Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

31
1
Low Cost
ramblingenzyme icon

vscode-refactor-mcp

by ramblingenzyme

Sec8

A VSCode extension hosting an IPC server to enable external MCP (Model Context Protocol) servers to proxy VSCode API calls for refactoring and code manipulation.

Setup Requirements

  • ⚠️Requires Node.js v20+ and npm v9+ for development and building.
  • ⚠️Requires VSCode v1.90.0+ to run the extension and host the IPC server.
  • ⚠️The MCP server (`packages/server`) requires the `VSCODE_MCP_SOCKET_PATH` environment variable to connect, which is dynamically generated and set by the VSCode extension upon activation. Running the server independently requires manual setup of this variable.
  • ⚠️Uses npm workspaces; building the entire project is recommended via `npm run build` from the root.
Verified SafeView Analysis
The system utilizes local Inter-Process Communication (Unix Domain Sockets/Named Pipes) for communication between the VSCode extension and the MCP server, limiting external network exposure. Socket paths are dynamically generated per workspace, enhancing isolation. Data is exchanged as JSON strings, which are parsed by the extension. While standard, if a malicious MCP server were to connect and send malformed JSON, it could potentially lead to unexpected behavior or crashes. The primary security boundary relies on the MCP server being a trusted component of the system, as it instructs the extension to perform sensitive VSCode API calls like file renames and symbol renames. No 'eval' or obvious hardcoded secrets were found.
Updated: 2025-12-11GitHub
31
1
Medium Cost
i3T4AN icon
Sec9

A personal semantic search engine and knowledge base application for various document types, offering natural language search, auto-clustering, 3D visualization, and AI agent integration.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for the recommended deployment method.
  • ⚠️Requires Python 3.11+ for native backend execution.
  • ⚠️Node.js 18+ is required to set up the MCP integration with AI agents like Claude Desktop.
  • ⚠️The embedding model (~400MB) is downloaded automatically on the first run, which may take several minutes.
Verified SafeView Analysis
The project demonstrates good security practices including filename sanitization to prevent path traversal during file uploads, configurable CORS, and rate limiting on critical endpoints. The destructive `/reset` endpoint is protected by an optional `ADMIN_KEY` (which defaults to empty, requiring user awareness to enable protection). The Model Context Protocol (MCP) integration explicitly excludes dangerous operations like file uploads and the `/reset` command from AI agent access, and supports OAuth for production use, which is a strong positive.
Updated: 2025-12-11GitHub
31
1
Low Cost
DocHatty14 icon
Sec9

Augments LLM capabilities for non-linear, associative thinking to enhance creative problem-solving, brainstorming, and divergent exploration of concepts.

Setup Requirements

  • ⚠️Requires Node.js and npm/npx to run.
  • ⚠️Designed to be integrated with an MCP-compatible LLM client (e.g., Claude Desktop, VS Code extension) via standard I/O (stdin/stdout), rather than being a standalone web service.
Verified SafeView Analysis
The server primarily uses stdio for communication as configured, limiting direct network exposure. Its core logic involves string processing and state management, without apparent use of 'eval' or other direct code execution vulnerabilities from user input. Dependencies include standard web frameworks (express) via the MCP SDK, but this specific server is configured for stdio. No hardcoded secrets were found.
Updated: 2025-12-09GitHub
31
1
Medium Cost
xcollantes icon

jira-mcp

by xcollantes

Sec7

The Jira MCP server provides a Model Context Protocol (MCP) interface, enabling Large Language Models (LLMs) to interact with Jira for tasks like searching, creating, updating, and managing tickets and sprints.

Setup Requirements

  • ⚠️Requires `jira-cli` to be installed and initialized separately on the host machine.
  • ⚠️Requires `JIRA_API_TOKEN` and `JIRA_AUTH_TYPE` environment variables to be set for `jira-cli` authentication, with potential inheritance issues for GUI-based LLM clients if not explicitly passed.
  • ⚠️Python 3.12+ required (specified in `pyproject.toml`).
Verified SafeView Analysis
The server executes `jira-cli` commands via `subprocess.run`. While `subprocess.run` itself is not inherently unsafe, the direct passing of arguments, including JQL queries (via `--jql`), from LLM outputs to `jira-cli` introduces a potential for 'JQL injection' if the LLM is prompted to craft malicious JQL. This relies on `jira-cli`'s internal sanitization. Credentials (`JIRA_API_TOKEN`, `JIRA_AUTH_TYPE`) are handled via environment variables, which is a good practice. No `eval` or hardcoded secrets found in the Python source.
Updated: 2026-01-18GitHub
31
1
Medium Cost
marlonluo2018 icon
Sec9

Integrate AI assistants with Microsoft 365 services, including email, calendar, contacts, files, and Teams, via the Microsoft Graph API.

