Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

30
1
Medium Cost
TocharianOU icon
Sec7

Provides an AI-enabled interface to Elasticsearch for security analysis, threat detection, and incident investigation.

Setup Requirements

  • ⚠️Requires a valid Elasticsearch license (trial, platinum, or enterprise).
  • ⚠️Requires Elasticsearch authentication credentials (ES_API_KEY or ES_USERNAME/ES_PASSWORD) via environment variables.
  • ⚠️Requires Node.js version 18 or higher.
Verified SafeView Analysis
The `execute_es_api` tool allows direct execution of any Elasticsearch API endpoint, which is powerful and could be misused if the MCP server or its client is compromised. Users are explicitly warned to use dedicated API keys with limited scope. The `NODE_TLS_REJECT_UNAUTHORIZED=0` option for SSL/TLS is clearly marked as unsafe for production and should only be used in development/testing. No `eval` or obvious malicious patterns were found in the provided source code, indicating generally clean implementation of its intended functionality, but the raw power of some tools necessitates careful deployment and credential management.
Updated: 2026-01-19GitHub
30
1
Low Cost
codeactual icon
Sec9

Integrate OpenTelemetry tracing into FastMCP servers to propagate client trace context and generate server-side spans for tool invocations.

Setup Requirements

  • ⚠️Requires FastMCP 2.13.1+ (specifically the `request_context.meta` API).
  • ⚠️Requires Python 3.12+ for proper type annotation support.
  • ⚠️Requires OpenTelemetry API and SDK to be installed (`opentelemetry-api>=1.0.0`, `opentelemetry-sdk>=1.0.0`).
Verified SafeView Analysis
The middleware primarily focuses on OpenTelemetry instrumentation and context propagation. It reads tracing headers from the `_meta` field and attaches attributes to spans. No direct code execution from user input or hardcoded secrets were identified. Debug logging can expose trace IDs/span IDs if enabled in a production environment, but this is a debug feature. Overall, it appears very safe as a library.
Updated: 2025-12-02GitHub
30
1
Medium Cost
gtonic icon

nfl_mcp

by gtonic

Sec9

A FastMCP server for comprehensive NFL fantasy football management, including health monitoring, web content extraction, NFL news, team data, advanced fantasy intelligence, and league management, optimized for AI/LLM integration.

Setup Requirements

  • ⚠️Requires Python 3.9+.
  • ⚠️Requires ODDS_API_KEY environment variable for full Vegas Lines functionality.
  • ⚠️Initial database setup (SQLite: nfl_data.db) will occur on first run.
  • ⚠️Heavy reliance on external APIs (ESPN, Sleeper, CBS Sports, Odds API) which may have rate limits, require API keys, or change their structure.
Verified SafeView Analysis
Robust input validation and content sanitization are implemented, protecting against SQL/XSS/command injection, path traversal, and dangerous URLs. Uses environment variables for API keys and explicitly states no arbitrary code execution. Web crawling sanitizes content aggressively by removing scripts, styles, and structural HTML elements. SQL queries use parameterized statements. Circuit breakers and rate limiting are implemented for robustness and abuse prevention.
Updated: 2025-11-25GitHub
30
1
Low Cost
bucketeer-io icon

bucketeer-mcp

by bucketeer-io

Sec9

Manage Bucketeer feature flags programmatically via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️A Bucketeer instance with API access is necessary.
  • ⚠️An API key with appropriate permissions (READ, WRITE, or ADMIN) for Bucketeer is required. This key must be securely provided via environment variables.
  • ⚠️The environment ID must be provided either via the BUCKETEER_ENVIRONMENT_ID environment variable or as a parameter to each tool call.
Verified SafeView Analysis
The server securely handles Bucketeer API interactions using environment variables for sensitive credentials (BUCKETEER_API_KEY). It utilizes `axios` for HTTP requests, which is a standard and secure library. Input validation is performed using `zod`. No 'eval' or obvious obfuscation is present. All logging is directed to `console.error` to avoid stdout conflicts, which is a good practice for stdio-based servers. The primary security consideration for users is the secure management of their `BUCKETEER_API_KEY` environment variable.
Updated: 2026-01-15GitHub
30
1
High Cost
duncanchiu409 icon

mcp-obsidian-sse

by duncanchiu409

Sec6

This server provides a Server-Sent Events (SSE) endpoint to expose programmatic access to an Obsidian vault, enabling integration with automation tools like n8n or AI agents via the MCP framework.

