Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

30
1
Low Cost
Dasix icon
Sec8

Provides shared memory capabilities and tooling for multiple AI agent instances, backed by Git for version control and persistence. It offers a boilerplate structure for building Model Context Protocol (MCP) servers.

Setup Requirements

  • ⚠️Extended IP address data (ASN, host, organization, etc.) from the `ip_get_details` tool requires an `IPAPI_API_TOKEN` environment variable; without it, only basic information is retrieved.
  • ⚠️The server currently supports only STDIO transport; attempting to start it in SSE (HTTP/SSE) mode will result in an explicit error as it is not yet implemented.
  • ⚠️To utilize the full 'shared memory' features described in the `README.md` (e.g., Git-backed persistence, project metadata), the `GIT_REPO_URL`, `GIT_REPO_PATH`, and `PROJECT_META_PATH` environment variables would need to be configured.
Verified SafeView Analysis
The provided code snippets, primarily focusing on an IP address lookup tool, demonstrate good security practices including input validation (Zod schemas, service-level checks for private/reserved IPs), proper API interaction (URLSearchParams for query parameters, `fetch` utility with error handling), and safe file system operations for configurations and logging (using `path.join`). There are no direct uses of `eval` or arbitrary shell command execution. Hardcoded sensitive data is avoided, relying on environment variables or config files for API tokens. However, a full security audit of the core 'shared memory' functionality (Git operations, template system, client authentication with `SHARED_MEMORY_TOKEN`) cannot be completed as the corresponding source code for these features was not provided. The `README.md` mentions 'File path sanitization prevents directory traversal' and 'Template validation before saving' which indicates an awareness of these concerns for the unexamined parts.
Updated: 2026-01-19GitHub
30
1
Medium Cost
insightfinder icon

insightfinder-mcp-server

by insightfinder

Sec9

This server enables Large Language Models (LLMs) to interact with the InsightFinder platform, providing capabilities for incident management, anomaly detection, system monitoring, and deployment analysis.

Setup Requirements

  • ⚠️Requires Python 3.8 or higher.
  • ⚠️InsightFinder credentials (`X-IF-License-Key`, `X-IF-User-Name`) must be provided via HTTP headers on each request, not as server environment variables.
  • ⚠️For secure operation, the MCP server's `HTTP_API_KEY` (or other configured authentication credentials) should be explicitly set via environment variables, though it generates a default if missing.
Verified SafeView Analysis
The server implements robust authentication (API Key, Bearer, Basic), rate limiting, and IP whitelisting. InsightFinder and JIRA API credentials are securely passed via request headers, not stored in server configuration, enhancing multi-tenancy and isolation. It handles proxy headers, limits request/response sizes, and uses secure token generation for defaults. A deprecated JIRA tool function contains hardcoded values, but this function is not actively used by exposed tools and is explicitly marked for removal.
Updated: 2026-01-16GitHub
30
1
Medium Cost
QuentinCody icon

datacite-mcp-server

by QuentinCody

Sec9

A Model Context Protocol (MCP) server that enables AI assistants to query the DataCite GraphQL API for rich metadata about research outputs, including DOIs, datasets, software, publications, and their connections within the PID Graph.

Setup Requirements

  • ⚠️Requires deployment to Cloudflare Workers or local emulation using `wrangler dev`.
  • ⚠️For non-local or sandboxed clients, the `MCP_ALLOWED_ORIGINS` environment variable must be configured to allow specific origins, due to enforced origin validation.
  • ⚠️Relies on a Cloudflare Durable Object (implicitly backed by SQLite) for staging large responses, which requires a Cloudflare account setup and Durable Object binding for full functionality.
Verified SafeView Analysis
The server implements origin validation for incoming MCP requests, enhancing security. It uses Cloudflare Durable Objects (SQLite-backed) for staging large responses, which is a managed and secure storage solution in a serverless environment. External GraphQL API calls are directed to a known DataCite endpoint. There is no observed use of `eval` or other dangerous dynamic code execution, and no sensitive hardcoded secrets are present.
Updated: 2025-12-01GitHub
30
1
High Cost
slamer59 icon

mcp-seo

by slamer59

Sec8

A server providing comprehensive SEO analysis, keyword research, competitor intelligence, PageRank calculations, and internal link structure analysis, primarily leveraging the DataForSEO API and Kuzu graph database.

Setup Requirements

  • ⚠️Requires DataForSEO API credentials (DATAFORSEO_LOGIN, DATAFORSEO_PASSWORD), which is a paid service.
  • ⚠️Relies on Kuzu graph database (requires 'kuzu' Python package), which may require specific system dependencies or setup for optimal performance.
  • ⚠️Performs web crawling (uses 'aiohttp' and 'BeautifulSoup4'), potentially consuming network bandwidth and requiring robust error handling for various HTML structures.
Verified SafeView Analysis
The server's core functionality involves extensive external API calls (DataForSEO) and web crawling (LinkGraphBuilder uses aiohttp, BeautifulSoup4). While API credentials are correctly handled via environment variables and standard authentication methods (Basic Auth), and no direct 'eval' or hardcoded secrets were found, web crawling inherently involves processing arbitrary external content, which can introduce risks from malformed or malicious data. The Kuzu database is managed locally via temporary files. The overall design follows good practices for its intended purpose.
Updated: 2025-11-27GitHub
30
1
Low Cost
sbroenne icon

mcp-server-obs

by sbroenne

Sec8

Control OBS Studio's recording, streaming, and scene management from VS Code using AI assistants.

