Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

30
1
Medium Cost
lesleslie icon

session-buddy

by lesleslie

Sec9

The MCP server provides comprehensive session management, conversation memory, quality monitoring, and developer tooling integration for Claude Code projects, aiming to reduce token usage and enhance development workflows. It integrates with various LLM providers, Git worktrees, and code quality tools like Crackerjack.

Setup Requirements

  • ⚠️Requires `uv` for Python package management. Users may need to install `uv` and run `uv sync --extra embeddings` for full functionality.
  • ⚠️Full LLM-powered features (e.g., entity extraction, AI agent recommendations) require API keys for cloud providers (e.g., `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`, `GEMINI_API_KEY`/`GOOGLE_API_KEY`) or a locally running Ollama server (`OLLAMA_BASE_URL`). These can incur costs.
  • ⚠️Crackerjack integration requires the `crackerjack` Python package to be installed.
  • ⚠️Uses embedded `DuckDB` for reflection and knowledge graph databases.
  • ⚠️Optional serverless mode features require `redis` and `boto3` dependencies.
Verified SafeView Analysis
The project demonstrates strong security awareness, particularly in handling subprocess execution (explicitly uses `shell=False` and includes input validation for commands, branch names, and paths) and database interactions (parameterized SQL queries). Hashlib usage for content deduplication is correctly flagged with `usedforsecurity=False`. Pydantic models are used for robust parameter validation, mitigating injection risks. API key handling includes masking for display. The project's security posture for common vulnerabilities like command injection and SQL injection is robust, with dedicated tests. One point deducted due to the inherent complexity of integrating with numerous external systems (LLMs, Git, external tools), which always presents a broader attack surface, though well-mitigated within the application's scope.
Updated: 2026-01-19GitHub
30
1
High Cost
tblakex01 icon

mcp_troubleshooter

by tblakex01

Sec9

A Model Context Protocol (MCP) server that provides comprehensive system troubleshooting and diagnostic tools for developers and system administrators, enabling LLMs to diagnose system issues, monitor resources, check logs, and test connectivity.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires manual configuration of an absolute path in the Claude Desktop `claude_desktop_config.json` file.
  • ⚠️System calls via `psutil` or `subprocess` may require appropriate user permissions on the host system.
Verified SafeView Analysis
The project demonstrates a strong "Security First" design principle. It implements a strict command whitelist (`SAFE_COMMANDS`) for `troubleshooting_execute_safe_command`, preventing arbitrary code execution. All inputs are rigorously validated using Pydantic models with type checking, range constraints, and pattern validation. Critical operations include timeout protection to prevent denial of service. The `log_reader` tool enforces access restrictions to `ALLOWED_LOG_DIRS` and uses `Path.resolve()` to mitigate path traversal vulnerabilities. Environment variables containing sensitive patterns are masked during inspection. While the security measures are robust for its intended diagnostic purpose, the inherent risk of running any system commands via an LLM, even whitelisted ones, means vigilance is always required.
Updated: 2026-01-17GitHub
30
1
Medium Cost
EdibleTuber icon

void-mcp-server

by EdibleTuber

Sec9

Provides a secure, sandboxed filesystem server for AI agents via the Model Context Protocol (MCP), enabling file and directory operations within a defined project root.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️A known issue in Void Editor may restrict MCP servers to Void's installation directory, requiring project relocation or a workaround for 'allowed_root'.
  • ⚠️Requires absolute paths for the Python executable and server script in Void Editor configuration.
Verified SafeView Analysis
The server implements robust security measures including path sandboxing via Path.resolve() and relative_to() checks, a comprehensive list of blocked patterns for sensitive files and directories, extension whitelisting, and configurable file size limits. Crucially, it explicitly states 'No Shell Access' and avoids dangerous functions like eval() or subprocess.run() for arbitrary command execution. This makes it highly secure for its stated purpose within the defined sandbox.
Updated: 2025-11-30GitHub
30
3
Low Cost
alecf icon

airtop-mcp

by alecf

Sec9

Provides a Model Context Protocol (MCP) server to integrate AI agents with Airtop's browser automation and AI query services.

Setup Requirements

  • ⚠️Requires Airtop API Key (AIRTOP_API_KEY environment variable).
  • ⚠️Requires Node.js (version 18 or higher based on dependencies).
  • ⚠️Uses port 3456 by default, which might conflict with other services (configurable via PORT environment variable).
Verified SafeView Analysis
The server securely handles the Airtop API key by requiring it as an environment variable and uses Zod for input validation on tool arguments. It does not contain direct `eval` calls or other obvious malicious patterns. Network exposure is limited to standard HTTP/SSE endpoints. The primary security considerations would be the security of the Airtop API itself and proper management of the AIRTOP_API_KEY by the user.
Updated: 2026-01-07GitHub
30
1
Low Cost
GitHub30 icon

dns-mcp-server

by GitHub30

Sec8

Provides DNS lookup capabilities as a Model Context Protocol (MCP) server.

