Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

30
1
High Cost
Manoj00069 icon

Natural-Language-OS

by Manoj00069

Sec10

Natural-Language OS (NLOS) that defines and executes cognitive structures, value systems, and reasoning patterns entirely in natural language, using an LLM as its kernel.

Setup Requirements

  • ⚠️Requires access to a powerful Large Language Model (LLM) (e.g., GPT-4/5, Claude, Grok, Gemini), which may incur significant costs.
  • ⚠️The system operates by pasting lengthy natural language prompts into an LLM's chat interface or API, rather than running a traditional software application.
Verified SafeView Analysis
The provided source code consists solely of Markdown documentation, whitepapers, and natural language prompts intended for an LLM. There is no executable code (e.g., Python, JavaScript) to audit for typical security vulnerabilities such as `eval`, obfuscation, hardcoded secrets, or network risks. The project explicitly states that it does not access hidden memory, jailbreak models, or modify system behavior. Risks, if any, would stem from the LLM's own capabilities and interpretation, rather than from this project's 'code'.
Updated: 2026-01-19GitHub
30
1
Low Cost
LucasBiason icon
Sec3

Automate Notion workflows by encapsulating specific business rules for different database types (Work, Studies, Personal, Youtuber) and exposing them as Model Context Protocol (MCP) tools for AI agents.

Setup Requirements

  • ⚠️Requires a Notion API Token (integration token) with access to relevant databases.
  • ⚠️Requires Notion Database IDs for each specific domain (Work, Studies, Personal, Youtuber) to enable respective tools. Tools for unconfigured databases will raise runtime errors.
  • ⚠️Requires Python 3.10+ if running locally (not via Docker).
Review RequiredView Analysis
The server dynamically generates and executes Python code using `exec()` within the `_build_tool_callable` function during tool registration. While the inputs for code generation (tool names, schemas) are derived from internal, hardcoded definitions, relying on `exec()` for core functionality is a significant security risk. If an attacker could compromise the tool definition files (e.g., via a supply chain attack or direct file system access), they could inject arbitrary code, leading to remote code execution. This makes the server vulnerable if the integrity of its source or deployment environment is compromised.
Updated: 2026-01-09GitHub
30
1
High Cost
ozanmutlu icon

Gitlab-Docs-MCP

by ozanmutlu

Sec8

Provides AI assistants instant access to GitLab's official documentation for intelligent search and content retrieval via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Node.js 22+ to be installed.
  • ⚠️Requires cloning the GitLab documentation repository locally (specifically to `data/gitlab-docs-repo`) as a prerequisite.
  • ⚠️Requires running `npm run build-index` to create the search index before the server can be used.
Verified SafeView Analysis
The server uses `zod` for input validation on tool arguments, which helps prevent injection attacks. File system operations are scoped to a pre-built search index directory, limiting arbitrary file access. No direct `eval` or arbitrary command execution is visible within the server's core logic. Communication is via standard I/O (stdio). The primary risk lies with the client's execution of the `npx` command and the potential for large content retrieval (`getDocPage`) to incur high token costs, which needs to be managed by the AI assistant/user.
Updated: 2026-01-19GitHub
30
1
Low Cost
agustinvalencia icon

mdvault

by agustinvalencia

Sec9

A terminal-based markdown vault manager and MCP server, providing structured note-taking, automation, search, and AI-assisted knowledge management for knowledge workers.

Setup Requirements

  • ⚠️Requires Rust toolchain (Rustup) to be installed for building from source or using `cargo install`.
  • ⚠️Initial setup requires manual creation of `config.toml` file with specific directory paths (`vault_root`, `templates_dir`, `captures_dir`, `macros_dir`, `typedefs_dir`).
  • ⚠️The `mdv reindex` command must be run initially and after significant changes to the vault to enable full search and query functionality.
  • ⚠️For AI-assisted vault interaction via MCP, a separate Python project (`markdown-vault-mcp`) is required, as `mdvault` is primarily a CLI tool that the MCP server utilizes.
Verified SafeView Analysis
The project demonstrates a strong focus on security, particularly concerning user-defined scripts and shell execution. Lua scripts are run in a sandboxed environment, with dangerous globals (`io`, `os`, `require`, `load`, `debug`, `collectgarbage`) explicitly removed and memory/instruction limits applied. Shell command execution within macros requires both a configuration flag (`allow_shell = true`) and an explicit `--trust` CLI flag from the user. Network access (`allow_http`) is similarly gated. An audit trail is mentioned for trusted operations, indicating a defense-in-depth approach.
Updated: 2026-01-19GitHub
30
1
Medium Cost
cfdude icon

mcp-jira

by cfdude

Sec8

Provides enterprise-level integration with Jira's REST API, enabling AI assistants to perform advanced project management, analytics, and strategic planning tasks across multiple Jira instances.