Setup Requirements

  • ⚠️Requires `OBSIDIAN_API_KEY` environment variable to be set.
  • ⚠️Requires the [Obsidian API](https://github.com/obsidianmd/obsidian-api) plugin to be installed and configured in your Obsidian vault.
  • ⚠️Requires Python 3.12.4 or newer.
Review RequiredView Analysis
The `Obsidian` class defaults `verify_ssl` to `False` if not explicitly set by environment variables (OBSIDIAN_API_URL/OBSIDIAN_URL). This disables SSL certificate verification for requests to the Obsidian API, making the connection vulnerable to Man-in-the-Middle (MITM) attacks if not overridden to `True` in a production environment. User inputs for filepaths, queries, and content are passed to the Obsidian API, relying on the API itself for sanitization. The `OBSIDIAN_API_KEY` is correctly loaded from environment variables, preventing hardcoded secrets.
Updated: 2025-12-02GitHub
30
1
Medium Cost
danielsimonjr icon

deepthinking-mcp

by danielsimonjr

Sec9

A comprehensive Model Context Protocol (MCP) server offering 34 specialized reasoning modes for complex problem-solving, analysis, and decision-making, including historical and meta-reasoning.

Setup Requirements

  • ⚠️Requires an MCP-compatible client to interact with the server.
  • ⚠️Performance depends on the complexity of reasoning modes invoked (e.g., multi-mode analysis runs 2-10 modes in parallel).
  • ⚠️Session data is stored on the local filesystem by default, which may impact performance or security if not configured properly.
Verified SafeView Analysis
The codebase demonstrates strong attention to security with explicit mentions of 'Enterprise Security', 'Input validation (Zod)', 'path sanitization', and 'PII redaction' in the README. Code analysis reveals the use of robust file-locking mechanisms for session storage (`src/utils/file-lock.ts`) and Zod schemas for input validation (`src/tools/schemas/`). There are no evident signs of 'eval', unhandled `child_process` calls, or hardcoded secrets in the provided snippets. The in-memory search and in-memory caching components further reduce external attack surface. Overall, it appears well-architected for security within its operational scope.
Updated: 2026-01-19GitHub
30
1
Medium Cost
Hymieincorrupt440 icon

Ideate

by Hymieincorrupt440

Sec2

A collaborative web application for real-time idea formation and sharing.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Requires `pnpm` as the package manager (`pnpm@9.0.0`).
  • ⚠️Requires a PostgreSQL database with the `DATABASE_URL` environment variable configured for Prisma.
  • ⚠️The client uses a hardcoded token '123abcd' for WebSocket connection, which is a severe security flaw for authentication.
Review RequiredView Analysis
The server has critical security vulnerabilities. A hardcoded token '123abcd' in `apps/ws-backend/src/index.ts` allows any client using this token to impersonate a specific user ('32cc98f7-172c-4ed6-a4a1-2e9605ce8f71'), effectively creating a backdoor for unauthorized access. The `JWT_SECRET` in `@repo/backend-common/src/index.ts` has a weak default fallback ('randomPhoenixSecret'), making JWTs easily forgeable if the environment variable is not explicitly set in production. Additionally, the `/api/v1/room/chat/:slug` endpoint in `apps/http-backend/src/routes/room.route.ts` is not protected by authentication middleware, allowing unauthenticated access to room details and chat history by anyone who knows a room's slug. There is also no explicit message validation for WebSocket chat messages and rate limiting is noted as a TODO, which could lead to abuse.
Updated: 2026-01-19GitHub
30
1
Medium Cost
AlBa231 icon

test-mcp-server

by AlBa231

Sec8

A .NET Core web API application designed for deployment on AWS, integrating with AWS Lambda for serverless functions and Keycloak for authentication.

Setup Requirements

  • ⚠️AWS account and configured credentials are required for deployment to AWS Lambda or ECS Fargate.
  • ⚠️Docker is required for local development using the container profile and for deploying Keycloak.
  • ⚠️Requires building and pushing Docker images to an Amazon ECR repository for ECS Fargate deployment.
  • ⚠️The Keycloak setup script requires `keycloak_admin_username`, `keycloak_admin_password`, and `cloudfront_domain` to be provided as environment variables.
Verified SafeView Analysis
The `AllowedHosts: "*"` setting in `appsettings.json` might be a concern in some deployments if not properly mitigated by upstream proxies or load balancers. Keycloak admin credentials are passed via environment variables during provisioning, which is a good practice.
Updated: 2026-01-15GitHub
30
1
Medium Cost
ziv-daniel icon

node-red-mcp

by ziv-daniel

Sec9

Integrates AI agents with Node-RED for real-time flow management, monitoring, and dynamic automation.