Verified SafeView Analysis
The server uses `dnspython` for DNS lookups. While `dnspython` is generally robust, any public DNS lookup service could potentially be used in DDoS amplification/reflection attacks if not properly secured at a higher network layer. The application code itself does not show immediate vulnerabilities like `eval`, hardcoded secrets, or command injection flaws through its direct use of `dnspython`'s resolve functions. The 'readOnlyHint' annotation is a good practice for informational tools.
Updated: 2025-11-27GitHub
30
1
Low Cost
dongitran icon

Jira-MCP-Server

by dongitran

Sec9

Provides an AI-callable interface (via Model Context Protocol) to manage Jira tasks, sprints, comments, and team workload using OAuth authentication.

Setup Requirements

  • ⚠️Requires obtaining OAuth 2.0 (3LO) credentials (client ID, client secret, access token, refresh token, cloud ID) from Atlassian, which can be a multi-step process or use a helper tool.
  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Needs specific JSON configuration within the user's IDE (e.g., Claude Desktop, Cursor, VS Code) to define the MCP server and pass credentials.
Verified SafeView Analysis
OAuth credentials (access_token, refresh_token, client_id, client_secret, cloud_id) are passed as command-line arguments and persisted to a user-specific cache file (`~/.jira-mcp/tokens.cache`) for convenience. This cache file is excluded from version control (`.gitignore`), but its security relies on the user's local system security. The server implements retry logic and a circuit breaker for robust network handling. No 'eval' or other obvious malicious patterns were found in the provided code.
Updated: 2025-12-15GitHub
30
1
Low Cost
Panduza icon

serial-port

by Panduza

Sec7

Controls and monitors serial port-connected power supplies via MQTT or Model Context Protocol (MCP) interfaces, with an optional Terminal User Interface.

Setup Requirements

  • ⚠️Requires Rust toolchain and Cargo for building and running.
  • ⚠️Requires appropriate system permissions for serial port access.
  • ⚠️The `pza-toolkit` dependency is pulled from a GitHub 'main' branch, which may indicate instability or breaking changes.
  • ⚠️Configuration file `pza-serial-port.json5` must be manually adjusted for specific serial port parameters (e.g., baud rate, USB VID/PID).
Verified SafeView Analysis
The server primarily acts as a bridge to serial hardware, allowing raw byte/text transmission and reception via MQTT and MCP. This functionality inherently allows for direct manipulation of connected devices, which requires careful use by the client. The MCP server binds to a configurable host and port. By default, it's local (127.0.0.1:5002), which is secure. However, if configured to bind to a public IP (e.g., 0.0.0.0) with the permissive CORS layer enabled (as indicated by `CorsLayer::permissive()`), it could expose the serial port control to unauthorized network access. Input parsing (e.g., hex decoding, UTF-8 conversion) includes error handling, preventing crashes from malformed data. No hardcoded secrets or 'eval' are present.
Updated: 2025-12-02GitHub
30
1
Medium Cost
trevSmart icon
Sec8

This server provides a Model Context Protocol (MCP) interface to Salesforce organizations, enabling AI agents to interact with Salesforce data and metadata through a suite of specialized tools for development, administration, and data management tasks.

Setup Requirements

  • ⚠️Requires Salesforce CLI to be installed and logged into a target org.
  • ⚠️Requires Playwright Chromium browser to be installed for `get_setup_audit_trail` tool (can be installed automatically on first use, adding initial download/setup time).
  • ⚠️Relies on specific environment variables (e.g., GITHUB_TOKEN, PASSWORD) for certain features and server security.
Verified SafeView Analysis
The server extensively uses Zod for input validation and `shellQuote.quote` for sanitizing commands sent to the Salesforce CLI, mitigating injection risks. Sensitive information like tokens and passwords are expected from environment variables and are redacted in logs. User confirmation (`elicitation`) is implemented for destructive operations. The project's active secret scanning is a positive indicator. Potential risks include the inherent power of direct Salesforce CLI command execution if not strictly controlled within tool handlers, and the use of Playwright for audit trail download which introduces browser-related attack surface.
Updated: 2025-12-12GitHub
30
1
Low Cost
hyperpolymath icon

poly-iac-mcp

by hyperpolymath

Sec6

A unified Model Context Protocol (MCP) server for Infrastructure as Code (IaC) management, allowing AI assistants to plan, apply, and manage infrastructure using Terraform/OpenTofu and Pulumi.

