Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

31
2
Low Cost
TheRealFREDP3D icon

HTB-MCP-Client

by TheRealFREDP3D

Sec9

A Textual TUI client for interacting with the HackTheBox Model Context Protocol (MCP) server, enabling users to browse CTF events and challenges, execute tools, and manage resources.

Setup Requirements

  • ⚠️Requires Python 3.10 or later.
  • ⚠️Requires a HackTheBox API access token (JWT), which must be obtained from HackTheBox profile settings or a local '.mcp.json' file and configured in a '.env' file or environment variables.
Verified SafeView Analysis
The application is an API client for the HackTheBox MCP server. It securely handles API authentication via a JWT token loaded from environment variables or a .env file, following good practices for sensitive credentials. No 'eval' or obvious obfuscation techniques are present in the provided source code. Network communication is standard for an API client using the `mcp` SDK and `httpx`. File saving (JSON/Markdown) includes a timestamp in the filename, which helps mitigate basic path traversal, and content is primarily displayed within a Textual TUI, reducing rendering-related execution risks. The main security consideration is the secure management of the 'API_ACCESS_TOKEN' by the user, as compromise of this token would grant unauthorized access to the HackTheBox MCP API.
Updated: 2026-01-08GitHub
31
1
Medium Cost
TedyHub icon
Sec8

Manage and synchronize internationalization (i18n) translations for software projects across various frameworks (e.g., next-intl, i18next, React Intl, Flutter, iOS/macOS) using AI assistants.

Setup Requirements

  • ⚠️Requires a LangAPI API Key (paid service after initial free credits).
  • ⚠️Requires Node.js runtime version 18.0.0 or higher.
  • ⚠️Requires specific configuration within various AI tools/IDEs (e.g., Claude Desktop/Code, Cursor, VS Code, Windsurf) to function.
Verified SafeView Analysis
The server uses `process.env` for API keys, which is a standard security practice. File system operations (read/write locale files) are confined to the `project_path` and include path validation (`isPathWithinProject`) to prevent path traversal. It relies on an external LangAPI service for translations, introducing a dependency on that service's security. No 'eval' or other highly dangerous patterns were observed.
Updated: 2026-01-17GitHub
31
1
Low Cost
mvsaran icon
Sec7

An AI-driven mobile test automation framework that integrates Appium with the Model Context Protocol (MCP) and GitHub Copilot to generate and execute end-to-end tests for native Android apps and mobile Chrome.

Setup Requirements

  • ⚠️Requires a comprehensive setup of multiple tools including Java JDK (11, 17, or 21), Maven, Node.js (18+), Appium Server (3.0+), Appium UiAutomator2 driver, Android Studio (for SDK and emulator), and a GitHub Copilot subscription.
  • ⚠️Manual configuration of several environment variables (e.g., ANDROID_HOME) is necessary for both the system and the MCP server's `.vscode/mcp.json` config.
  • ⚠️The Android emulator and Appium server must be started manually in separate terminal sessions before the MCP server can be utilized.
  • ⚠️The `capabilities.json` file contains a hardcoded Windows path for the Android application APK (`C:\apkfiles\AndroidUI.apk`), which must be modified by the user to match their local setup or OS.
Verified SafeView Analysis
The MCP server is designed to interact with and control a mobile device/emulator via Appium, performing privileged actions such as app installation and dynamic UI interactions. While essential for its automation purpose, this grants significant control. An attacker gaining access to the MCP server could potentially manipulate the connected Android device or emulator. The `capabilities.json` uses a hardcoded Windows path for the APK file (`C:\apkfiles\AndroidUI.apk`) which needs to be adjusted by the user, and could pose a risk if an untrusted APK is configured. No explicit 'eval' or malicious obfuscation was found within the provided Node.js code snippets, but the inherent power of the automation tools requires careful management of the AI agent's permissions and instructions.
Updated: 2025-11-22GitHub
31
1
High Cost
consigcody94 icon

office-whisperer

by consigcody94

Sec2

Provides AI-powered automation for Microsoft Office Suite (Excel, Word, PowerPoint, Outlook) through a natural language interface, enabling tasks like document generation, data manipulation, and email management.