Setup Requirements

  • ⚠️Requires Windows OS.
  • ⚠️Requires OBS Studio with WebSocket server enabled and configured (port, optional password).
  • ⚠️Requires .NET 10 Runtime for standalone server operation, or .NET 8 Runtime for the VS Code extension to acquire it.
  • ⚠️Requires VS Code 1.106.0 or later and an MCP-compatible AI assistant (e.g., GitHub Copilot).
Verified SafeView Analysis
The server runs as a local .NET executable and connects to OBS Studio via its WebSocket server, primarily on localhost. Connection details (host, port, password) are managed through VS Code settings or environment variables, preventing hardcoded secrets. No 'eval' or obvious obfuscation is present in the provided JavaScript components. The core .NET server's source code was not provided for a full audit, but it is stated to use the 'obs-websocket-dotnet' library, which is a standard open-source client. The overall security relies heavily on the user configuring OBS Studio's WebSocket server securely (e.g., strong password, not exposing it to the public internet).
Updated: 2026-01-12GitHub
30
1
High Cost
IDragos94 icon

codemesh

by IDragos94

Sec1

CodeMesh acts as an intermediary MCP server that allows AI agents to write and execute TypeScript code to orchestrate tools and data from multiple configured MCP servers, featuring a self-improving augmentation system for documentation.

Setup Requirements

  • ⚠️Requires Node.js 18+ and pnpm (or npm) for development and running.
  • ⚠️Requires a `.codemesh/config.json` file in the project root to define the MCP servers it will orchestrate.
  • ⚠️The core `vm2` dependency, used for sandboxed code execution, is deprecated and has known critical security vulnerabilities, making it unsafe for production or untrusted code execution.
Review RequiredView Analysis
The project relies on `vm2@3.9.19` for sandboxed TypeScript code execution. The `pnpm-lock.yaml` explicitly marks this dependency as "deprecated: The library contains critical security issues and should not be used for production! The maintenance of the project has been discontinued. Consider migrating your code to isolated-vm." This poses a significant security risk, as a malicious agent or crafted input could exploit these vulnerabilities to break out of the sandbox. While `eval: false` and `wasm: false` are configured, these do not mitigate the underlying `vm2` security issues. Environment variable handling for sub-servers correctly uses substitution to prevent hardcoding secrets.
Updated: 2026-01-19GitHub
30
1
Medium Cost
zcebupelka icon

graphql-mcp-bridge

by zcebupelka

Sec9

Facilitates seamless integration between GraphQL APIs and Model Context Protocol (MCP) compatible AI systems by converting GraphQL schemas into type-safe, validated MCP tools.

Setup Requirements

  • ⚠️Requires Node.js version 24.0.0 or higher.
  • ⚠️Expects a valid GraphQL schema string as input for `schemaParser`.
  • ⚠️Intended for integration with an external Model Context Protocol (MCP) server, requiring additional setup for the MCP server itself (e.g., `@modelcontextprotocol/sdk/server/mcp`).
  • ⚠️To execute generated GraphQL queries, a separate GraphQL client library (e.g., `@apollo/client`, `graphql-request`) is needed.
Verified SafeView Analysis
The library employs Zod for comprehensive input and output validation, significantly reducing common injection risks. GraphQL queries are generated using variables (`$var`) rather than direct string interpolation of user data, preventing GraphQL injection vulnerabilities. No direct use of `eval` or `child_process` detected at runtime. The `schemaParser` includes configurable limits (`maxOperations`, `maxFields`, `maxSchemaDepth`) to mitigate potential Denial-of-Service attacks from overly complex or large GraphQL schema inputs, though proper configuration is required for very large/malicious schemas.
Updated: 2026-01-19GitHub
30
1
Low Cost
jtwolfe icon
Sec8

