Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

31
1
Low Cost
abordage icon

awesome-mcp

by abordage

Sec10

A dynamically updated, curated, and ranked directory of Model Context Protocol (MCP) servers, clients, and frameworks for AI assistants.

Verified SafeView Analysis
The provided source code is for an awesome list, not an executable MCP server. It consists of Markdown and YAML files that describe other projects. It contains no directly executable code, 'eval' statements, obfuscation, or hardcoded secrets. The security risk for a user primarily relates to external projects linked, not the content of this repository itself. Therefore, running (i.e., merely accessing or viewing) the content of this repository is safe.
Updated: 2026-01-19GitHub
31
1
Medium Cost
jackdark425 icon

aigroup-stata-mcp

by jackdark425

Sec6

A Stata integration server based on Model Context Protocol (MCP) that allows AI assistants to execute Stata scripts, fetch data information, and run statistical analysis.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires Stata statistical software to be installed and accessible on the host machine; manual configuration of the `STATA_CLI` environment variable might be necessary if auto-detection fails.
  • ⚠️Requires a compatible Model Context Protocol (MCP) client (e.g., Claude Desktop, Cherry Studio) to interact with the server.
Verified SafeView Analysis
The server utilizes `subprocess.Popen` and `pexpect` with `shell=True` for executing Stata commands. While this is necessary for its core function, it introduces a potential risk of shell injection if LLM-generated Stata code or file paths contain malicious shell commands. File operations such as `read_file`, `write_dofile`, `append_dofile`, and `load_figure` allow the LLM to interact with arbitrary file paths. Although `mk_dir` employs `pathvalidate` for sanitization, other file-related tools do not show explicit path sanitization against traversal attacks, which could potentially allow access or modification of files outside the intended working directory if an LLM is compromised. No hardcoded secrets were identified.
Updated: 2025-12-04GitHub
31
1
Low Cost
biocontext-ai icon

nucleotide_archive_mcp

by biocontext-ai

Sec8

Search and access RNA sequencing datasets from the European Nucleotide Archive (ENA), retrieve detailed metadata, find related publications, and generate download scripts for data files.

Setup Requirements

  • ⚠️Requires Python 3.11 or newer.
  • ⚠️Requires internet access to ENA and Europe PMC APIs.
Verified SafeView Analysis
The server primarily acts as an API wrapper for ENA and Europe PMC, using `httpx` for network requests. Query parameters for external APIs are constructed with careful string formatting and explicit quoting for values, reducing typical injection risks within the ENA query language. The `generate_download_script` tool creates bash scripts with `wget`/`curl` and `md5sum`. While the commands themselves are generally safe, the filenames and URLs are derived from ENA API responses. A theoretical risk exists if a compromised ENA API were to return maliciously crafted URLs or filenames that could lead to shell injection in the generated script, but this is a low probability given the nature of ENA. No `eval` or `exec` functions are used, and sensitive information like API keys are expected to be managed via environment variables.
Updated: 2025-11-28GitHub
31
1
Low Cost
DocHatty icon
Sec9

This server enables LLMs to engage in non-linear, associative thinking for enhanced creativity and problem-solving by providing tools to explore conceptual space, detect cognitive stagnation, and foster unexpected connections.

Verified SafeView Analysis
The server's core logic in `lib.ts` focuses on string processing, stemming, and distance calculations, which are low-risk computational operations. It uses standard TypeScript and Node.js practices with no apparent use of `eval()` or direct execution of arbitrary user-provided code. Communication is primarily via standard I/O (stdio) as an MCP server, limiting direct network exposure from this application's code. Dependencies like `zod` and `@modelcontextprotocol/sdk` are standard; the SDK is responsible for handling the protocol, but this server does not add significant new attack vectors on its own.
Updated: 2025-12-09GitHub
31
2
Low Cost
hmain icon

cainban

by hmain

Sec9

A command-line kanban board and an MCP server designed for natural language task management and AI agent integration, enabling AI to decompose tasks and manage project backlogs.

Setup Requirements

  • ⚠️Requires Go 1.21+ to build from source.
  • ⚠️Requires SQLite3 (usually pre-installed or included with Go).
  • ⚠️AI integration requires an MCP client (e.g., Amazon Q CLI, Claude Desktop) and specific `mcp.json` configuration.
Verified SafeView Analysis
The server appears secure for its intended use. It does not use 'eval' or similar dynamic code execution. Network risks are minimal as the MCP server uses standard I/O (stdio) for communication rather than opening network ports directly. No hardcoded secrets like API keys or credentials were found. Database paths are stored in the user's home directory (`~/.cainban`). Input validation is implemented in the task system (e.g., `ValidateTitle`, `IsValidStatus`), and MCP tool arguments are strongly typed, which mitigates injection risks. SQL queries utilize parameterized statements, preventing SQL injection.
Updated: 2025-11-22GitHub
31
1
Medium Cost
winccoa-tools-pack icon