Setup Requirements

  • ⚠️Requires Deno runtime installed.
  • ⚠️Requires OpenTofu or Terraform CLI installed and accessible in the system's PATH for Terraform tools.
  • ⚠️Requires Pulumi CLI installed and accessible in the system's PATH for Pulumi tools.
Verified SafeView Analysis
The server's core function involves executing external Infrastructure as Code (IaC) CLI tools (Terraform/OpenTofu, Pulumi) using `Deno.Command.run`. This operation is inherently high-privilege and requires `allow-run`, `allow-read`, `allow-write`, and `allow-env` permissions. While `Deno.Command` passes arguments as an array (mitigating direct shell injection within arguments), the server processes arguments directly from client input. Users must ensure robust authentication and authorization at the MCP client layer and rigorously validate inputs to prevent malicious IaC operations. The README provides important security considerations for users, emphasizing careful handling of credentials and plan reviews. No `eval` or intentional obfuscation was found.
Updated: 2026-01-18GitHub
30
1
Medium Cost
lucasmangelo2 icon

mcp-poc

by lucasmangelo2

Sec8

A self-contained .NET Model Context Protocol (MCP) server for local development and NuGet publication, offering tools for calculations, CEP lookups, random number generation, and history tracking, integrated with AI assistants like Copilot.

Setup Requirements

  • ⚠️Requires an IDE (VS Code or Visual Studio) with Model Context Protocol (MCP) server support, which is currently in an early preview stage.
  • ⚠️If using the NuGet package, the specific package ID and version must be manually configured in the `.mcp.json` file.
Verified SafeView Analysis
The server uses standard practices like Dependency Injection for HttpClient and async/await for I/O operations. History tracking uses thread-safe ConcurrentBag. No 'eval', obfuscation, or hardcoded secrets are evident in the provided source code snippets. Communication is via stdio, a local channel. External API calls (ViaCEP) are handled through a configured HttpClient, with general risks associated with external APIs (e.g., rate limiting, data validation, although validation for CEP format is mentioned).
Updated: 2026-01-19GitHub
30
1
High Cost
directive-reticule640 icon

codex-mcp-server

by directive-reticule640

Sec9

Integrates OpenAI's Codex CLI with Model Context Protocol (MCP) clients to enable AI-powered code analysis, generation, and brainstorming directly within development environments.

Setup Requirements

  • ⚠️Requires Codex CLI (from OpenAI) installed and authenticated on your system.
  • ⚠️Requires a paid OpenAI API key or ChatGPT subscription for Codex CLI functionality.
  • ⚠️Requires Node.js v18.0.0 or higher.
Verified SafeView Analysis
The server implements robust input validation using Zod and utilizes 'cross-spawn' for external command execution, which is generally safer than raw shell execution for arguments. It transparently exposes the underlying Codex CLI's sandbox modes ('read-only', 'workspace-write', 'danger-full-access') and approval policies, explicitly flagging the 'yolo' (bypass all safety) option as dangerous. No hardcoded secrets were found; API key management is delegated to the Codex CLI (via 'codex login' or 'OPENAI_API_KEY' environment variable). Overall safety heavily relies on the user's careful configuration and understanding of the Codex CLI's sandbox and approval settings, as the server delegates powerful operations to the AI agent.
Updated: 2026-01-19GitHub
30
1
Medium Cost
TeamSparkAI icon

mcp-registry

by TeamSparkAI

Sec8

A comprehensive Model Context Protocol (MCP) server catalog, discovery platform, and validation tool, enabling developers and AI practitioners to find, evaluate, and integrate MCP servers with schema validation and linting.

Setup Requirements

  • ⚠️Requires Node.js 18+ and pnpm 10+
  • ⚠️For local development, manual `.env.local` configuration is needed for `NEXT_PUBLIC_REGISTRY_URL` to test against local API server instead of the default external registry.
  • ⚠️Relies on `public/server-registry.json` which is generated by a daily GitHub Action or can be downloaded manually via `pnpm registry:download`.
Verified SafeView Analysis
The system explicitly warns about potential command injection risks within the `Argument` schema definition, indicating awareness of this common vulnerability. API endpoints use `Access-Control-Allow-Origin: *` for CORS, which is standard for public APIs but means any domain can make requests, a common consideration for public data. No hardcoded secrets or direct malicious patterns like 'eval' were found in the provided source.
Updated: 2026-01-19GitHub
PreviousPage 206 of 713Next