Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

32
2
Medium Cost
OrionHubScript icon

fetch-mcp

by OrionHubScript

Sec8

Serves as an MCP server to fetch URLs and YouTube video transcripts efficiently.

Setup Requirements

  • ⚠️Requires a JavaScript runtime (Node.js or Bun) for execution.
  • ⚠️Primarily designed as a Model Context Protocol (MCP) server, expecting an MCP client for interaction.
  • ⚠️The SSE server mode listens on port 3000 by default, configurable via the `PORT` environment variable.
  • ⚠️Project is built using Bun, implying Bun is the preferred build tool if building from source.
Verified SafeView Analysis
The server uses `got-scraping` for network requests, which includes some anti-bot features. No `eval` or direct command injection vectors were found. The `fetch_url` tool directly accepts a URL, which could pose a limited Server-Side Request Forgery (SSRF) risk if not used in a controlled environment or if URL validation were not strict enough to prevent access to internal networks. No hardcoded secrets were identified.
Updated: 2025-12-15GitHub
32
2
High Cost
ibuuzm icon
Sec7

An AI-powered trading assistant designed for market analysis, automated trade execution, and financial decision support.

Setup Requirements

  • ⚠️Requires API keys for multiple LLM providers (e.g., OpenRouter, DeepSeek, Google, Grok, OpenAI).
  • ⚠️Requires a Polygon.io API key for market data, and a Brave Search API key for research.
  • ⚠️Requires Pushover API keys for push notifications.
  • ⚠️Requires Node.js and npm/npx in addition to Python (3.12+) and uv for running external MCP servers.
Verified SafeView Analysis
The system processes sensitive financial transactions (buying/selling shares) through AI agents interacting with MCP tools. API keys for various LLM providers, market data (Polygon), Brave Search, and push notifications (Pushover) are correctly loaded from environment variables, preventing hardcoding. SQL database interactions use parameterized queries. However, the reliance on external `uvx` and `npx` commands to run third-party MCP servers (e.g., `mcp_polygon`, `@modelcontextprotocol/server-brave-search`, `mcp-memory-libsql`) introduces supply chain risks if these external packages are compromised. The core risk lies in the autonomous nature of AI agents making real-time financial decisions.
Updated: 2026-01-19GitHub
32
2
High Cost
Omkarjamadar icon
Sec5

Provides an AI-driven interface to control a macOS computer by automating tasks through accessibility features and a conversational agent loop.

Setup Requirements

  • ⚠️Requires macOS as the operating system for the desktop control server. (Windows and Linux implementations are placeholders.)
  • ⚠️Requires manual granting of 'Accessibility' permissions for the server application in macOS System Settings.
  • ⚠️Requires an Anthropic API Key (ANTHROPIC_API_KEY) configured as an environment variable.
  • ⚠️The Rust-based desktop control server (mcp-server-os-level) must be running separately and locally (on 127.0.0.1:8080) for the clients to function.
Review RequiredView Analysis
The system grants AI direct control over the operating system, allowing it to perform actions like launching applications, typing, clicking, and pressing keys. This is inherently a high-risk operation. While the client-side components (Next.js and CLI) communicate with the Rust-based desktop control server over a local HTTP connection (127.0.0.1:8080), a compromised AI model or malicious prompt could execute arbitrary, potentially destructive commands on the user's machine (e.g., 'delete all files'). The macOS server explicitly requires user-granted accessibility permissions, which is a necessary safeguard. No hardcoded API keys are found within the client code that would be exposed to the browser, as they are loaded from environment variables and used server-side in Next.js API routes. The core risk is the nature of giving AI full system control and the trust placed in the AI's reasoning and the input prompts.
Updated: 2026-01-19GitHub
32
1
Low Cost
pholex icon
Sec8

This is a Model Context Protocol (MCP) server for querying and executing scheduled tasks in Qinglong Panel.

