Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

32
2
Low Cost
Daniel-Barta icon

mcp-rag-server

by Daniel-Barta

Sec9

Provides a local, zero-network Retrieval-Augmented Generation server for any code repository, enabling semantic search and file access through the Model Context Protocol (MCP) for AI clients like GitHub Copilot Agent.

Setup Requirements

  • ⚠️Requires Node.js 18+.
  • ⚠️The `REPO_ROOT` environment variable is mandatory and must be correctly set for the server to function.
  • ⚠️Initial startup involves downloading a ~100MB embedding model and indexing the repository, which can take significant time for large repos. HTTP mode is recommended to avoid client timeouts during this phase, and `TRANSFORMERS_CACHE` can speed up subsequent runs.
Verified SafeView Analysis
The server demonstrates strong security practices for a local RAG solution. It explicitly enables DNS rebinding protection by default in HTTP mode and restricts allowed hosts to localhost. Crucially, path handling functions like `Indexer.ensureWithinRoot` are used to prevent directory traversal attacks, ensuring that file operations are confined to the specified `REPO_ROOT`. No hardcoded sensitive secrets or malicious patterns were identified. File system operations are either confined to the repository root or managed cache locations, or validated against traversal attempts.
Updated: 2026-01-18GitHub
32
2
Medium Cost
christianhuening icon

linkerd-mcp

by christianhuening

Sec9

Enables AI agents to monitor Linkerd service mesh health, analyze connectivity policies, and retrieve traffic metrics within Kubernetes clusters.

Setup Requirements

  • ⚠️Requires access to a Kubernetes cluster with Linkerd installed.
  • ⚠️Requires `kubectl` configuration (e.g., `~/.kube/config`) if running outside the cluster.
  • ⚠️Prometheus must be accessible for metrics-related tools to function.
Verified SafeView Analysis
The server follows good Kubernetes security practices, including running as a non-root user, using a read-only root filesystem, dropping Linux capabilities, and utilizing a `RuntimeDefault` seccomp profile. RBAC permissions are appropriately scoped, granting read-only access to necessary Kubernetes resources and Linkerd Custom Resource Definitions. Network policies, when enabled via Helm, restrict ingress and egress traffic, further enhancing security. No hardcoded secrets or malicious patterns were detected in the provided source code.
Updated: 2025-12-15GitHub
32
2
Low Cost
Panduza icon

power-supply

by Panduza

Sec8

Control and monitor power supplies from various interfaces including MQTT, MCP (Model Context Protocol), and a graphical user interface.

Setup Requirements

  • ⚠️Requires Rust (version 1.70.0 or newer).
  • ⚠️Linux GUI requires `libwebkit2gtk-4.0-dev` and other GTK development libraries.
  • ⚠️USB device access on Linux may require adding user to `dialout` group (`sudo usermod -a -G dialout $USER`).
  • ⚠️Physical devices like KD3005P may require specific USB serial drivers on Windows.
Verified SafeView Analysis
The server implements security limits for voltage and current to prevent unsafe configurations. The MCP server binds to localhost by default, with documentation advising caution and a reverse proxy for external exposure. Input parsing for MQTT payloads includes error handling. No obvious hardcoded credentials or malicious patterns were found. The 'panic!' in the emulator driver is a controlled test feature.
Updated: 2025-12-01GitHub
32
2
Medium Cost
omattsson icon
Sec9

A Model Context Protocol server providing comprehensive Terragrunt documentation and tooling integration for AI assistants, supporting various operational modes to optimize for specific use cases.

Setup Requirements

  • ⚠️Requires Terragrunt CLI to be installed on the host system for validation and version checks.
  • ⚠️Requires outbound network access to `terragrunt.gruntwork.io` to fetch and update documentation.
  • ⚠️File system write permissions are needed in the current working directory (or configured `TERRAGRUNT_MCP_ALLOWED_DIRS`) if configuration generation and writing is enabled.
Verified SafeView Analysis
The server demonstrates strong security practices for file operations with robust path validation, directory whitelisting (defaulting to CWD), and path traversal detection in `FileWriter`. Critical components leverage environment variables for sensitive configuration, avoiding hardcoded secrets. While `child_process` is used, it's for fixed, internal commands (`terragrunt --version`, `terragrunt hcl fmt`) and not susceptible to direct command injection from user input. Network calls to `terragrunt.gruntwork.io` are part of core functionality for documentation retrieval. The main risk factor is potentially exposing internal error details via MCP responses, although the protocol includes an `isError` flag.
Updated: 2026-01-19GitHub
32
2
Medium Cost
BobMerkus icon

mcp-ephemeral-k8s

by BobMerkus

Sec6

Provides a Python library and server for dynamically creating, managing, and proxying ephemeral Model Context Protocol (MCP) servers within a Kubernetes cluster.

