Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

31
1
High Cost
standardbeagle icon

standardbeagle-tools

by standardbeagle

Sec9

Design high-quality Model Context Protocol (MCP) servers with progressive discovery, context compression, and token-efficient responses.

Verified SafeView Analysis
The mcp-architect plugin primarily functions as a design and analysis tool within the Claude Code environment. Its operations involve generating JSON structures, reports, and guidance, rather than directly executing external code or handling sensitive runtime operations itself. The actual MCP servers it helps design (like agnt or lci) are external and require their own security considerations, but the plugin's own source code does not show direct security risks such as 'eval', hardcoded secrets, or direct network vulnerabilities. Its risks are largely limited to potential misuse of generated designs or the LLM's interpretation rather than code execution vulnerabilities within the plugin itself.
Updated: 2026-01-18GitHub
31
1
Medium Cost
Cubical6 icon

structurizr-mcp

by Cubical6

Sec9

Enables AI assistants to create, manage, analyze, and visualize C4 architecture diagrams as code (Structurizr DSL) for software systems, including people, containers, components, relationships, and various views.

Setup Requirements

  • ⚠️Requires PHP 8.1 or higher and Composer for dependencies.
  • ⚠️Requires Docker or a local Structurizr CLI installation for DSL validation and diagram exports (PlantUML, Mermaid).
  • ⚠️Configuration for Claude Desktop requires an absolute path to `server.php` and escaping backslashes on Windows.
Verified SafeView Analysis
The server implements robust security measures. It uses Symfony Process with array form to prevent command injection, performs strict input validation (schema-based, sanitization), prevents path traversal by sanitizing workspace IDs and resolving real paths within allowed directories, and handles credentials securely via environment variables with sanitization in logs and memory cleanup. It runs over stdio, reducing direct network exposure risks. Comprehensive documentation on security best practices is provided.
Updated: 2025-11-29GitHub
31
3
Low Cost
chmouel icon

jayrah

by chmouel

Sec8

A command-line interface, terminal UI, and web interface for managing Jira issues, designed for integration with AI tools like VS Code Copilot.

Setup Requirements

  • ⚠️Requires Python 3.12+.
  • ⚠️`uv` (or `uvx`) package installer/runner is required for easy installation and execution.
  • ⚠️Mandatory `~/.config/jayrah/config.yaml` setup for Jira server URL, user, password/API token, and project key. The password can optionally use a `pass::` prefix, requiring the `pass` (password store) utility.
  • ⚠️For the MCP server in network mode (`--host`, `--port`), additional security measures (e.g., firewall configuration) are critical if exposed beyond localhost, though this is implicitly warned against.
Verified SafeView Analysis
The project handles Jira authentication (Basic/Bearer) by requiring user credentials in a config file or via environment variables. It supports `pass::` integration for password management, which delegates secure storage to an external tool. The `insecure` SSL option (disabling certificate verification) is available, which is a significant risk if used on untrusted networks or with public exposure. The `web` server component is explicitly warned against public exposure as it is not hardened for production. The `mcp` server, by default, operates over `stdio` for local inter-process communication, which is safer than network exposure. However, it also offers `--host` and `--port` options for network binding, which, if misconfigured without proper network security (e.g., firewalls), could lead to unauthorized access. `subprocess.run` is used for justified, local operations like launching the user's text editor or the `pass` utility. Python's `pickle` module is used for caching Jira API responses locally; while `pickle` can be a security risk with untrusted input, here it processes data from the Jira API, which is assumed to be a trusted source in this context. Overall, if configured and run as intended (locally, with trusted AI agents, and avoiding public exposure, especially with `--insecure` or network binding), the risks are manageable, but the `insecure` option and potential for misconfigured network binding are notable concerns.
Updated: 2026-01-09GitHub
31
1
Low Cost
mugdhav icon
Sec10

