Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

30
1
Medium Cost
samcorl icon
Sec8

Provides AI agents with searchable access to METRC cannabis compliance documentation across multiple legal states.

Setup Requirements

  • ⚠️Requires external METRC documentation data to be imported (`bin/import`) before the server can function meaningfully. This source data is not included in the repository.
  • ⚠️Requires Ruby and Bundler to be installed locally to run the server and its dependencies.
  • ⚠️Relies on a local SQLite database (`data/metrc.db`) which needs to be populated via the import script.
Verified SafeView Analysis
The server primarily uses parameterized SQL queries and FTS5 for database interactions, which is a strong defense against SQL injection. Input sanitization is performed on search queries before FTS matching. The server sets broad CORS headers (`Access-Control-Allow-Origin: *`), which is acceptable for an AI agent integration but noted. There are no obvious 'eval' or shell command injection vulnerabilities. A minor potential risk could arise from the `get_by_endpoint` function using `LIKE` with user-controlled input (even if normalized), though its practical exploitability is limited in SQLite for this context. The importer script runs offline and reads local files, assuming a trusted source directory.
Updated: 2026-01-19GitHub
30
1
Medium Cost
Ashrokss icon
Sec6

Develop a custom Model Context Protocol (MCP) server and client using the Agno agent framework to integrate custom tools like web search into AI agents.

Setup Requirements

  • ⚠️Requires `GROQ_API_KEY` (for the AI model) and `SERPER_API_KEY` (for web search), which typically come from paid services or have usage limits.
  • ⚠️API keys are configured directly in `config/config.py`. Users must ensure this file is not committed to public repositories to prevent key exposure.
  • ⚠️Python 3.8+ and specified dependencies (`agno`, `anyio`, `httpx`, `nest_asyncio`) are required, installable via `requirements.txt`.
Verified SafeView Analysis
The primary security risk lies in the explicit instruction to directly embed `GROQ_API_KEY` and `SERPER_API_KEY` into `config/config.py`. If this file is committed to a public repository, these sensitive API keys will be exposed. Users must manually ensure this file is not tracked by Git or use a more secure secrets management method. The `mcp_server.py` makes external HTTP requests using `httpx` to the Serper API, handling standard network communication. No `eval` or obfuscation is found. The client directly executes `python mcp_server.py` as a subprocess to start the tool server, which is safe in this controlled context, but generally highlights command execution capabilities.
Updated: 2025-11-28GitHub
30
1
Low Cost
Grayhat76 icon
Sec9

Automates the initial setup of a Claude Code development environment by generating customized configuration files, AI agents, and commands based on user-defined project specifics.

Setup Requirements

  • ⚠️Requires Bash environment (Windows users need Git Bash or WSL).
  • ⚠️Requires Node.js v18+ (v20+ recommended) for Claude Code CLI installation.
  • ⚠️Requires a Claude Pro, Max, Team, Enterprise subscription, or an API key for the Claude Code CLI (paid service).
Verified SafeView Analysis
The core source code provided, `claude-code-jumpstart.sh`, is a Bash script designed for environment setup, not an MCP server. It does not contain `eval`, obfuscation, or direct network operations. It generates configuration files for an AI coding assistant (Claude Code) which itself can interact with various tools, including external MCP servers. The script takes user input to customize generated files, but this input is used to construct static content within configuration files (like `CLAUDE.md`, agent definitions, etc.), not for direct execution as commands within the script itself. The script correctly updates `.gitignore` to keep local `settings.json` and `.env` files private. While the configured AI can utilize powerful tools like `Bash`, the security risks associated with the AI's operation (e.g., generating and executing potentially harmful commands based on user prompts) are inherent to the AI system and user interaction, not vulnerabilities within this setup script.
Updated: 2026-01-19GitHub
30
1
High Cost
luigisaetta icon

mcp-oci-integration

by luigisaetta

Sec8

This server provides a framework for developing and integrating Model Context Protocol (MCP) servers in Python with Oracle Cloud Infrastructure (OCI), enabling AI agents to interact with various OCI services and external tools.

Setup Requirements

  • ⚠️Requires an Oracle Cloud Infrastructure (OCI) account with Generative AI, IAM, Database, Vault, and Usage API permissions.
  • ⚠️Specific tools (Semantic Search, Select AI, OML Predictions) require an Oracle Database (23c/26AI for Vector Store, ADB for Select AI/OML).
  • ⚠️External API keys for services like GitHub (GITHUB_TOKEN) and Brave Search (BRAVE_API_KEY) are necessary for respective MCP servers.
Verified SafeView Analysis
The system demonstrates strong security awareness through explicit JWT token authentication for MCP servers (via OCI IAM or IBM Context Forge), retrieval of client secrets from OCI Vault, and detailed documentation on API Gateway integration for external exposure. SQL injection prevention is implemented in `db_utils.py`, and `mcp_local_fs.py` uses a secure path resolution sandbox. However, the default `ENABLE_JWT_TOKEN=false` in provided Docker run commands and configuration files is a critical vulnerability if deployed without modification, potentially exposing tools without authentication. Proper configuration is essential for secure operation.
Updated: 2026-01-14GitHub
30
1
High Cost
MarkOnFire icon