Setup Requirements

  • ⚠️Requires access to a Kubernetes cluster (e.g., Kind, Docker Desktop Kubernetes, GKE, EKS, AKS) with `kubectl` configured.
  • ⚠️Requires significant RBAC privileges within the Kubernetes cluster, potentially cluster-wide, to manage and spawn other Kubernetes resources.
  • ⚠️Python 3.11 or newer is required.
Verified SafeView Analysis
The server's core functionality involves creating, managing, and deleting Kubernetes resources, including Jobs, Pods, Services, ServiceAccounts, Roles, and RoleBindings (or ClusterRoles/ClusterRoleBindings). By default, the Helm chart requests 'clusterWide' RBAC, granting extensive permissions across the cluster, including the ability to 'bind' and 'escalate' roles (from charts/mcp-ephemeral-k8s/templates/role.yaml). This high level of privilege is necessary for its intended operations (spawning dynamic MCP servers with varying permissions), but it makes the server a high-value target. If the mcp-ephemeral-k8s server itself is compromised, it could lead to significant privilege escalation and control over the Kubernetes cluster. The provided source code does not show malicious patterns, obfuscation, or hardcoded secrets, and it uses environment variables for sensitive data.
Updated: 2026-01-15GitHub
32
1
Low Cost
chadwd icon

DS-Figma-MCP

by chadwd

Sec8

Design System documentation and Figma integration platform for design tokens and reusable components.

Setup Requirements

  • ⚠️Requires Node.js `^20.19.0` or `>=22.12.0`.
  • ⚠️All `npm` commands must be run from the `apps/web/` directory.
  • ⚠️Requires a Figma Personal Access Token (`FIGMA_TOKEN`) with `files:read` and `variables:write` scopes, stored as an environment variable.
Verified SafeView Analysis
The `scripts/generate-figma-tokens.js` uses `fs.writeFileSync` for local file system operations, which is an expected part of the build process. The `FIGMA_TOKEN` for Figma integration is correctly sourced from environment variables, preventing hardcoded secrets. `jsdom` (a dev dependency) has network capabilities but is not used in the production build. The project itself doesn't expose server-side endpoints for remote code execution or direct user file uploads, mitigating common web vulnerabilities. Large dependency tree introduces inherent, but not directly apparent, supply chain risks.
Updated: 2025-12-13GitHub
32
17
High Cost
palewire icon

datawrapper-mcp

by palewire

Sec9

Enables AI assistants to programmatically create, update, publish, retrieve, and export Datawrapper charts for data visualization.

Setup Requirements

  • ⚠️Requires a Datawrapper API Access Token, obtained manually from the Datawrapper website, to be set as the DATAWRAPPER_ACCESS_TOKEN environment variable.
  • ⚠️Requires Python 3.10 or newer.
  • ⚠️The 'export_chart_png' tool can return large base64 encoded images, which consume a significant number of tokens in the AI's context window.
Verified SafeView Analysis
The server handles API tokens as environment variables, which is a good practice. Input data handling in `json_to_dataframe` includes checks for file existence and supported extensions (.csv, .json), mitigating arbitrary file read risks. Direct CSV strings are explicitly rejected, requiring structured JSON or file paths. The `update_chart` handler uses `setattr` for configuration updates, which is generally risky, but is constrained by Pydantic's `validate_assignment=True` and explicit `model_fields` lookup, limiting updates to defined, validated fields. No 'eval' or direct arbitrary code execution patterns were found in the application logic. The project includes a `CODE_OF_CONDUCT.md` and `CONTRIBUTING.md`, indicating a well-managed open-source project.
Updated: 2026-01-01GitHub
32
2
Low Cost
StacklokLabs icon

yardstick

by StacklokLabs

Sec7

A Model Context Protocol (MCP) server designed for performance testing and validating MCP implementations across various transport types.

Setup Requirements

  • ⚠️Requires Go 1.24+ for development and building.
  • ⚠️Requires 'Task' for managing common development operations (build, test, etc.).
  • ⚠️Docker is needed for containerized usage and integration tests.
  • ⚠️HTTP-based transports (SSE, Streamable HTTP) have no authentication enabled by default; `AUTH_HEADER` and `AUTH_VALUE` environment variables must be set to enable header-based authentication.
Verified SafeView Analysis
The server implements basic header-based authentication, configurable via `AUTH_HEADER` and `AUTH_VALUE` environment variables. Authentication is disabled by default. Input to the 'echo' tool is strictly validated using a regex (`^[a-zA-Z0-9]+$`) to prevent injection. HTTP transports (SSE, Streamable HTTP) are configured with `ReadTimeout`, `WriteTimeout`, and `IdleTimeout` to mitigate certain common network-based attack vectors. The client component's use of `exec.Command` for stdio transport is noted as intentional for testing subprocess communication and does not represent a server-side vulnerability.
Updated: 2026-01-13GitHub
32
2
Medium Cost
Oaklight icon
Sec4

Provides a unified API endpoint for various tools (calculator, multiple web search engines, webpage content extraction) that can run in either OpenAPI or MCP (Multi-Modal Communicative Protocol) mode.