Setup Requirements

  • ⚠️PDF conversion for Word/PowerPoint explicitly states it requires external tools like LibreOffice, Microsoft PowerPoint, or online services, which are not part of this server.
  • ⚠️Outlook features (email sending/reading, calendar, contacts) require external SMTP/IMAP server configurations and credentials to be provided in tool arguments for actual functionality.
  • ⚠️Many advanced Office features (e.g., SmartArt, 3D models, form fields, track changes) create placeholders or metadata, and full interactive functionality often requires opening and interacting with actual Microsoft Office applications.
  • ⚠️The `excel_compare_versions` tool is explicitly noted as 'not yet implemented' in the source code.
Review RequiredView Analysis
CRITICAL: The `outlook-generator.ts` contains a direct `eval()` call within the `evaluateCondition` helper function used for advanced mail merge. This allows arbitrary code execution if the `conditional.condition` argument can be controlled by an attacker or manipulated by an LLM. Additionally, numerous file system operations (`fs.writeFile`, `fs.readFile`) are performed based on user-provided `filename` or `outputPath` arguments, which could be vulnerable to path traversal attacks if input is not properly sanitized by the calling agent. Outlook IMAP/SMTP configurations are passed directly in tool arguments, exposing sensitive credentials if not handled securely by the caller.
Updated: 2025-11-22GitHub
31
1
Low Cost
mugdhav icon

mcpservers

by mugdhav

Sec9

Provides a privacy-first, local AI-powered semantic search engine for local media (images and videos) to AI assistants like Claude Desktop, enabling natural language queries for media organization and retrieval.

Setup Requirements

  • ⚠️Requires significant initial download for PyTorch (~2GB) and the SigLIP AI model (~150MB).
  • ⚠️Requires manual editing of Claude Desktop's `claude_desktop_config.json` with absolute paths, which can be error-prone, especially on Windows.
  • ⚠️The server needs user-provided media files in the configured `MEDIA_DIR` to be functional; it does not come with sample media.
Verified SafeView Analysis
The server's core functionality involves processing local media files and does not send any data to external cloud services. It uses standard libraries (transformers, PyTorch, OpenCV, FAISS). While the `get_media_details` function accepts a `file_path` argument, within the context of an MCP server designed for local interaction and indexed content, this is generally considered safe. There are no apparent uses of `eval`, unsanitized shell commands, hardcoded credentials, or obfuscation. Model downloads from Hugging Face are standard and generally trusted.
Updated: 2025-12-08GitHub
31
45
Low Cost
promplate icon

hmr

by promplate

Sec8

Provides a fine-grained hot module reloading (HMR) engine for Python applications like FastAPI, Uvicorn, and Model Context Protocol (MCP) servers, including a browser auto-refresh feature for development.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️When using `fastapi-reloader` manually, `html_injection_middleware` must be placed before any compression middleware (e.g., `GZipMiddleware`).
  • ⚠️Manual triggering of reload signals (e.g., monkey-patching `uvicorn.Server.shutdown`) is required for `fastapi-reloader` standalone usage with non-`uvicorn-hmr` servers to ensure graceful shutdown.
  • ⚠️The target module for `mcp-hmr` (and `hmr` generally) must not be imported before calling `mcp_server(target)` or `hmr path/to/your/entry-file.py` to ensure hot-reloading functionality.
Verified SafeView Analysis
The project is a development tool that employs runtime code execution (via `compile` and `exec`) to achieve hot module reloading. This is inherent to its functionality and is applied to local source code files detected as changed, not arbitrary external input. Network risks include exposed ports for ASGI/MCP servers and a long-polling connection for browser refresh, which are standard for the respective server types. No hardcoded secrets or malicious patterns were identified. The tool is safe for its intended development-only use.
Updated: 2025-12-30GitHub
31
1
Medium Cost
williamzujkowski icon

nexus-agents

by williamzujkowski

Sec9

Coordinates multiple AI experts with model diversity and workflow automation to handle software development tasks.

Setup Requirements

  • ⚠️Requires Node.js v22.x LTS and pnpm v9.x (or npm v10.x).
  • ⚠️At least one AI provider API key (e.g., ANTHROPIC_API_KEY) is required for full AI functionality.
  • ⚠️GitHub CLI (gh) is recommended for PR review workflows.
Verified SafeView Analysis
The server adopts a 'security-first design' with multiple layers of defense, including Zod schemas for input validation, a secrets vault to prevent API key exposure, rate limiting, and robust path safety with directory jails. It explicitly prevents user-provided regular expressions to mitigate ReDoS attacks and implements execution sandboxing using policy-based or Docker container isolation. Active Byzantine detection is also in place for multi-agent decisions. Code reviews actively check for security vulnerabilities, demonstrating a proactive security posture.
Updated: 2026-01-19GitHub
31
1
Low Cost
dock-ai icon

mcp

by dock-ai

Sec9

Allows AI agents to discover and interact with real-world businesses by resolving their domains to MCP connectors for actions like booking or shopping.