Setup Requirements

  • ⚠️Requires interactive device code flow authentication, where the user must visit a URL and enter a code in a browser to complete login.
  • ⚠️Requires Python 3.10+.
  • ⚠️Dependencies must be installed using pip or uv.
Verified SafeView Analysis
Uses Microsoft's public client ID by default, configurable via .env for custom app registrations. Employs device code flow for authentication, which is user-interactive and avoids exposing client secrets. Authentication tokens are managed by MSAL and stored locally in the user's home directory, which is common for user-local applications. The project includes an input validation layer to prevent invalid inputs. Network requests are made to legitimate Microsoft Graph API endpoints, with rate limiting and exponential backoff implemented to handle API limits. No 'eval' or obvious obfuscation patterns were found.
Updated: 2026-01-19GitHub
31
1
Low Cost
justmejulian icon

GardenaSmartSystem-MCP

by justmejulian

Sec8

Integrate with Gardena smart system API to monitor and control smart garden devices via an MCP server.

Setup Requirements

  • ⚠️Requires Java 21 runtime.
  • ⚠️Requires GARDENA API credentials (Client ID and Client Secret) obtained from the Husqvarna developer portal.
  • ⚠️Requires setting environment variables GARDENA_CLIENT_ID and GARDENA_CLIENT_SECRET.
  • ⚠️Requires building a standalone JAR (`./gradlew build`) before running with Claude Desktop, creating `app/build/libs/app-all.jar`.
Verified SafeView Analysis
Credentials (Client ID, Client Secret) are correctly loaded from environment variables. Ktor client is used for API communication. No 'eval' or direct external process execution on user input. The main security consideration is ensuring environment variables and the Claude Desktop configuration file are properly secured by the user.
Updated: 2025-11-24GitHub
31
1
High Cost
kpeacocke icon

souschef

by kpeacocke

Sec2

AI-powered Model Context Protocol (MCP) server for comprehensive Chef-to-Ansible migration, including cookbook analysis, resource conversion, Habitat-to-Docker transformation, InSpec profile translation, and CI/CD pipeline generation.

Setup Requirements

  • ⚠️Requires Python 3.14+ (a very recent Python version, might require specific installation/management).
  • ⚠️Multiple critical path injection and archive extraction (Tar Slip) vulnerabilities are currently open, making it unsafe to process untrusted files or paths in a production environment.
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop, VS Code 1.102+ with GitHub Copilot extension) for AI-assisted workflows. Commercial AI models will incur API costs.
Review RequiredView Analysis
The project has multiple critical security vulnerabilities identified as 'open' by CodeQL and SnykCode. These include 'Arbitrary File Write via Archive Extraction (Tar Slip)' in `ui/pages/cookbook_analysis.py` (line 308) and numerous instances of 'Uncontrolled data used in path expression (Path Injection)' across `souschef/ui/pages/cookbook_analysis.py`, `souschef/core/path_utils.py`, and `souschef/assessment.py`. These vulnerabilities could allow an attacker to write arbitrary files or access unexpected resources on the host system if user-provided input, particularly archive files, is processed. While the project demonstrates security awareness (CodeQL setup, explicit code standards), the presence of several critical unaddressed path manipulation issues significantly reduces its safety for processing untrusted inputs.
Updated: 2026-01-19GitHub
31
1
Medium Cost
stefanstranger icon

avm-mcp-server

by stefanstranger

Sec9

This server acts as an MCP gateway for AI agents and tools to discover, search, and retrieve detailed documentation for Azure Verified Modules (AVM) from the Bicep Public Registry.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires the UV package manager to be installed (specifically `uvx` for the recommended run command).
  • ⚠️Requires internet connectivity to access Microsoft Container Registry and GitHub.
Verified SafeView Analysis
Fetches markdown content from `raw.githubusercontent.com` for AVM module documentation. Input `url` for `scrape_avm_module_details` is validated via a specific regex to ensure it targets legitimate `github.com` URLs, mitigating arbitrary URL injection risks. The server does not execute or interpret the fetched markdown; clients rendering this content should perform their own sanitization to prevent potential XSS from compromised external markdown. No `eval` or hardcoded secrets found.
Updated: 2025-11-29GitHub
31
6
Medium Cost
MCPRUNNER icon

mssqlMCP

by MCPRUNNER

Sec9

The SQL Server MCP (Model Context Protocol) Server enables AI assistants like GitHub Copilot within Visual Studio Code to interact with SQL Server databases, allowing for SQL query execution, detailed database metadata retrieval, and management of connections and security.