Provides AI models and applications with structured access to OParl parliamentary data APIs via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires 'oparl_openapi.json' file to be present in the project root for server initialization.
  • ⚠️Relies on an external OParl API endpoint (defined by OPARL_BASE_URL); connectivity and API key validity are crucial for functionality.
Verified SafeView Analysis
The server uses `pydantic_settings` for configuration, allowing API keys to be loaded securely from environment variables or `.env` files, rather than being hardcoded. It integrates with `httpx` for making asynchronous API calls to external OParl APIs, with timeouts configured. There is no usage of `eval` or similar dangerous functions that could lead to immediate remote code execution. The system relies on an `oparl_openapi.json` file for its API definition; ensuring this file is trusted is important. Outbound network requests are fundamental to its operation, so the security of the target OParl API is an external dependency. Overall, the codebase appears to follow good security practices for its architectural pattern.
Updated: 2025-12-15GitHub
30
1
Medium Cost
omise icon

omise-mcp

by omise

Sec9

Facilitate secure and managed integration with Omise payment APIs for various financial operations using the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Node.js 20+ to run directly or Docker/Podman for containerized deployment.
  • ⚠️Mandatory Omise Account and API Keys (`OMISE_SECRET_KEY`, `OMISE_ENVIRONMENT`) must be configured.
  • ⚠️Mandatory tool access control (`TOOLS` environment variable) must be explicitly set ('all' or a comma-separated list of tool names). The server will not start without this.
Verified SafeView Analysis
The server demonstrates strong security practices including explicit tool-level access control via the 'TOOLS' environment variable, which is mandatory for startup. It validates all incoming parameters for API calls, significantly reducing attack surface. Sensitive data like API keys, passwords, and card numbers are actively masked in logs using `sanitizeHeaders` and `sanitizeBody` functions. The Docker configuration enforces hardened practices like running as a non-root user, using `no-new-privileges`, `read_only` file systems, and `tmpfs` for temporary directories. The `OMISE_SECRET_KEY` is externalized and validated for environment consistency (e.g., preventing live keys in test mode). Comprehensive error handling and logging (with redaction) are in place. No 'eval' or obvious obfuscation found.
Updated: 2025-11-29GitHub
30
1
High Cost
codeiva4u icon
Sec6

A powerful multi-protocol (MCP, LSP, SSE) server that enables AI agents and other clients to automate Brave Real Browser, featuring anti-detection, ad-blocking, stealth, and advanced web interaction capabilities for complex scraping, data extraction, and workflow automation.

Setup Requirements

  • ⚠️Requires Brave Browser to be installed on the host machine (though brave-real-launcher attempts auto-installation).
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️The `execute_js` tool grants significant control over the browser, requiring strict trust in the input from the calling AI agent or client to prevent malicious code execution.
Verified SafeView Analysis
The server includes an `execute_js` tool, which is an 'ULTRA POWERFUL' feature allowing custom JavaScript code execution directly on the browsed page. This grants high privileges within the browser context and poses a significant security risk if the input to this tool is not from a trusted source or is vulnerable to injection attacks. While `execSync` is used in some system utilities and browser launching components, it is generally for controlled system-level operations like process management and file operations with explicit path sanitization in `file-handlers.ts`. No direct `eval` calls of external input were found in the main processing logic. However, the presence of `execute_js` makes the system highly capable but also highly sensitive to the trustworthiness of the calling agent.
Updated: 2026-01-19GitHub
30
1
Medium Cost
bajoski34 icon

mcp-flutterwave

by bajoski34

Sec9

Enables AI assistants to interact with Flutterwave for payment processing, transaction management, and financial operations.

Setup Requirements

  • ⚠️Requires a Flutterwave Secret Key (FLW_SECRET_KEY) obtained from the Flutterwave dashboard.
  • ⚠️Requires Node.js v18 or higher.
  • ⚠️The 'mcp-flutterwave' command line tool requires the '--tools' argument specifying which tools to enable (e.g., '--tools=all').
Verified SafeView Analysis
The server correctly utilizes environment variables (FLW_SECRET_KEY) for API authentication, avoiding hardcoded credentials. It leverages openapi-fetch for API interactions, which provides type safety and a structured approach to external calls. Input validation is performed using Zod schemas for tool arguments. No eval or similar dangerous functions are observed without clear justification.
Updated: 2026-01-16GitHub
30
1
High Cost
dabster108 icon
Sec8

An AI-powered recommendation system for students, providing personalized content (forums, courses, events, scholarships, etc.) and integrating with an AI assistant via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Requires Google Gemini API Key (paid, for AI assistant and semantic checks)
  • ⚠️Requires Groq API Key (paid, for enhanced keyword extraction) for full functionality, though the current `app/main.py` uses Gemini for keyword extraction.
  • ⚠️The FastAPI server must be running before the MCP server and client can successfully start and connect to it.
Verified SafeView Analysis
The project correctly uses environment variables for API keys (GEMINI_API_KEY, GROQ_API_KEY) and implements robust Pydantic-based data validation, significantly reducing common web vulnerabilities. However, the CORS `allow_origins=["*"]` is a security risk in production environments and should be restricted to known origins. Student data is stored in flat JSON files (`student.json`), which is not suitable for production and lacks proper access control or encryption. Interaction with external LLM APIs (Google Gemini) introduces dependency on third-party services for data handling (user queries, content items). No direct `eval` or blatant malicious patterns were found.
Updated: 2025-12-04GitHub
PreviousPage 202 of 713Next