Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

30
1
Medium Cost
kuc-arc-f icon

mcp_server_2ex

by kuc-arc-f

Sec2

This server acts as a Next.js application providing a Remote Procedure Call (RPC) interface for Retrieval Augmented Generation (RAG) search using PostgreSQL with pgvector for vector storage and Google Generative AI for language model inference.

Setup Requirements

  • ⚠️Requires PostgreSQL with pgvector extension running.
  • ⚠️Requires Google API Key (Paid service).
  • ⚠️Weak default database credentials (`PG_PASSWORD=admin`) in environment variable examples.
  • ⚠️The /api/mcp endpoint lacks any authorization, making it publicly accessible.
Review RequiredView Analysis
The primary API endpoint (`/api/mcp`) lacks an authorization mechanism, making it openly accessible to anyone on the network. The provided `.env` example suggests weak default database credentials (`PG_PASSWORD=admin`), which pose a significant security risk if used in production.
Updated: 2026-01-10GitHub
30
1
Low Cost
eduoncode icon

mcp_server

by eduoncode

Sec8

This server implements the Model Context Protocol (MCP) to expose developer-defined tools as a HTTP API, specifically demonstrating a task creation tool.

Setup Requirements

  • ⚠️Requires environment variables (e.g., PORT) to be set via .env file or system environment.
  • ⚠️Requires a TypeScript build step (`tsc`) before running in production, or `tsx` for development.
Verified SafeView Analysis
The server uses the `@modelcontextprotocol/sdk` to implement an MCP server over HTTP. It utilizes `dotenv` for environment variable loading (e.g., PORT), which is good practice for configuration. The exposed `create_task` tool, as defined, is simple and primarily logs input and returns a formatted string, posing no direct security risks like command injection or unauthorized file access. No `eval` or similar dangerous patterns are directly visible in the provided source code. Security largely depends on the robustness of the underlying `@modelcontextprotocol/sdk` and proper environment configuration.
Updated: 2025-12-02GitHub
30
1
Medium Cost
23prime icon
Sec9

Accesses and analyzes OEIS (Online Encyclopedia of Integer Sequences) data via the Model Context Protocol.

Setup Requirements

  • ⚠️Docker is recommended for easy deployment.
  • ⚠️Development requires Taskfile and mise.
Verified SafeView Analysis
The server binds to "0.0.0.0" by default, which is common for containerized applications but requires appropriate network configuration (e.g., firewalling) in production. It makes external HTTP GET requests to "https://oeis.org" to fetch data; reliance on external services always carries a minor inherent risk if the external service is compromised or behaves maliciously, though the data processing within this server appears robust, using typed structures and JSON serialization.
Updated: 2026-01-16GitHub
30
5
High Cost
docentovich icon

chrometools-mcp

by docentovich

Sec3

MCP server for browser automation, web scraping, and UI testing using Puppeteer, enhanced with AI-powered element finding, page analysis, visual UI recording, and Figma design-to-code validation.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️For GUI mode in Windows Subsystem for Linux (WSL), it requires VcXsrv Windows X Server on Windows with 'Disable access control' enabled, and the `DISPLAY` environment variable configured to the Windows host IP (e.g., `DISPLAY=172.25.96.1:0`).
  • ⚠️Figma-related tools require a Figma Personal Access Token, preferably set via the `FIGMA_TOKEN` environment variable.
Review RequiredView Analysis
The server includes an `executeScript` tool that uses `eval()` to execute arbitrary JavaScript code provided by the user (or AI agent) directly in the browser's context. Similarly, `new Function()` is used in `evaluateCustomCondition` within the recorder. This capability, while central to browser automation, represents a significant security risk if the input is not from a fully trusted source, potentially allowing for cross-site scripting (XSS), data exfiltration, or other malicious actions if the MCP client or its input is compromised. There are no obvious hardcoded secrets beyond configuration keywords, and API tokens are managed via environment variables.
Updated: 2026-01-05GitHub
30
1
High Cost
janisz icon

sejm-mcp

by janisz

Sec9

Serves as a Model Context Protocol (MCP) server providing AI assistants with access to real-time Polish parliamentary data (Sejm API) and legal documents (European Legislation Identifier - ELI API).