vscode-winccoa-mcp-server

by winccoa-tools-pack

Sec8

Enables AI assistants to interact with WinCC OA projects using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires 'WinCC OA Project Admin Extension' (RichardJanisch.winccoa-project-admin) for automatic project detection and setup.
  • ⚠️Requires WinCC OA version 3.21+ (officially supported) for compatibility.
  • ⚠️Requires Node.js 14+ for the MCP Server runtime (the external Node.js application installed by the extension).
  • ⚠️After installing the MCP server manager, a full WinCC OA project restart (closing and reopening WinCC OA completely) may be necessary for the manager to appear in PMON, even if only a project restart is initially prompted.
Verified SafeView Analysis
The extension orchestrates the installation of an external Node.js-based MCP server into a WinCC OA project. It generates a strong random token for API authentication (Bearer token) and stores it in a `.env` file. Communication with the MCP server uses standard HTTP/SSE. The setup process uses 'child_process.spawn' with 'shell: true' for 'npm install' and 'git clone' commands; while generally a security consideration, it's used with controlled commands. The default configuration of the deployed MCP server sets 'MCP_CORS_ORIGINS=*', which allows cross-origin requests from any domain. This setting should be reviewed and restricted in production deployments of the MCP server itself.
Updated: 2026-01-19GitHub
31
1
Medium Cost
Talljack icon
Sec8

Aggregates trending content and data from a multitude of online platforms (e.g., GitHub, Hacker News, Product Hunt, AI tools, academic papers, job boards) for AI assistants and indie developers.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Optional API keys (REDDIT_CLIENT_ID, REDDIT_CLIENT_SECRET, OPENROUTER_API_KEY, HUGGINGFACE_TOKEN, SEMANTICSCHOLAR_API_KEY) are needed for full functionality or to bypass rate limits on some platforms. OpenRouter tools explicitly check for an API key.
  • ⚠️Some fetchers (e.g., TrustMRR, RemoteOK fallback) utilize Playwright for web scraping, which requires browser binaries to be installed (`playwright install`).
Verified SafeView Analysis
The server uses environment variables for sensitive API keys (Reddit, OpenRouter, HuggingFace, Semantic Scholar), which is good practice. It fetches data from numerous third-party APIs and performs web scraping on several sites (e.g., Betalist, Replicate, TrustMRR, Gumroad, Twitter via Nitter). Web scraping introduces inherent fragility and potential for breakage if target site structures change. The `TrustMRRFetcher` and fallback for `RemoteOKFetcher` utilize Playwright, which launches a headless browser, adding a dependency and another process to manage. However, there are no obvious hardcoded secrets or malicious code patterns detected in the provided snippets. Input sanitization is implicitly handled by the Pydantic models for output, but direct HTML/JSON parsing should be robust to malformed data.
Updated: 2025-12-04GitHub
31
3
High Cost
2dogsandanerd icon

DAUT

by 2dogsandanerd

Sec6

AI-powered tool to automatically generate and maintain documentation for codebases using LLMs and RAG.

Setup Requirements

  • ⚠️Python 3.9+ required
  • ⚠️Local Ollama instance running with `llama3` and `nomic-embed-text` models required for AI generation/embeddings
  • ⚠️Local ChromaDB server required for semantic search and vector storage
  • ⚠️MCP_API_KEY environment variable MUST be set to a strong, unique value for secure MCP server operation (default is insecure)
Verified SafeView Analysis
The MCP server uses an API key for authentication. However, the `start_mcp.sh` script and `daut-mcp.service` file default to a weak `MCP_API_KEY="secret-token-123"`. This default MUST be changed by the user to a strong, unique key for secure operation, as explicitly warned in the README.
Updated: 2026-01-06GitHub
31
1
Low Cost
zhiyibaby icon
Sec8

Provides Huawei Cloud API access for AI assistants to query resources, prices, and guide workflows.

Setup Requirements

  • ⚠️Huawei Cloud API Keys: The `README.md` suggests setting `HUAWEI_CLOUD_ACCESS_KEY` and `HUAWEI_CLOUD_SECRET_KEY`. However, the source code (`src/huawei_cloud_ops_mcp_server/config/hw.py`) expects account-specific environment variables (e.g., `XIAOHEI2018_CLOUD_ACCESS_KEY`, `KRSK2021_CLOUD_ACCESS_KEY`) depending on the `account` parameter in tool calls. Users must ensure the correct account-specific variables are set, otherwise authentication will fail.
  • ⚠️Python Version: Requires Python >= 3.11.
  • ⚠️API Method Restrictions: The `huawei_api_request` tool currently only supports `GET` requests for most services. `POST` requests are only supported for `LTS` log content queries. Other `POST`, `PUT`, `DELETE` operations are not supported.
Verified SafeView Analysis
The server retrieves Huawei Cloud API keys from environment variables, which is good practice. API requests are signed using standard cryptographic methods (HMAC-SHA256/SM3). It explicitly restricts `huawei_api_request` to 'GET' methods (with a specific exception for 'POST' on LTS log queries), preventing arbitrary write/delete operations. Error handling, specifically `strict_error_handler`, captures all exceptions and returns full tracebacks in its output, which could expose internal system details if not handled securely by the consuming AI client. The server itself does not perform LLM calls, so 'avg_tokens_per_call' is not applicable to its internal operations.
Updated: 2025-12-04GitHub
31
1
Low Cost
juliooidella icon