Setup Requirements

  • ⚠️The repository is archived; the maintainers recommend using the 'ToolRegistry-Hub Server Mode' project instead, making this project unsuitable for new deployments or production.
  • ⚠️Requires `API_BEARER_TOKEN` environment variable for secure API endpoints in OpenAPI mode, but often run unauthenticated in MCP mode.
  • ⚠️Requires `SEARXNG_BASE_URL` environment variable if the SearXNG web search functionality is desired; otherwise, that endpoint is disabled.
Review RequiredView Analysis
The repository is explicitly archived and no longer actively maintained, posing a significant security risk due to lack of future updates and patches. The `calculator.evaluate` function, while core to its purpose, processes user-provided mathematical expressions, which can be a vector for injection attacks if the underlying `toolregistry.hub.Calculator` implementation is not thoroughly sandboxed (e.g., if it uses `eval()` without extreme caution). The `API_BEARER_TOKEN` for authentication is optional, and in MCP mode, it's often run without authentication, increasing exposure.
Updated: 2025-11-26GitHub
32
2
High Cost
Zdhhjhfjkhhhhjilk icon

ida-headless-mcp

by Zdhhjhfjkhhhhjilk

Sec5

A headless server that enables automated binary analysis using IDA Pro, exposing its capabilities via the Model Context Protocol (MCP) for programmatic interaction.

Setup Requirements

  • ⚠️Requires a licensed IDA Pro installation, including Hex-Rays Decompiler for full functionality.
  • ⚠️Python 3 environment (with `idalib` installed and configured to work with IDA Pro's Python API) is needed for the worker scripts.
  • ⚠️The primary server component is written in Go, requiring a Go development environment for building from source.
Verified SafeView Analysis
The server, by default, appears to lack strong authentication for its HTTP API (port 17300). While `scripts/inspector.sh` uses `DANGEROUSLY_OMIT_AUTH=true` for testing, this indicates a potential security gap if the server is exposed publicly without proper firewalling or additional authentication layers. The `ida_wrapper.py` allows importing external scripts (`script.json`, `il2cpp.h`, `addNames.py`) via the `import_il2cpp` and `import_flutter` tools. Although `addNames.py` is parsed by regex rather than directly `eval`-ed, processing arbitrary external scripts in the IDA context still poses a risk of unexpected or malicious IDA API calls if input sources are untrusted. Certain search functions, while having pagination limits, could potentially be optimized further to prevent excessive resource consumption in extreme cases, though current limits (1000/10000) offer some protection.
Updated: 2026-01-19GitHub
32
2
Medium Cost
Banded-antonym160 icon

wordpress-mcp-server

by Banded-antonym160

Sec9

A comprehensive AI-powered platform for managing WordPress and WooCommerce sites, covering development, content, security, and performance tasks.

Setup Requirements

  • ⚠️Requires a separate WordPress plugin (`wpmcp-plugin`) to be installed and activated on the target WordPress server to expose necessary REST API endpoints.
  • ⚠️Requires `WORDPRESS_URL`, `WORDPRESS_USERNAME`, and `WORDPRESS_PASSWORD` to be set as environment variables for WordPress REST API authentication.
  • ⚠️Many advanced features require the authenticated WordPress user to have administrator-level capabilities (`manage_options`, `edit_themes`, `edit_plugins`).
Verified SafeView Analysis
The server implements robust security measures for file system operations, including a whitelist approach for allowed directories and file extensions, strict path validation to prevent directory traversal, content scanning for malicious PHP functions (e.g., `eval`, `shell_exec`), and automatic backups with `.htaccess` protection. All endpoints enforce WordPress capabilities (e.g., `manage_options`, `edit_themes`, `edit_plugins`). Environment variables are used for credentials, preventing hardcoded secrets. The high score reflects strong internal safeguards for a tool that grants significant control; however, its power necessitates strong external security practices for the WordPress instance itself.
Updated: 2026-01-19GitHub
32
2
Medium Cost
cheesejaguar icon

aerospace-mcp

by cheesejaguar

Sec8

Provides a comprehensive aerospace research and flight planning service, including HTTP API and Model Context Protocol (MCP) integration, primarily for AI assistants.

Setup Requirements

  • ⚠️Requires Python 3.11+.
  • ⚠️OpenAP library is optional; performance estimates will be unavailable without it, or if it fails to install.
  • ⚠️AI-powered agent tools require `LLM_TOOLS_ENABLED=true` and an `OPENAI_API_KEY`, incurring API costs.
Verified SafeView Analysis
Contains a strong explicit safety disclaimer indicating the software is for educational/research purposes only and NOT for real-world navigation. Docker and Kubernetes deployment configurations show good security practices (non-root user, read-only filesystem, dropping capabilities, resource limits). Input validation is performed using Pydantic models. Relies on environment variables for sensitive data like API keys. Core FastAPI application does not appear to use `eval` or `exec` on user input. For production, external authentication and rate-limiting would need to be implemented (examples provided in documentation, but not built into the core FastAPI app).
Updated: 2026-01-17GitHub
PreviousPage 183 of 713Next