Setup Requirements

  • ⚠️Requires Node.js 22+ and Yarn 4.x (via Corepack).
  • ⚠️Requires a running Node-RED instance (local or remote) to connect to.
  • ⚠️For Claude Desktop integration, specific configuration in `claude_desktop_config.json` is necessary.
Verified SafeView Analysis
The server employs robust security measures including Zod for comprehensive input validation, Helmet.js for security headers, CORS configuration, and rate limiting. Authentication supports JWT and API keys, with flexible (and optionally less strict) modes for Claude.ai integration, which is clearly documented. Hardcoded development secrets are present but are identified in the entrypoint script and configuration validation for production environments, prompting users to change them. No 'eval' or obfuscation found. Running as root is explicitly warned against.
Updated: 2026-01-19GitHub
30
1
Medium Cost
Vijay-Duke icon

mcp-gitlab

by Vijay-Duke

Sec9

An MCP server that enables LLMs to interact with GitLab repositories, manage merge requests, issues, and perform various Git operations.

Setup Requirements

  • ⚠️Requires either GITLAB_PRIVATE_TOKEN or GITLAB_OAUTH_TOKEN environment variable for authentication with appropriate scopes (api, read_repository, write_repository).
  • ⚠️Requires Python 3.10 or newer.
  • ⚠️Requires the 'mcp' Python package to be installed (or use 'uvx' for zero-install).
Verified SafeView Analysis
The server demonstrates strong security practices: - Robust input validation (e.g., `validate_project_path`, `validate_file_path`) prevents common injection attacks and path traversal. - Output sanitization (`sanitize_output`) explicitly redacts GitLab tokens (e.g., `glpat-`) from responses. - Log messages are sanitized (`sanitize_log_message`) to prevent log injection. - The `download_job_artifact` tool explicitly returns artifact metadata rather than the file content itself, preventing unauthorized data exfiltration through the LLM. - Authentication tokens (`GITLAB_PRIVATE_TOKEN`, `GITLAB_OAUTH_TOKEN`) are correctly loaded from environment variables, avoiding hardcoding. - The `GitDetector` accesses local `.git` files, which, while standard for Git, could be a low-risk vector if arbitrary paths were accepted without proper context from an LLM. However, path inputs are sanitized, mitigating this risk significantly.
Updated: 2026-01-19GitHub
30
1
Medium Cost
nasuni-labs icon
Sec7

Integrate Claude AI with Nasuni Management Center (NMC) to manage infrastructure, monitor health, and generate custom reports.

Setup Requirements

  • ⚠️Requires Python 3.11+ to run.
  • ⚠️Requires the Claude Desktop Client for local deployment and interaction.
  • ⚠️NMC API access requires a user with 'Enable NMC API Access' permission; SSO accounts are not supported.
  • ⚠️API connections default to `VERIFY_SSL=false`, which should be set to `true` for production or public-facing NMC instances if valid SSL certificates are used.
Verified SafeView Analysis
The server uses `python-dotenv` for secure handling of API credentials via a `.env` file, which is good practice. However, `VERIFY_SSL` defaults to `false` in the configuration, potentially allowing insecure connections to NMC if not explicitly set to `true` and understood by the user. While convenient for internal servers with self-signed certificates, this default poses a security risk for public-facing NMC instances. No obvious `eval` or direct code execution from untrusted inputs were identified in the core server logic; dynamic imports for testing in `installer.py` are less critical in a local setup.
Updated: 2026-01-19GitHub
30
1
Medium Cost
eeeeeeeason icon

backup_mcp

by eeeeeeeason

Sec1

Facilitates AI large models to efficiently interact with SpinQ's quantum computing hardware resources by acting as a Micro-Controller Platform (MCP) server for Quantum Assembly (QASM) circuit submission.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher. Conda is recommended for environment management, and installer scripts are provided for Windows and macOS.
  • ⚠️Requires an active internet connection to download Python dependencies via `pip` and to connect to the external SpinQ Cloud platform (cloud.spinq.cn:6060).
  • ⚠️Requires a registered SpinQ Cloud account, a configured SSH public key on the local machine, and the `PRIVATEKEYPATH` and `SPINQCLOUDUSERNAME` environment variables explicitly set for authentication.
Review RequiredView Analysis
CRITICAL: The system uses `eval()` on parsed QASM expression strings, specifically within `spinqit_task_manager/compiler/qasm/Qasm2EventListener.py` (`eval(pexp)` and `eval(lexp)`). If the input `qasm_str` is not strictly validated and sanitized, a malicious QASM input could embed arbitrary Python code, leading to severe remote code execution (RCE) vulnerabilities. For example, injecting `__import__('os').system('malicious_command')` into a QASM parameter could be executed. Additionally, sensitive `PRIVATEKEYPATH` (SSH private key) and `SPINQCLOUDUSERNAME` are read from environment variables for cryptographic signing and cloud authentication, which requires robust secure environment management.
Updated: 2025-12-14GitHub
PreviousPage 211 of 713Next