my-server-mcp

by juliooidella

Sec9

Integrates Jira Cloud and Discord with GitHub Copilot via an MCP server to automate development tasks and provide context to AI agents.

Setup Requirements

  • ⚠️Requires an Atlassian Jira Cloud account and a generated API token.
  • ⚠️Requires GitHub Copilot enabled and VS Code (v1.102+) for client integration.
  • ⚠️The `MCP_PROD_TOKEN` environment variable is mandatory for server authentication.
Verified SafeView Analysis
The server uses environment variables for all sensitive credentials (Jira username, API token, MCP token, Discord webhook URL), preventing hardcoding. It implements token-based authentication (`MCP_PROD_TOKEN`) for client-server communication using `StaticTokenVerifier`. No 'eval' or malicious patterns were found. While Jira custom field IDs are hardcoded, this is typical for Jira integrations and not a security vulnerability. Error handling for API calls is present, but comprehensive input sanitization for all tool parameters against potential injection attacks, if exposed to untrusted inputs, could be further enhanced. Given its intended use as an internal tool for a Copilot agent, current measures are strong.
Updated: 2025-12-05GitHub
31
1
Low Cost
adrianmdevs icon

mcp_server_ts

by adrianmdevs

Sec8

Provides a Model Context Protocol (MCP) server that exposes defined tools (e.g., "create-user") for client applications.

Setup Requirements

  • ⚠️Requires Node.js (version >=18 as per `package-lock.json` for several dependencies) and npm installed.
  • ⚠️For development, running `node src/server.ts` directly on a TypeScript file typically requires `ts-node` (a dev dependency) or a prior TypeScript compilation step (`tsc`) to produce JavaScript output. The `server:dev` script implicitly relies on this setup.
  • ⚠️The Model Context Protocol SDK is a core dependency, and understanding its architecture is necessary for effective development and interaction.
Verified SafeView Analysis
The provided `src/server.ts` defines a 'create-user' tool, but its implementation is an empty `try...catch` block. This means no actual data persistence or external interaction occurs within the tool's logic as provided, minimizing immediate security risks. However, if real database or external API calls were to be added to this empty block, they would require robust input validation and sanitization to prevent common vulnerabilities (e.g., SQL injection, XSS). The server uses `StdioServerTransport` for local communication, which limits direct network attack surface, unless the commented `StreamableHTTPServerTransport` is enabled without proper security configurations. The `DANGEROUSLY_OMIT_AUTH=true` flag in a `package.json` script (`server:inspect`) is a development-time risk associated with the inspector, not the server's core runtime logic, but highlights a potential for misconfiguration.
Updated: 2025-12-13GitHub
31
1
Medium Cost
dilettacal icon

bug-buster-ai

by dilettacal

Sec4

A cybersecurity AI agent that analyzes Python code for vulnerabilities using OpenAI's LLMs and Semgrep, deployable on Azure and GCP.

Setup Requirements

  • ⚠️Requires Docker for recommended local setup, or Node.js and `uv` for local development.
  • ⚠️Requires OpenAI API Key (paid service) and Semgrep App Token for core functionality.
  • ⚠️Requires significant Azure CLI and Terraform setup for cloud deployment, including manual Key Vault secret population and Container App secret linking post-Terraform apply.
  • ⚠️The presence of `eval(expr)` in `backend/airline.py` is a critical security risk; ensure `airline.py` is not used in a production or user-facing context, or remove it entirely.
Review RequiredView Analysis
The `backend/airline.py` file, which is part of the provided source code, contains a `calculate` function that uses `eval(expr)`. If this function were exposed to untrusted user input, it would be a severe remote code execution vulnerability. While `backend/server.py` (the core API) does not appear to directly use this `airline.py` file, its presence in the repository's backend makes it a significant security risk if the architecture were ever changed or if `airline.py` were invoked in an insecure context. Other aspects, like handling API keys via Key Vault and OIDC for deployment, are good practices. Diagnostic endpoints `/network-test` and `/semgrep-test` provide system information, which could be a minor information disclosure risk, but are common for health checks.
Updated: 2025-11-23GitHub
PreviousPage 191 of 713Next