obsidian-vault-mcp

by MarkOnFire

Sec9

Provides a Model Context Protocol (MCP) server for Claude (Desktop/Code) to read, search, list, and modify notes and attachments in an Obsidian vault, with awareness of PARA methodology and task management features.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires `OBSIDIAN_VAULT_PATH` environment variable set to an existing Obsidian vault (iCloud-synced vaults must be downloaded locally and fully synced)
  • ⚠️Requires an MCP-compatible client (e.g., Claude for Desktop/Code) to function as a tool, as it runs via stdio and not as a standalone web server
Verified SafeView Analysis
The server runs locally via standard I/O (stdio_server), meaning it does not expose any network ports, significantly reducing external attack surface. It employs atomic file write operations (temp file then rename) and includes checks for path traversal ('..') and filename sanitization for new notes and attachments. File types and sizes for attachments are validated against configuration. While it supports write operations, these are features of the tool designed for AI agent control, not vulnerabilities. The potential for risk is primarily contained within the local Obsidian vault and relies on the user's trust in the AI agent's actions.
Updated: 2026-01-18GitHub
30
1
Medium Cost
1sustgmboab icon

nexonco-mcp

by 1sustgmboab

Sec9

An advanced server for accessing and analyzing clinical evidence data to support precision medicine and oncology research, with flexible search options.

Setup Requirements

  • ⚠️Requires 'uv' package manager for Python environment management.
  • ⚠️Python 3.11 or higher is required.
  • ⚠️Docker is recommended for NANDA server setup (Method 1).
  • ⚠️Different transport options ('stdio' for Claude, 'sse' for NANDA) need to be considered when running.
Verified SafeView Analysis
The server uses standard Python libraries (requests, pandas, uvicorn, starlette) and the FastMCP framework. It interacts with the public CIViCdb GraphQL API. No instances of 'eval', obfuscation, or hardcoded sensitive secrets were found in the provided source code. Input parameters for the 'search_clinical_evidence' tool are validated using Pydantic. The overall architecture appears robust and designed with common security practices in mind for its intended functionality. The primary external dependency is CIViCdb, a reputable public database.
Updated: 2026-01-19GitHub
30
1
Medium Cost
noemys-tech icon

Open-MCP

by noemys-tech

Sec3

Provides a Model Context Protocol (MCP) interface for interacting with S3-compatible object storage services like AWS S3 or MinIO, enabling LLMs to list buckets, list objects, download objects, and retrieve object metadata.

Setup Requirements

  • ⚠️Requires Java 21 or higher and Maven.
  • ⚠️Requires access to an S3-compatible object storage server (e.g., MinIO, AWS S3) with valid credentials for tool operations.
  • ⚠️**Critical Security Misalignment**: The server's code (v1.0.1) explicitly lacks OAuth 2.1 authentication and allows anonymous sessions, contradicting its own README, rendering it insecure for production without an external authentication layer.
Review RequiredView Analysis
The `s3-mcp` server, specifically version 1.0.1 (as per its source code and changelog), explicitly *removed OAuth 2.1 authentication*. It automatically creates 'anonymous' sessions for any incoming request if no valid session ID is provided or if no `Authorization` header is present. This is a critical security risk, making the server unsuitable for untrusted environments or direct internet exposure without an external authentication proxy. S3 access keys (`token`) and secret keys (`userToken`) are passed as plaintext arguments within JSON-RPC requests; without an HTTPS proxy, these credentials are vulnerable to interception. The `s3-mcp` README and Docker instructions are outdated, still mentioning OAuth and `JWT_SECRET` configuration, which creates significant confusion and can mislead users into believing authentication is enforced when it is not in this specific `s3-mcp` version.
Updated: 2025-12-02GitHub
30
1
High Cost
ianyimi icon
Sec3

Develop a multi-agent personal knowledge management system within Obsidian, offering semantic search, voice interface, and distributed computing across local devices.

Setup Requirements

  • ⚠️Requires Ollama for local LLM inference and embeddings (e.g., Llama 3.1 70B, nomic-embed-text) necessitating significant RAM/VRAM (e.g., 40GB+ RAM for 70B model).
  • ⚠️Requires a running Qdrant Vector Database instance (locally or on Unraid NAS) for semantic search functionality.
  • ⚠️The full distributed architecture relies on Tailscale VPN for secure inter-device communication and mobile access, which needs to be configured by the user.
Review RequiredView Analysis
The plugin dynamically loads and executes user-provided JavaScript files from the 'mcp-tools' folder using blob URLs and dynamic imports. These dynamically loaded scripts have full access to the Obsidian application (app, vault, workspace) via global window objects, effectively giving arbitrary user-controlled code complete control over the vault and plugin behavior. While a refactoring proposal mentions future sandboxing with `vm2` or `isolated-vm`, the current `main.ts` code does not implement this. This creates a high security risk if untrusted code is placed in the tools folder. Additionally, the planned Python `owui_filesystem_tools.py` with `bash` command execution, if improperly exposed or integrated, represents a severe risk (though it's not directly part of the plugin's `main.ts` dynamic loading). Network exposure is mitigated by default `localhost` binding and planned Tailscale VPN, but misconfiguration could lead to unauthorized access.
Updated: 2025-11-22GitHub
30
1
Low Cost
seanivore icon

