Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

32
2
Low Cost
gusztavvargadr icon

foaas-mcp

by gusztavvargadr

Sec9

An MCP server that provides explicit, humorous responses from the FOAAS API to AI clients, typically for developer workflow interactions like GitHub issue triage.

Setup Requirements

  • ⚠️Requires Docker installed and running.
  • ⚠️Requires GitHub CLI (gh) installed and authenticated for creating demo repositories.
Verified SafeView Analysis
The server is designed with a strong security posture, utilizing Docker for isolation, running as a non-root user, and using stdio-only transport to prevent network exposure. Input validation is performed with Zod, and URL parameters for the external FOAAS API are properly encoded. No hardcoded secrets or 'eval' usage were found. Security updates are automated via Dependabot. The main inherent 'risk' is the explicit content from the FOAAS API, which is an intended feature, not a vulnerability in the MCP server itself. Limited validation of FOAAS API responses is noted.
Updated: 2026-01-19GitHub
32
2
Low Cost
finki-hub icon

finki-mcp

by finki-hub

Sec8

Provides an MCP server for FINKI course management, offering APIs to retrieve course staff and participant information with fuzzy matching capabilities.

Setup Requirements

  • ⚠️Requires Python 3.13+
  • ⚠️Requires Docker and Docker Compose for containerized setup.
  • ⚠️Requires `course_participants.json` and `course_staff.json` files in a `data` directory at the project root or within the Docker volume.
Verified SafeView Analysis
The server lacks explicit authentication/authorization mechanisms, making all endpoints publicly accessible on the configured host/port. Reliance on mounted JSON data files (`/data`) means the integrity and security of these files are critical; compromised data files could lead to incorrect or manipulated responses. No direct code injection or execution vulnerabilities are immediately apparent within the provided server logic.
Updated: 2026-01-16GitHub
32
2
Medium Cost
kikzi icon
Sec9

This repository demonstrates the integration of a Model Context Protocol (MCP) server with various AI agent frameworks, showcasing agent communication and operation within a shared context.

Setup Requirements

  • ⚠️Requires API Keys for Google Gemini (GEMINI_API_KEY) and potentially OpenAI (OPENAI_API_KEY) for full functionality.
  • ⚠️Requires Python 3.13 or newer due to `requires-python = ">=3.13"` in `pyproject.toml`.
  • ⚠️Requires `uv` (a Python package installer and runner) to execute the server as depicted in the client examples.
Verified SafeView Analysis
The server primarily operates via standard I/O for inter-process communication, reducing direct network exposure. API keys are loaded from environment variables, avoiding hardcoded secrets. The provided tools ('add', 'get_current_time', 'get_greeting') are simple and deterministic, posing minimal security risks. No 'eval' or obfuscation is present in the provided code.
Updated: 2025-12-15GitHub
32
1
Medium Cost
athavala icon

mysql-mcp-server

by athavala

Sec1

Provides a programmatic interface for interacting with a MySQL database, enabling schema retrieval and arbitrary SQL query execution through an MCP server.

Setup Requirements

  • ⚠️Requires a running MySQL database instance to connect to.
  • ⚠️Python dependencies 'mysql-connector-python' and 'fastmcp' must be installed.
  • ⚠️Relies on specific environment variables (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT) for database connection, otherwise insecure default credentials are used.
Review RequiredView Analysis
The `query_data` function directly executes any SQL string provided as input without sanitization or validation, creating a severe SQL injection vulnerability. Although there's a commented-out `is_safe_query` check, it's not active. Additionally, hardcoded default database credentials ('root', 'password') are present, which are insecure if environment variables are not properly configured.
Updated: 2025-12-10GitHub
32
2
Low Cost
SizzleTheWizzle icon

obsidian-claude-code

by SizzleTheWizzle

Sec10

A workflow template for Obsidian to organize personal knowledge, daily notes, and project management, designed to guide an AI assistant like Claude Code.