Setup Requirements

  • ⚠️Requires .NET 8.0 SDK or later.
  • ⚠️Mandatory environment variables (MSSQL_MCP_KEY and MSSQL_MCP_API_KEY) must be securely configured; scripts are provided for generation but values must be saved externally.
  • ⚠️Access to an SQL Server instance is required for database operations.
Verified SafeView Analysis
The project implements robust security features, including AES-256 encryption for connection strings, multi-tier API key authentication with role-based access control and connection-level restrictions, and comprehensive input validation to prevent SQL injection and dangerous commands. Encryption keys and API keys are managed via environment variables and scripts to avoid hardcoding. While the server defaults to HTTP, the documentation explicitly recommends HTTPS for production environments, which would require an external reverse proxy. Regular key rotation and monitoring are also advised for optimal security.
Updated: 2025-11-20GitHub
31
1
Medium Cost
accuknox icon

mcp_server

by accuknox

Sec2

The AccuKnox MCP server provides a multi-cloud asset management and security posture solution, allowing AI agents to search cloud assets, retrieve AI/ML model vulnerabilities, and manage findings through a unified interface.

Setup Requirements

  • ⚠️Requires an AccuKnox API Token, obtained from the AccuKnox CSPM dashboard, which implies a reliance on a commercial AccuKnox platform.
  • ⚠️Requires Python 3.10 or higher for execution.
  • ⚠️Configuration files for clients (e.g., `.vscode/mcp.json`) mandate the use of absolute paths for server command and arguments, which can be brittle if the project directory moves.
  • ⚠️The `USER_GUIDE.md` advises strict reliance on a `.env` file for `ACCUKNOX_BASE_URL` and `ACCUKNOX_API_TOKEN` for the stdio server, potentially conflicting with `mcp.json` `env` configurations or HTTP client header/query parameters.
Review RequiredView Analysis
The primary critical security risk is the widespread use of `httpx.AsyncClient(verify=False)` across multiple files (`shared/api.py`, `shared/utils/api_utils.py`, `shared/utils/auth_validator.py`). This disables SSL/TLS certificate verification for all API calls to the AccuKnox backend and JWKS endpoints. This vulnerability makes the server highly susceptible to Man-in-the-Middle (MITM) attacks, allowing an attacker to intercept, read, or tamper with sensitive data (e.g., cloud asset details, vulnerability reports, API tokens) in transit. Additionally, the `_get_auth_context` function in `fastmcp_server.py` allows API tokens and base URLs to be passed via URL query parameters, which is less secure than HTTP headers and could lead to their exposure in server logs or browser history.
Updated: 2025-12-05GitHub
31
1
Medium Cost
edujuan icon
Sec9

A comprehensive MCP server that helps AI coding agents understand and implement the Universal Tool Calling Protocol (UTCP) by providing documentation search, validation, generation, and an LLM-powered expert agent.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid service) for the 'ask_utcp_expert' tool and 'semantic_search_docs' tool.
  • ⚠️Requires Node.js 20.x or higher and npm 9.x or higher.
  • ⚠️The 'DOCS_PATH' environment variable should correctly point to the UTCP documentation directory, defaulting to the current directory.
Verified SafeView Analysis
The server leverages environment variables for sensitive API keys (e.g., OpenAI). It interacts with external APIs (OpenAI) for the expert agent, with retry mechanisms and timeouts implemented for robustness. Documentation loading from a configurable path could pose a minimal risk if an attacker controls the path, but content is used for LLM context, not direct execution. Input validation is performed for UTCP manuals and OpenAPI specs.
Updated: 2025-11-22GitHub
31
1
Low Cost
WebLegions icon

mcp-agg

by WebLegions

Sec9

Aggregates Model Context Protocol (MCP) servers (stdio, SSE, HTTP) and exposes their tools via a high-performance Fastify HTTP API.

Setup Requirements

  • ⚠️Requires Bun runtime (>= 1.3.0) to be installed.
  • ⚠️Requires external Model Context Protocol (MCP) servers (Stdio, SSE, or HTTP) to be configured for full functionality beyond the 'builtin' tools.
Verified SafeView Analysis
The project demonstrates strong security practices including explicit prototype pollution prevention, custom optimized input validation, and use of security middleware (Helmet, CORS, rate limiting). It leverages environment variables for sensitive configurations and mentions vulnerability scanning in CI/CD. The primary potential risk is the configuration of external MCP servers (via `.mcp.json`), which, if compromised, could direct the aggregator to untrusted endpoints. This is an operational security concern rather than a code vulnerability within the server itself.
Updated: 2025-12-01GitHub
PreviousPage 187 of 713Next