  • ⚠️Requires Playwright browsers (e.g., Chromium) installation if using 'selenium' or 'playwright' scraping methods.
  • ⚠️Environment variables (in a '.env' file or system-wide) must be configured for optimal operation.
Verified SafeView Analysis
The server's core functionality involves making network requests to arbitrary external URLs for web scraping and PDF downloads. This introduces inherent risks from interacting with potentially malicious or untrusted external content. However, the codebase does not exhibit signs of malicious intent, hardcoded secrets, or dangerous dynamic code execution patterns (like `eval` on untrusted input). It includes good practices such as sanitizing HTML (removing scripts and styles) and respecting `robots.txt` rules. The use of robust, well-maintained libraries like Scrapy, Selenium, Playwright, PyMuPDF, and PyPDF also contributes to overall security, provided these libraries themselves are kept updated and properly configured. Configuration for sensitive details like proxy URLs uses environment variables, which is a secure approach.
Updated: 2026-01-19GitHub
32
2
Medium Cost
bakietd icon
Sec6

Integrates AI, APIs, and automation for intelligent notifications and workflow optimization with GitHub and X.

Setup Requirements

  • ⚠️Requires Node.js installed on the system.
  • ⚠️Likely requires API keys for Google GenAI (potentially paid service), GitHub, and X (Twitter) for full functionality.
  • ⚠️Core functionality depends on a proprietary `@modelcontextprotocol/sdk` which is not open-source, leading to a 'black box' for key logic and potential hidden requirements.
Verified SafeView Analysis
The core server logic for AI-powered features, API integration, and automation is largely encapsulated within the proprietary `@modelcontextprotocol/sdk` which is not provided in the source. The explicit application code (index.ts files) is minimal ('Hello World'-style output), making a full security assessment impossible without the SDK's source. Dependencies include reputable packages like `@google/genai`, `express` (transitive), and `dotenv` for environment variables. `express-rate-limit` is used, which is a good security practice. No obvious malicious patterns like 'eval' or obfuscation were found in the provided files.
Updated: 2025-12-15GitHub
PreviousPage 171 of 713Next