Setup Requirements

  • ⚠️Requires Obsidian (latest version recommended).
  • ⚠️Requires manual import of template files into an Obsidian vault.
Verified SafeView Analysis
The provided source code consists entirely of Markdown files (Obsidian templates and documentation). These files are static content and do not contain executable code, scripts, network functionalities, 'eval' statements, or hardcoded secrets. Therefore, based on the provided source code, there are no inherent security risks. The project is an Obsidian template, not a server, and requires manual import into an Obsidian vault. Any potential security concerns would arise from the Obsidian application itself, user-generated content, or the integrity of the downloaded '.zip' file, which is outside the scope of the provided source code.
Updated: 2026-01-19GitHub
32
2
Low Cost
craneoankh icon

mcp-server-manager

by craneoankh

Sec3

Manage Model Context Protocol (MCP) servers across multiple AI clients through a central Go-based web interface and YAML configuration.

Setup Requirements

  • ⚠️Requires manual editing of `config.yaml` to add MCP servers, configure clients, and replace placeholder API keys.
  • ⚠️For Linux users, `sudo loginctl enable-linger $USER` is recommended to ensure the systemd user service starts automatically on system boot.
  • ⚠️Command-based MCP servers require the specified executables (e.g., `npx`) to be available in the system's PATH.
Review RequiredView Analysis
The server manager executes commands defined in the `mcpServers` section of its configuration file. If an attacker gains unauthorized access to modify the `config.yaml` file (e.g., via a directory traversal vulnerability or system compromise), they could inject malicious commands, leading to remote code execution on the host system. While the application validates if a command exists in the system's PATH, it lacks robust sanitization or strict allow-listing for arbitrary commands and arguments. The default `config.yaml` includes placeholder API keys, which if not replaced by the user, can become hardcoded secrets.
Updated: 2026-01-19GitHub
32
2
Medium Cost
SidiqHadi icon

daisyui-mcp

by SidiqHadi

Sec8

Sets up a local server to provide offline documentation for DaisyUI components, accessible via an LLM agent.

Setup Requirements

  • ⚠️Requires a Python 3 environment.
  • ⚠️The `fastmcp` Python package must be installed (`pip install fastmcp`).
  • ⚠️An initial internet connection is required to run `update_components.py` to fetch and populate component documentation.
Verified SafeView Analysis
The `update_components.py` script fetches documentation from a hardcoded external URL (`https://daisyui.com/llms.txt`) and saves it locally. While the server itself only serves this local content, a compromise of the external source could lead to malicious content being downloaded. However, the server does not execute this content, reducing direct server-side execution risk. No 'eval' or other direct malicious patterns found in the provided source code.
Updated: 2026-01-19GitHub
32
1
Medium Cost
rossignoliluca icon

genesis

by rossignoliluca

Sec9

A self-improving, autonomous AI system that designs, builds, and manages other AI systems and software, driven by active inference across specialized MCP servers.

Setup Requirements

  • ⚠️Requires Node.js and npm/npx for installation and execution.
  • ⚠️At least one cloud LLM API key (OpenAI, Anthropic, or Gemini) is required for core functionality, as specified in the README.
  • ⚠️For local-first operation, Ollama and specific LLM models need to be installed (e.g., via `./bin/setup-mac.sh` on Mac).
  • ⚠️Environment variables must be configured in a `.env` file for API keys and other settings (`cp .env.example .env`).
Verified SafeView Analysis
The system employs robust sandboxing for code execution (`execute.code` blocks dangerous functions like `eval`, `require`, `child_process`). `bash` commands are filtered against extensive `blockedPatterns` (e.g., `rm -rf`, `sudo`, `curl | sh`, `/etc/passwd`). File editing (`edit`) enforces `blockedPaths` (e.g., `.git`, `node_modules`, `.env`, `secrets`). Git operations (`git`) block force pushes and hard resets by default, requiring explicit confirmation for pushes. API keys are managed via `.env` files, with `chmod 600 .env` recommended. Overall, strong internal safeguards are in place against accidental or direct malicious code/file access.
Updated: 2026-01-18GitHub
32
2
Medium Cost
amkisko icon
Sec9

Provides an MCP server and API client for interacting with the ScoutAPM API to retrieve application performance monitoring data, integrating with MCP-compatible clients.