Setup Requirements

  • ⚠️Requires a running Qinglong Panel instance with Open API enabled.
  • ⚠️Requires obtaining CLIENT_ID and CLIENT_SECRET from the Qinglong Panel.
  • ⚠️Configuration requires manually editing the .env file in ~/.qinglong-mcp/.
Verified SafeView Analysis
The server handles credentials (CLIENT_ID, CLIENT_SECRET) via environment variables loaded from .env files, which is good practice. It makes outgoing HTTP requests to the configured QINGLONG_URL. No 'eval' or direct code execution from untrusted input is found. Security relies heavily on the secure storage of the .env file and the security posture of the target Qinglong Panel.
Updated: 2025-12-09GitHub
32
15
High Cost
xxyyue icon
Sec3

A headless IDA Pro server for remote, programmatic binary analysis and reverse engineering via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires IDA Pro 9.1.0 or later installed.
  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires the IDADIR environment variable to be set to the IDA Pro installation directory.
Review RequiredView Analysis
The `py_eval` tool allows execution of arbitrary Python code within the IDA context. While intended as a powerful feature for analysis agents, this is a critical security risk if the server is exposed to untrusted input or if not run in a strictly isolated and trusted environment. The server can also be configured to listen over HTTP/SSE, which introduces network-based attack vectors if not properly secured with authentication and authorization. No apparent hardcoded secrets in the server's own code.
Updated: 2025-12-30GitHub
32
2
Low Cost
Montimage icon

sec-mcp

by Montimage

Sec9

This server provides real-time security checks for domains, URLs, and IP addresses against multiple blacklists, designed to be integrated into Python applications, used via CLI, or run as an MCP server to enrich LLM context with threat intelligence.

Setup Requirements

  • ⚠️Requires Python 3.11+.
  • ⚠️Initial setup requires running 'sec-mcp update' to download and populate blacklist data; without it, the blacklist will be empty.
  • ⚠️For optimal performance, set the environment variable 'MCP_USE_V2_STORAGE=true' before running the server, as the default v1 storage is significantly slower.
Verified SafeView Analysis
The project uses standard Python libraries (sqlite3, httpx) with proper parameterization to prevent common vulnerabilities like SQL injection. Input validation is applied to network requests. It relies on external public blacklist feeds, which is inherent to its function, but the project itself does not introduce new network-related risks or hardcoded secrets. File system interactions for local database and downloads are handled safely. The overall design is security-conscious.
Updated: 2025-11-23GitHub
32
2
Medium Cost
jcucci icon
Sec9

Enables Language Learning Models (LLMs) to analyze and understand .NET code with precision through deep introspection of assemblies.

Setup Requirements

  • ⚠️Requires .NET 9.0 SDK to build and run from source.
  • ⚠️Requires an MCP client (e.g., Cursor, Claude Desktop) for interaction, as it communicates over stdio.
  • ⚠️Users must supply valid paths to compiled .NET assemblies for analysis.
Verified SafeView Analysis
The server primarily relies on reflection and explicitly states it prefers `MetadataLoadContext` to avoid executing user code during analysis, which is a significant security best practice. It communicates over stdio, limiting network exposure. The main risk involves pointing the tool to untrusted or malicious assemblies, which is an inherent risk of any code analysis tool but is mitigated by the `MetadataLoadContext` approach.
Updated: 2026-01-18GitHub
32
2
Medium Cost
puran-water icon
Sec3

An MCP server enabling LLM-assisted generation, manipulation, validation, and visualization of engineering diagrams (BFD, PFD, P&ID) following DEXPI and SFILES standards.

Setup Requirements

  • ⚠️Requires Node.js and 'npm install elkjs' for ELK layout features.
  • ⚠️Requires `pydexpi` and `sfiles2` Python libraries.
  • ⚠️Git is required for project persistence features (e.g., `project_init`, `project_save`, `project_load`).
  • ⚠️If not using Docker, the `graphicbuilder-service.py` (Flask) and `proteus-viewer` (Node.js) services need to be run separately for full visualization capabilities.
Review RequiredView Analysis
The server uses `eval()` in `src/tools/pfd_expansion_engine.py` for template condition evaluation, which is a critical vulnerability if template definitions or runtime parameters can be influenced by untrusted input, allowing arbitrary code execution. Extensive use of `subprocess.run()` calls in various modules (e.g., `project_persistence.py`, `elk.py`, `graphicbuilder-service.py`) poses a risk of command injection if arguments are not rigorously sanitized. The server exposes an MCP API, and visualization components run separate Node.js and Flask services, widening the attack surface. `sys.path.append` is used, which can be a module hijacking risk in untrusted environments.
Updated: 2025-12-05GitHub
32
2
Medium Cost
seanivore icon