Setup Requirements

  • ⚠️Requires Go 1.21+ for building from source (development setup).
  • ⚠️Relies on external Polish government APIs (api.sejm.gov.pl) for all data, requiring active internet connectivity.
  • ⚠️Docker is the recommended deployment method, adding a dependency on Docker runtime.
Verified SafeView Analysis
The codebase is clean, uses standard and well-vetted Go libraries, and performs robust input validation and error handling for external API calls. No instances of 'eval' or similar dynamic code execution functions were found. No hardcoded sensitive secrets are present. The external API endpoints it consumes are public. PDF parsing is handled by the `gen2brain/go-fitz` library, a common choice for such tasks.
Updated: 2026-01-12GitHub
30
1
Low Cost
tbrandenburg icon

acp-inspector

by tbrandenburg

Sec9

A visual testing and debugging tool for Agent Client Protocol (ACP) servers and agents.

Setup Requirements

  • ⚠️Requires Node.js >=18.0.0
  • ⚠️Project is in early, active development; features are incomplete and subject to change.
Verified SafeView Analysis
The provided source code is minimal and acts as a placeholder. It does not contain any 'eval', obfuscation, hardcoded secrets, or directly malicious patterns. The `index.js` merely logs a message and exports a version number, posing no immediate security risk. However, the project is under active development and plans include a web-based UI and a proxy server architecture. These future components will require careful implementation to mitigate standard web application and network security risks.
Updated: 2026-01-17GitHub
30
2
Medium Cost
domdomegg icon

shell-exec-mcp

by domdomegg

Sec1

Provides a Model Context Protocol (MCP) server for executing arbitrary bash commands, supporting both foreground execution with timeouts and background job management.

Setup Requirements

  • ⚠️Requires Node.js to be installed on the host system.
  • ⚠️Commands are executed with the privileges of the Node.js process running the MCP server, posing a significant privilege escalation risk if exposed to untrusted input or run with elevated permissions.
  • ⚠️Long-running or resource-intensive bash commands can consume significant CPU, memory, or I/O on the host, potentially impacting system stability or other processes.
Review RequiredView Analysis
The primary function of this server is to execute arbitrary bash commands via `node:child_process.spawn`. If the server is exposed to untrusted input, it presents an extremely high security risk, as an attacker could execute any command on the host system, including deleting files, accessing sensitive information, or installing malicious software. The HTTP transport option further amplifies this risk by making it network-accessible. This server is designed to perform highly privileged operations; its security depends entirely on the caller's trustworthiness and stringent input validation *before* calling this server, not on the server's internal mechanisms.
Updated: 2026-01-07GitHub
30
1
High Cost
docer1990 icon

visiontest

by docer1990

Sec9

Serves as an MCP (Model Context Protocol) server to enable LLMs and AI agents to interact with and automate native mobile applications on Android devices and iOS simulators.

Setup Requirements

  • ⚠️Requires JDK 17+ and Kotlin 2.1+ for the MCP server.
  • ⚠️Full Android functionality requires Android Platform Tools (ADB) in PATH and Android SDK for building the Automation Server APKs.
  • ⚠️iOS simulator support requires Xcode Command Line Tools (macOS only).
  • ⚠️Automation server requires manual installation of two APKs (main and test) on the Android device, with USB Debugging enabled (min SDK 21, target SDK 34).
Verified SafeView Analysis
The server demonstrates robust security practices, especially in command execution. It uses allowlists for ADB subcommands and strong regular expressions (`DANGEROUS_SHELL_CHARS`) to validate user-provided arguments, preventing shell injection. Android's automation server runs via instrumentation, isolated on the device, and requires explicit `adb forward` for host communication. JSON parameter serialization for the automation client is handled by Gson, mitigating JSON injection risks. No hardcoded secrets or malicious patterns were detected. Reflection is used for advanced UI hierarchy dumping, which is a common, well-justified technique in mobile automation tools (like Maestro) but inherently carries a minor risk of breaking with future Android versions.
Updated: 2026-01-16GitHub
30
1
Medium Cost
dgwoOstjfn icon
Sec8

Enables AI assistants to programmatically interact with Siemens TIA Portal projects, facilitating tasks such as opening projects, reading/writing PLC blocks, compiling code, and managing PLC tags and User-Defined Types (UDTs).