Setup Requirements

  • ⚠️Requires Ruby 3.1 or higher.
  • ⚠️Requires a ScoutAPM API Key, which must be configured via `API_KEY` or `SCOUT_APM_API_KEY` environment variables, or via 1Password (`OP_ENV_ENTRY_PATH`).
  • ⚠️To interact with the server, an MCP-compatible client (e.g., Cursor IDE, Claude Desktop, MCP Inspector) is required.
Verified SafeView Analysis
API keys are not hardcoded and are retrieved via environment variables or 1Password integration (using `opdotenv` gem or `op` CLI). Network requests use `Net::HTTP` with SSL verification. The use of backticks for `op` CLI commands is present but appears to be well-controlled with structured inputs from environment variables, mitigating direct command injection risks. No `eval` or intentional obfuscation observed.
Updated: 2026-01-19GitHub
32
2
Low Cost
peakflames icon

BitbucketMcpServers

by peakflames

Sec9

Provides Model Context Protocol (MCP) server functionality for integrating with Bitbucket Cloud repositories to perform operations like listing pull requests and retrieving their details.

Setup Requirements

  • ⚠️Requires a Bitbucket Cloud account name configured in appsettings.json.
  • ⚠️Requires authentication credentials (either OAuth 2.0 Consumer Key/Secret or Bitbucket Username/App Password) to be provided via environment variables at startup.
  • ⚠️Requires .NET 9.0 SDK for local development, or Docker for containerized deployment.
Verified SafeView Analysis
The server explicitly uses environment variables for sensitive credentials (OAuth 2.0 consumer key/secret or Bitbucket username/app password) and warns against committing these to `appsettings.json`. It supports OAuth 2.0 which is more secure for production. Standard API server practices are followed. No direct 'eval' or obvious malicious patterns found in the provided code snippets. A score of 9 reflects good security practices, with a minor deduction as any application handling credentials always carries inherent risk and requires careful deployment.
Updated: 2026-01-16GitHub
32
2
Medium Cost
0pens0 icon
Sec9

Provides AI-powered access to Cloud Foundry operations through specialized tools, acting as a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires access to a running Cloud Foundry foundation and valid credentials (API host, username, password).
  • ⚠️Requires Maven 3.9+ and Java 21 for local building and development.
  • ⚠️Default organization and space can be configured for default context, or provided per tool call.
Verified SafeView Analysis
The server's source code adheres to good practices, utilizing Spring's externalized configuration for sensitive credentials (environment variables or VCAP services), preventing hardcoded secrets in committed files. Interactions with Cloud Foundry are performed through the official Java client library, which is generally secure. The placeholder generation for application cloning involves creating temporary files and writing minimal, buildpack-specific code, but this is programmatically controlled and not exposed to arbitrary user input for command execution. No direct 'eval' or similar dangerous patterns were found. Proper secure deployment (e.g., using HTTPS, managing CF roles) is assumed for maximum security.
Updated: 2025-12-07GitHub
32
4
High Cost
Cadasto icon
Sec8

The openEHR Assistant MCP Server helps AI assistants integrate with openEHR resources, terminology services, and CKM APIs to assist healthcare informaticians with tasks such as archetype exploration, semantic explanation, language translation, syntax correction, and design reviews.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for local setup, as PHP 8.4 with specific extensions is containerized.
  • ⚠️Development workflows require executing PHP/Composer commands directly inside the Docker container.
  • ⚠️Local development might encounter SSL certificate issues with upstream APIs, potentially requiring `HTTP_SSL_VERIFY=false` (not recommended for production use).
Verified SafeView Analysis
The codebase avoids obvious 'eval' or direct execution of untrusted input. `SimpleXMLElement` is used to parse a local, trusted XML file (`openehr_terminology.xml`), minimizing XXE risk. Dynamic regex construction for search patterns uses `preg_quote` to prevent regex injection. Network calls use Guzzle, with SSL verification configurable via the `HTTP_SSL_VERIFY` environment variable (setting this to 'false' in production would be a risk, but it is a configurable choice). No hardcoded secrets are apparent; sensitive configurations are handled via environment variables. Overall, the implementation appears to follow good security practices within the analyzed scope.
Updated: 2026-01-07GitHub
PreviousPage 185 of 713Next