Setup Requirements

  • ⚠️Requires Jira Premium with Advanced Roadmaps for 'Plans' features (create, update, get, archive, trash, duplicate, team management).
  • ⚠️Requires a `.jira-config.json` file for multi-instance configuration and project mappings. Configuration search paths include working directory and home directory.
  • ⚠️Critical for AI: Most tools explicitly require `instance` and `projectKey` parameters to be specified to avoid configuration errors and ensure correct target Jira instance/project.
  • ⚠️Requires `JIRA_EMAIL`, `JIRA_API_TOKEN`, and `JIRA_DOMAIN` environment variables if using a legacy single-instance configuration without a dedicated `.jira-config.json` file.
Verified SafeView Analysis
The server demonstrates good security practices including explicit configuration of API tokens and emails via `.jira-config.json` or environment variables, avoiding hardcoded secrets. It utilizes `zod` for input validation and includes comprehensive error handling for API responses (e.g., 400, 401, 403, 404), which mitigates common injection and access risks. Session management is robust, offering thread-safe multi-client support and state isolation. There is no evidence of `eval` or other dangerous code patterns, and network communication is implied to use HTTPS when connecting to Jira domains. Cross-server integration with Confluence is designed for local communication, reducing external exposure. Overall, it appears safe to run in a well-configured environment.
Updated: 2026-01-19GitHub
30
1
High Cost
studcroc icon
Sec8

This server integrates AI assistants and MCP clients with Atlassian Jira Cloud to retrieve issue attachment metadata and download attachment content.

Setup Requirements

  • ⚠️Requires a Jira Cloud account with API access enabled.
  • ⚠️Requires a Jira API Token to be generated and configured.
  • ⚠️Requires Node.js version 18.x or higher.
Verified SafeView Analysis
The server correctly utilizes environment variables for sensitive Jira credentials (JIRA_DOMAIN, JIRA_EMAIL, JIRA_API_TOKEN), preventing hardcoding. It uses axios for API calls, which is a standard and secure HTTP client. Error handling for API responses is implemented. A minor point is that `jira_get_attachment_image` currently hardcodes the `mimeType` to "image/png" in its response, which is a functional limitation (as noted in the source code TODO) rather than a direct security vulnerability, but it could lead to client-side misinterpretation if not handled carefully by the consuming AI. There are no obvious malicious patterns, use of `eval`, or obfuscation.
Updated: 2026-01-11GitHub
30
1
Low Cost
Knuckles-Team icon

fan-manager

by Knuckles-Team

Sec7

Manages Dell PowerEdge server fan speeds based on CPU temperature and provides an MCP server for integration with Agentic AI systems.

Setup Requirements

  • ⚠️Requires `ipmitool` and `sensors` Linux utilities, typically running in a Linux environment.
  • ⚠️Needs `privileged` access (e.g., Docker `privileged: true` and `/dev/ipmi0` volume mount) for IPMI communication.
  • ⚠️Primarily designed for Dell PowerEdge devices, though contributions for other hardware are sought.
Verified SafeView Analysis
The application requires 'privileged' access (e.g., in Docker) to interact with IPMI devices, which is a significant security consideration but inherent to its core functionality. It uses `os.system` and `os.popen` to execute `ipmitool` and `sensors` commands. While the parameters passed to `ipmitool` for fan control (`fan_level`) are sanitized (integer converted to hex), direct execution of system commands always carries a risk. The MCP server component offers robust authentication options (JWT, OAuth, OIDC, etc.) and middleware for security features like rate limiting, which is a strong positive. No 'eval' or malicious patterns were found.
Updated: 2026-01-19GitHub
30
1
Low Cost
hidao80 icon

mcp-tutorial-1

by hidao80

Sec8

Provides a Model Context Protocol (MCP) server for local SQLite database operations, integrating with AI-enabled IDEs and tools like Cursor, VS Code, and Claude Desktop.