Setup Requirements

  • ⚠️Requires Windows operating system to run TIA Portal and its COM-based Openness API.
  • ⚠️TIA Portal (V15.1, V16, V17, V18, V19, or V20) must be installed and have the TIA Openness API enabled, which requires an appropriate license.
  • ⚠️Python 3.9 or higher is required, with Python 3.11 recommended.
  • ⚠️Installation of .NET Framework might be necessary to resolve `pythonnet` dependency issues.
Verified SafeView Analysis
The server explicitly states it runs locally only, eliminating external network attack vectors for the server itself. It includes input sanitization for file paths and block names, and uses secure temporary file creation methods (e.g., `tempfile.mkdtemp`). Logs are correctly routed to `stderr` to avoid interfering with the MCP protocol output. However, the system relies on the Siemens TIA Portal Openness API, which is a Windows COM-based API. This introduces an inherent, external attack surface associated with TIA Portal itself and its necessary permissions (often administrative), which is beyond the direct control of this Python code. No explicit 'eval' or hardcoded sensitive credentials were found in the provided source.
Updated: 2025-12-14GitHub
30
1
Low Cost
bautiroalt icon

MCP-Server

by bautiroalt

Sec3

A unified server for managing Model Context Protocols, integrating AI analytics (META-MINDS), file operations, real-time streaming, and monitoring with an admin panel and advanced security features.

Setup Requirements

  • ⚠️Requires Python 3.8+ and Node.js 16+.
  • ⚠️MongoDB and Redis are optional but required for full Docker deployment and persistence features.
  • ⚠️Requires environment variables (e.g., JWT_SECRET_KEY, API_KEY, database credentials) to be configured via a `.env` file or system environment.
  • ⚠️Default admin credentials 'Jatin23K' / '#JK2025sy#' are present in 'backend/data/users/users.json' and should be changed immediately.
Review RequiredView Analysis
The server has critical security risks related to file system interaction. The MCP Tools (`read_file`, `write_file`, `list_directory`, `search_files`) and File Management API endpoints (`/files/{file_path:path}`) directly use user-provided paths without sufficient validation against directory traversal attacks (e.g., `../`). This could allow unauthorized access, modification, or deletion of arbitrary files outside intended data directories. Additionally, default admin credentials (`Jatin23K`, `#JK2025sy#`) are hardcoded in `backend/data/users/users.json`, which is a common vulnerability if not changed. The broad CORS policy (`Access-Control-Allow-Origin: *`) configured for development in `firebase.json` and potentially in `main.py` poses a risk if not restricted for production APIs. While some security measures like JWT authentication, bcrypt, rate limiting, and input sanitization methods are present in `security_manager.py`, their application is not consistently demonstrated or robust enough to mitigate direct file system access vulnerabilities.
Updated: 2026-01-19GitHub
30
1
Medium Cost
aplaceforallmystuff icon

mcp-pickaxe

by aplaceforallmystuff

Sec9

Connects AI assistants to the Pickaxe platform for managing AI agents, knowledge bases, users, and analytics via natural language.

Setup Requirements

  • ⚠️Requires Node.js 18+.
  • ⚠️Requires a Pickaxe.co account with API access and at least one Pickaxe Studio API key.
  • ⚠️Configuration involves manually editing a JSON configuration file for your MCP client (e.g., Claude Desktop/Code) to specify the server command and set environment variables for Pickaxe API keys.
Verified SafeView Analysis
The server operates using the Model Context Protocol (MCP) with StdioServerTransport, meaning it communicates via standard input/output as a child process, rather than exposing network ports directly, significantly reducing the external attack surface. API keys are correctly handled via environment variables, preventing hardcoding. Input schemas for tools provide basic validation. The code does not use 'eval' or other highly dynamic/dangerous functions. Error handling for API calls is present. No immediate critical vulnerabilities are apparent in the provided source.
Updated: 2026-01-16GitHub
30
1
Low Cost
Frank4112 icon
Sec9

Provides a token-efficient interface to Large Language Models (LLMs) by serving domain-specific language commands and documentation from a Notion knowledge base.

Setup Requirements

  • ⚠️Requires a Notion account with API access and a Notion API_TOKEN environment variable.
  • ⚠️The Notion database ID (COMPTEXT_DATABASE_ID) must be configured, though a default is provided.
  • ⚠️For MCP client integration, specific client configurations (e.g., Claude Desktop, Cursor) are required.
Verified SafeView Analysis
The server demonstrates strong security practices including comprehensive input validation and output sanitization to prevent common injection attacks. Secrets (Notion API token) are correctly handled via environment variables. Rate limiting is implemented on all REST API endpoints to mitigate DoS attacks. Dependencies are explicitly managed and updated for known vulnerabilities. Docker builds follow security best practices like using non-root users. The main security considerations are the default permissive CORS setting and the lack of API key authentication for the public REST API, both of which are clearly documented as needing hardening for production deployments. No 'eval' or malicious patterns were identified in the provided source code.
Updated: 2026-01-19GitHub
PreviousPage 216 of 713Next