Enables AI assistants to semantically search local images and videos using natural language, prioritizing user privacy by processing all data locally without cloud uploads.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️First run downloads an AI model (~150MB SigLIP) and performs initial media indexing, which can take several minutes depending on library size and hardware.
  • ⚠️Indexing videos takes longer as it extracts frames to understand the content.
  • ⚠️Requires sufficient local CPU/GPU and RAM resources, especially for large media libraries.
Verified SafeView Analysis
The server is explicitly designed for local, privacy-first operation. All AI processing, indexing, and search occur on the user's machine. It binds to `localhost` (`127.0.0.1`) and disables public sharing (`share=False`), minimizing network exposure. File system operations are confined to user-configured `MEDIA_DIR` and `INDEX_DIR`. No `eval`, `exec`, or direct calls to untrusted external APIs are present. The AI model download is from Hugging Face, a trusted source for ML models.
Updated: 2025-12-08GitHub
30
1
Medium Cost
WP2-Danikusuma icon

AgentX

by WP2-Danikusuma

Sec1

AgentX is likely a utility designed to interact with and manage a Minecraft (MCP) server, possibly for automation, monitoring, or extended functionality.

Setup Requirements

  • ⚠️CRITICAL: Source code not provided for review, preventing concrete setup analysis.
  • ⚠️Requires configuration for connecting to a Minecraft server (e.g., host, port, RCON credentials or API key).
  • ⚠️Requires a specific runtime environment (e.g., Node.js, Python, or Java) which cannot be determined without source code.
Review RequiredView Analysis
CRITICAL: No source code was provided for analysis. Therefore, a comprehensive security audit could not be performed, and the safety of running this project is entirely unknown. A score of 1 is assigned due to the complete lack of visibility into the codebase, which prevents verification for common risks like 'eval' usage, hardcoded secrets, network vulnerabilities, or malicious patterns. Users should exercise extreme caution as this project cannot be verified without its source code.
Updated: 2026-01-19GitHub
30
1
Medium Cost
th3w1zard1 icon
Sec5

Provides a Model Context Protocol (MCP) server to expose Ghidra's reverse engineering capabilities for automated binary analysis and interaction by AI models or external tools.

Setup Requirements

  • ⚠️Requires Ghidra installation with `GHIDRA_INSTALL_DIR` environment variable set.
  • ⚠️Requires Gradle for building the Ghidra extension.
  • ⚠️Requires Java 21 runtime environment.
Review RequiredView Analysis
The server defaults to binding on all network interfaces (0.0.0.0) and has API Key authentication disabled by default. This creates a critical security vulnerability if run without explicit configuration to enable API keys and restrict network binding. It can perform extensive filesystem operations (importing, creating/deleting projects) and complex, resource-intensive analysis (decompilation) which could be exploited without proper access control. While internal Ghidra operations are wrapped in transactions and resource limits (like decompiler timeouts) are present, the default network exposure with no authentication is a major concern.
Updated: 2026-01-16GitHub
30
1
Low Cost
aplaceforallmystuff icon

mcp-kit

by aplaceforallmystuff

Sec9

Connects AI assistants to Kit.com for managing email marketing tasks like subscribers, tags, sequences, and broadcasts via natural language.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️A valid Kit.com API Key (v4 API) is mandatory and must be provided via the KIT_API_KEY environment variable.
  • ⚠️This is an MCP (Model Context Protocol) server designed to be run as a child process by a compatible MCP client (e.g., Claude Desktop/Code).
Verified SafeView Analysis
The server correctly retrieves the Kit.com API key from environment variables, preventing hardcoding. It uses standard HTTP fetch operations and Zod for robust input validation. Error handling returns raw API error bodies, which could potentially expose sensitive information if the upstream Kit.com API includes it, but this is a dependency risk rather than a direct vulnerability in the server's logic. No 'eval' or malicious patterns were identified.
Updated: 2026-01-16GitHub
30
1
Medium Cost
divaxi icon
Sec8

Serves as a Model Context Protocol (MCP) server for AI clients to query and filter data from a SQL database using QueryDSL.

Setup Requirements

  • ⚠️Requires Java SDK and Maven installed.
  • ⚠️Requires a SQL database (PostgreSQL recommended). The provided 'Employees' model is an example, and the code needs to be adjusted to match the user's specific database schema and configuration.
  • ⚠️The provided `compose.yaml` uses default database credentials, which are for local development only and must be replaced with secure credentials for any production deployment.
Verified SafeView Analysis
The server utilizes QueryDSL, which provides type-safe query building and helps prevent SQL injection by avoiding raw string concatenation in queries. Incoming queries are deserialized into a strictly defined JSON schema, limiting arbitrary input and operations. However, the provided `compose.yaml` for setting up the database includes hardcoded default credentials (e.g., `POSTGRES_PASSWORD=secret`), which are not suitable for production environments and must be changed by the user.
Updated: 2025-12-12GitHub
30
1
Medium Cost
martinimarcello00 icon

k8s-observability-mcp

by martinimarcello00

Sec8

Provides an MCP server to explore and analyze Kubernetes metrics, logs, traces, and service graph data for observability and debugging.