the-pensieve

by seanivore

Sec7

The Pensieve server acts as a RAG-based knowledge management system, allowing users to store, query, and analyze their knowledge using natural language and LLM-powered insights.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid Service)
  • ⚠️Requires Qdrant URL and API Key (Vector Database, can be self-hosted or managed service)
  • ⚠️Knowledge base must be structured as markdown files, ideally with frontmatter, as processed by `inventory-parser.ts`.
Verified SafeView Analysis
API keys are passed as command-line arguments and set as environment variables, which is better than hardcoding but less secure than dedicated secret management. The `generate_markdown` tool writes files to `rootPath` using a `filename` argument; if `filename` is not sanitized by the client, it could potentially lead to path traversal vulnerabilities. No direct `eval` or blatant obfuscation found. External network requests to OpenAI and Qdrant are expected for core functionality.
Updated: 2025-11-29GitHub
32
2
High Cost
skaldlabs icon

skald-mcp

by skaldlabs

Sec9

Provides a Model Context Protocol (MCP) server to chat with, create, update, delete, search, and generate content from a Skald AI knowledge base.

Setup Requirements

  • ⚠️Requires an active Skald account and API key (Skald is a paid service).
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Configuration for clients like Cursor or Claude Desktop involves specifying an absolute path to the 'build/index.js' file, which might require extra steps for users.
Verified SafeView Analysis
The server uses Zod for robust input validation on all tool parameters, significantly reducing the risk of injection attacks. It relies on a Skald API key, which must be provided via an environment variable or command-line argument, preventing hardcoding. All communication with the Skald knowledge base is handled by the official `@skald-labs/skald-node` SDK, which is assumed to be secure. No direct use of 'eval' or other highly dangerous patterns is observed in the provided code snippet. Security largely depends on the integrity of the Skald platform and SDK.
Updated: 2025-12-12GitHub
32
2
Medium Cost
bit2me-devs icon

bit2me-mcp

by bit2me-devs

Sec9

Integrates AI assistants with the Bit2Me cryptocurrency exchange, enabling real-time market data access, wallet management, trading operations, and interactions with Earn and Loan products.

Setup Requirements

  • ⚠️Requires a verified Bit2Me account to generate API keys.
  • ⚠️Mandatory `BIT2ME_API_KEY` and `BIT2ME_API_SECRET` environment variables for authentication (API keys are recommended over JWTs for most use cases).
  • ⚠️Node.js v18 or higher is required.
  • ⚠️For security best practices, 'Withdrawal' permissions should not be enabled on your Bit2Me API Key.
Verified SafeView Analysis
The server implements robust security measures including HMAC-SHA512 for API key signing, comprehensive input validation to prevent common attack vectors, and explicit sanitization of sensitive data (API keys, JWTs) in logs. It also utilizes a circuit breaker and rate limiting to enhance resilience and protect the upstream Bit2Me API. CodeQL, ESLint security plugins, and gitleaks are used in the development pipeline.
Updated: 2026-01-19GitHub
32
2
Medium Cost
chayan-1906 icon

Google-Workspace-MCP

by chayan-1906

Sec3

Seamlessly integrates Google Drive, Sheets, and Docs with Claude AI and other AI agents through the Model Context Protocol (MCP) for automation.

Setup Requirements

  • ⚠️Requires Google Cloud OAuth 2.0 Client ID and Client Secret (must be obtained and configured).
  • ⚠️Requires a MongoDB instance for storing user tokens and sessions (MONGODB_URI must be configured).
  • ⚠️Requires a strong `TOKEN_SECRET` for secure encryption of user authentication tokens.
Review RequiredView Analysis
The `credentials.json` file in the repository contains a hardcoded Google service account private key. This is a critical security vulnerability, as private keys should never be publicly exposed. While the application's primary OAuth flow relies on user-configured `CLIENT_ID` and `CLIENT_SECRET` (which are correctly externalized as empty placeholders in `config.ts`), the presence of this service account key in the source code constitutes a severe credential leak. Additionally, the application requires `TOKEN_SECRET` for encrypting/decrypting user tokens, which must also be securely configured.
Updated: 2025-11-27GitHub
PreviousPage 174 of 713Next