Setup Requirements

  • ⚠️Requires `uv` package manager to be installed for `uvx` execution.
  • ⚠️Node.js 18+ is required for building the Claude Desktop DXT package.
  • ⚠️An internet connection is required for `uvx` to download necessary packages on its first run.
  • ⚠️The SQLite database file (`database.db`) needs manual initialization or creation using `sqlite3` commands.
Verified SafeView Analysis
The server runs the `mcp-server-sqlite` Python package in an isolated environment using `uvx`, which minimizes system contamination. It operates on a SQLite database file whose path is specified by the user or client configuration. No direct malicious patterns, hardcoded secrets, or 'eval' usage were found in the provided source. The primary risks involve potential vulnerabilities within the external `mcp-server-sqlite` package or misuse by pointing the server to unintended or sensitive database files.
Updated: 2026-01-17GitHub
30
1
Low Cost
my-mcp-hub icon

cat-mcp-server

by my-mcp-hub

Sec8

Provides an MCP server that generates customizable cat images via an external API, intended for use by LLM agents.

Setup Requirements

  • ⚠️Requires Node.js runtime to be installed.
  • ⚠️Relies on `npx` for convenient execution, which requires npm/Node.js to be in the system's PATH.
Verified SafeView Analysis
The server uses `express` and listens on a configurable port. It exposes an `/mcp` endpoint for tool calls. The `GenerateCatImage` tool makes external API calls to `https://cataas.com`. Inputs to this tool are validated with Zod, mitigating injection risks for the external API. Development scripts use `child_process.spawn` with `shell: true`, which carries inherent risks, but this pattern is not used with untrusted input in the main server runtime.
Updated: 2026-01-15GitHub
30
1
Medium Cost
Qubinode icon
Sec7

Orchestrates infrastructure automation, deployment, and management using an AI-powered multi-agent system, offering validation, self-correction, and RAG-driven assistance.

Setup Requirements

  • ⚠️LLM API Key (e.g., GEMINI_API_KEY, OPENROUTER_API_KEY, ANTHROPIC_API_KEY, OPENAI_API_KEY, or OLLAMA_BASE_URL) is required for AI features.
  • ⚠️Podman or Docker is required for containerized services.
  • ⚠️Root privileges are required for initial system setup scripts.
  • ⚠️RHEL-based systems (RHEL 8/9/10, CentOS Stream 10) may require a Red Hat subscription for full functionality.
  • ⚠️Automated scripts modify firewall rules and network settings, which might interfere with existing configurations.
  • ⚠️Python 3.9+ is required, with older Python 3.6.8 environments automatically upgraded to 3.9.
Verified SafeView Analysis
Credentials (AWS, Airflow, Vault tokens) are managed securely through Ansible Vault (`ansiblesafe`) and HashiCorp Vault integration. Setup scripts require/manage root privileges and `sudoers` configurations, which is necessary but high privilege. Certain containers run as root (`user: "0:0"`) for `libvirt` socket access. Network configuration scripts modify firewall rules and network settings. The AI Assistant's FastAPI application uses `allow_origins=["*"]` for CORS by default, which is a critical security risk for production environments (though documentation advises proper configuration). The `eval $(ssh-agent)` command is used in a setup script, which, while common, is a known risk vector if inputs are untrusted.
Updated: 2026-01-19GitHub
30
1
High Cost
Mizstik icon
Sec1

This MCP server retrieves transcripts/subtitles and titles from YouTube videos using yt-dlp.

Setup Requirements

  • ⚠️Requires manual download and placement of the `yt-dlp` executable into the project directory.
  • ⚠️Requires Deno installation (via `winget install deno` on Windows) for `yt-dlp` releases starting 2025-11-12.
Review RequiredView Analysis
CRITICAL: The server uses `child_process.exec` to run `yt-dlp` commands, directly embedding user-provided `video_id` and `lang` parameters into the shell command string without apparent sanitization. This creates a severe command injection vulnerability, allowing an attacker to execute arbitrary shell commands on the server.
Updated: 2025-11-24GitHub
30
1
Low Cost
apollographql icon

mcp-server-template

by apollographql

Sec6

This template provides a starting point for deploying the Apollo MCP Server, enabling schema introspection and structured access to GraphQL operations for AI assistants and tools.

Setup Requirements

  • ⚠️Requires a GraphOS account with `APOLLO_KEY` and `APOLLO_GRAPH_REF`.
  • ⚠️Deployment to production requires reviewing and disabling/securing development-friendly introspection tools to prevent security risks.
  • ⚠️Local development with a local schema requires rebuilding the Docker image for changes to `tools` operations to take effect (no hot-reloading).
Verified SafeView Analysis
The template includes development-friendly defaults that are not production-ready, specifically with introspection tools (Introspect, Search, Validate, Execute) enabled by default. The 'Execute' tool allows arbitrary GraphQL operations against the backend, posing a significant security risk if deployed to production without proper authentication, authorization, and configuration changes. The README explicitly warns about this.
Updated: 2025-12-02GitHub
PreviousPage 207 of 713Next