Setup Requirements

  • ⚠️Requires Python 3.13+.
  • ⚠️Requires Poetry for dependency management.
  • ⚠️Requires access to a Kubernetes cluster via kubeconfig.
  • ⚠️Requires external Prometheus, Jaeger, and Neo4j instances to be running and accessible.
  • ⚠️Neo4j database requires manual loading of the service graph data from 'hotel-reservation-datagraph.txt' during setup.
Verified SafeView Analysis
The server uses standard Python libraries for interacting with Kubernetes, Prometheus, Jaeger, and Neo4j, which generally use structured arguments or parameterized queries, mitigating common injection risks. Environment variables are used for configuration, preventing hardcoded credentials. A minor potential risk could arise if malicious input for pod names in Prometheus queries crafts a regex that causes performance issues, but this is less severe than direct code execution. The Neo4j graph creation/deletion functions are administrative and require manual file input or confirmation, not exposed to general user queries.
Updated: 2025-12-05GitHub
30
1
Low Cost
vivek7557 icon
Sec8

An AI-powered multi-agent system for job seekers to automate job discovery, analyze resumes, match job descriptions, and provide recommendations.

Setup Requirements

  • ⚠️The `google_search_tool.py` contains a **mock** job fetcher; live job searching requires replacing it with a real API or scraper in production.
  • ⚠️The `cv_upload_tool.py` uses a naive fallback (`str(data)`) for binary/PDF files, meaning robust text extraction from such formats will likely not work well and requires integrating a dedicated PDF/DOCX parser.
Verified SafeView Analysis
The project uses direct web scraping (requests.get) to external job boards (Indeed, Naukri, LinkedIn) without explicit rate limiting or advanced anti-bot measures, which could lead to IP blocking or potential terms-of-service violations if used extensively in production. The 'google_search_tool.py', 'mcp_tool.py', and 'openapi_tool.py' are explicitly stubs/mocks for the demo, implying no immediate hardcoded secrets or sensitive external API calls are made with the provided code. No 'eval' or other dynamic code execution patterns were found.
Updated: 2025-12-13GitHub
30
1
Low Cost
divaxi icon

my-mcp-server

by divaxi

Sec9

Provides a schema-based API for AI clients to query and filter employee data from a SQL database using QueryDSL.

Setup Requirements

  • ⚠️Requires Java SDK and Maven to build and run.
  • ⚠️Requires a running SQL database (PostgreSQL recommended, Docker Compose provides a default but needs to be provisioned).
  • ⚠️Requires manual adjustment of database schema, configuration, and Spring Boot properties to fit the user's specific SQL database.
  • ⚠️The MCP client configuration requires an absolute path to the generated JAR file.
Verified SafeView Analysis
The server uses QueryDSL for building database queries, which provides strong protection against SQL injection. Input validation occurs through DTO deserialization and explicit type conversions. No 'eval' or direct command execution identified. The 'compose.yaml' contains a weak default PostgreSQL password ('secret'), which should be changed for production environments, but this is a configuration choice, not a vulnerability in the application's code itself.
Updated: 2025-12-12GitHub
30
1
Low Cost
AngusHsu icon

lunar-mcp-server

by AngusHsu

Sec9

Integrate traditional Chinese lunar calendar information (auspicious dates, festivals, moon phases, zodiac, BaZi) into AI applications through the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Initial download of Skyfield ephemeris data (de421.bsp) on first use (handled by the library, but requires time and network bandwidth).
Verified SafeView Analysis
The server does not use 'eval' or similar dangerous functions. Input validation is present for dates and limits are applied for batch operations (e.g., max 30 dates). Network calls are primarily for fetching astronomical data via trusted libraries (Skyfield). No hardcoded secrets or malicious patterns identified. Standard Python libraries and the MCP protocol are used.
Updated: 2025-12-05GitHub
PreviousPage 194 of 713Next