Setup Requirements

  • ⚠️Requires `INTERNAL_API_KEY` to be set, especially in production, to authenticate with the Dock AI backend.
  • ⚠️Relies on `DOCKAI_API_URL` for all backend API interactions (defaults to `https://api.dockai.co`).
  • ⚠️Rate limiting functionality requires an Upstash Redis instance and corresponding `UPSTASH_REDIS_REST_URL` and `UPSTASH_REDIS_REST_TOKEN` environment variables.
Verified SafeView Analysis
The server implements rate limiting with IP spoofing protection, delegating to Upstash Redis, and fails closed in production if not configured. OAuth 2.1 is implemented, but all sensitive client/user data and token management are delegated to an external 'dockai-api', reducing the local attack surface. Critical secrets like `INTERNAL_API_KEY` are retrieved from environment variables and are explicitly checked as required in production. No 'eval' or similar dangerous patterns are used directly within the provided source.
Updated: 2026-01-19GitHub
31
1
Medium Cost
kiraboibrahim icon

askari-patrol-mcp-server

by kiraboibrahim

Sec8

AI-powered security management assistant for WhatsApp and CLI, interacting with the Askari Patrol / GuardTour API.

Setup Requirements

  • ⚠️Requires `GROQ_API_KEY` (paid API for LLM inference).
  • ⚠️Requires Twilio account credentials (`TWILIO_ACCOUNT_SID`, `TWILIO_AUTH_TOKEN`, `TWILIO_WHATSAPP_NUMBER`) for WhatsApp integration.
  • ⚠️Needs `ngrok` or similar for exposing the WhatsApp client webhook to the internet during local development.
  • ⚠️Requires Python 3.12 or newer.
Verified SafeView Analysis
All sensitive credentials (API keys, tokens) are correctly loaded from environment variables. No 'eval' or malicious patterns were found in the provided source code. External network calls are to known services (Askari Patrol API, Twilio). The JWT validation function properly handles signature verification and expiration.
Updated: 2025-11-29GitHub
31
1
Low Cost
Ishaan300104 icon

multi-agent-reviewer

by Ishaan300104

Sec8

A multi-agent system designed to review, analyze, and summarize academic research papers by leveraging LLM-based agents and PDF/ArXiv processing.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid service for LLM integration)
  • ⚠️Requires Python 3.9+
  • ⚠️Internet access is mandatory for ArXiv API and PDF downloads
  • ⚠️Multiple MCP server processes (4 in total) must be started simultaneously, although a convenience script is provided.
Verified SafeView Analysis
The system avoids direct use of 'eval' or similar dangerous functions on user input. API keys are managed via environment variables. The MCP servers bind to '0.0.0.0' and use permissive CORS ('allow_origins=["*"]'), which could pose a risk if deployed in a public-facing, non-isolated environment. However, for its intended local, internal multi-agent communication, this is a common development setup.
Updated: 2025-11-25GitHub
31
1
Low Cost
Gitmaxd icon
Sec9

Facilitates interaction between MCP-compatible AI clients and Context Repo for managing prompts, documents, and collections, including semantic search.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️Requires an MCP-compatible client application (e.g., Claude Desktop, Cursor IDE).
  • ⚠️Requires a Context Repo account and a valid API key with appropriate permissions.
Verified SafeView Analysis
The server uses environment variables for API key authentication, which is a secure practice. It relies on the `@modelcontextprotocol/sdk` for handling MCP communication and validates inputs via JSON schemas (implied by Zod dependency). API requests to Context Repo are made using standard `fetch` with appropriate error handling for various HTTP statuses. User input is not directly executed or used in a way that suggests injection vulnerabilities. The build script uses `execSync`, but this is a build-time operation and not part of the runtime server logic handling user requests. The primary security considerations would be the robustness of the upstream Context Repo API and the secure management of the API key by the user.
Updated: 2025-12-15GitHub
31
1
Medium Cost
bgtdevhub icon

fgdb-mcp-server

by bgtdevhub

Sec9

The FGDB MCP Server facilitates interaction with Esri File Geodatabases (FGDB) via the Model Context Protocol, enabling geospatial data querying, modification, and schema management through ArcPy.

Setup Requirements

  • ⚠️Requires ArcGIS Pro installation with ArcPy support (Windows OS only).
  • ⚠️Requires activation of the ArcGIS Pro conda environment to run (e.g., 'proenv.bat', 'conda activate arcgispro-py3').
  • ⚠️Installation requires running 'pip install -e .' possibly with Administrator privileges in the ArcGIS Pro conda environment.
Verified SafeView Analysis
The server demonstrates a strong commitment to security through a layered architecture, comprehensive input validation (e.g., `validate_where_clause` specifically checks for dangerous SQL patterns like 'DROP TABLE', '--', '/*'), and a mandatory safety confirmation system for all mutating operations (insert, update, delete, add/delete field). This confirmation mechanism requires a unique token, preventing direct, unconfirmed execution of high-risk commands. Path validation is present for GDB paths. The ArcPy backend calls are parameterized or use validated input, minimizing SQL injection risks. No direct use of 'eval' or 'exec' on user input was identified. Hardcoded secrets are not apparent. The `SECURITY.md` file outlines a clear policy and best practices. A perfect 10 is difficult due to reliance on external ArcPy libraries, but the Python layer is well-fortified.
Updated: 2025-11-27GitHub
PreviousPage 190 of 713Next