claud-grants

by seanivore

Sec7

Facilitates grant application management and development roadmap tracking for a decentralized AI developer knowledge sharing protocol, while outlining its technical implementation.

Setup Requirements

  • ⚠️Requires Solana development environment (Rust, Solana CLI)
  • ⚠️Requires Web3 client-side libraries for interaction
Verified SafeView Analysis
This repository primarily contains documentation and high-level code snippets for a grant application, not the full executable MCP server code. Therefore, it poses no direct security risks from running server-side code from this specific repository. However, the described $CLAUD protocol involves smart contracts, tokenomics, and decentralized systems, which are inherently complex and prone to vulnerabilities. The documentation mentions plans for external security audits and robust measures for the actual protocol implementation (claud-coin), but these cannot be fully validated from the provided truncated source code.
Updated: 2025-11-29GitHub
30
1
Medium Cost
Gitmy3 icon
Sec3

Integrates Wazuh SIEM data with AI assistants (like Claude) using the Model Context Protocol (MCP) for natural language security queries and analysis.

Setup Requirements

  • ⚠️Requires a running Wazuh server (v4.12 recommended) with its API and Indexer (OpenSearch/Elasticsearch) accessible.
  • ⚠️Requires an OpenAI API Key for LLM query functionality, which is a paid service.
  • ⚠️Disables SSL certificate verification (`WAZUH_VERIFY_SSL=false`) by default for Wazuh connections, posing a significant security risk for production environments.
Review RequiredView Analysis
CRITICAL: The server explicitly disables SSL certificate verification for Wazuh API and Indexer connections (`verify=False` and `WAZUH_VERIFY_SSL=false` in various configurations). This makes the connection vulnerable to Man-in-the-Middle (MITM) attacks. Additionally, sensitive credentials for Wazuh API and Indexer are hardcoded in `app/config.py`, making them prone to exposure if the code is committed without proper `.env` override or secure credential management. These are severe security flaws for a system handling security information.
Updated: 2025-12-11GitHub
30
1
High Cost
maximilien icon

weave-mcp

by maximilien

Sec2

Provide a Model Context Protocol (MCP) server for managing and interacting with various vector databases, offering AI-powered tools for schema and chunking suggestions.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for AI features (suggest_schema, suggest_chunking).
  • ⚠️Docker is required for local Weaviate setup and E2E tests.
  • ⚠️The `weave` CLI binary must be installed and in PATH for AI-powered suggestion tools to function.
  • ⚠️Node.js 22.7.5+ and npm are required for the optional MCP Inspector debugging tool.
Review RequiredView Analysis
The `executeCommand` function in `src/pkg/mcp/handlers.go` directly executes shell commands (`sh -c`) constructed with user-provided input (e.g., `source_path`, `requirements`). This poses a significant shell injection vulnerability if input is not rigorously sanitized. Additionally, the Weaviate client (`src/pkg/weaviate/weave_client.go`) constructs GraphQL queries using string formatting with user-provided filters (e.g., `valueString: "*filename\": \"%s\"*"`), which could lead to GraphQL injection if the input is not adequately escaped. Default CORS configuration allowing `*` is flexible but can be a security risk if not properly restricted in production environments.
Updated: 2026-01-16GitHub
30
1
Medium Cost

Cernji-Agents

by TerraCo89

Sec8

Centralized error analysis and automated issue creation by processing alerts from observability systems (like Kibana/Elasticsearch) and triggering workflows (e.g., in N8N or Linear). It acts as a Model Context Protocol (MCP) server exposing tools for these operations.

Setup Requirements

  • ⚠️Requires `uv` (Python package manager) to run.
  • ⚠️Requires an active ELK (Elasticsearch, Kibana) stack for log aggregation and alerting.
  • ⚠️Requires Docker for running the ELK stack and potentially N8N.
  • ⚠️Requires N8N for workflow orchestration if `trigger_n8n_workflow` tool is used.
  • ⚠️Requires `FASTMCP_API_TOKEN` environment variable for MCP server authentication.
  • ⚠️Requires `LINEAR_API_KEY` and `LINEAR_ORG_ID` environment variables for Linear API integration.
  • ⚠️Requires `ELASTICSEARCH_URL` environment variable to connect to Elasticsearch.
  • ⚠️Requires `ANTHROPIC_API_KEY` (or `OPENAI_API_KEY`) and `MODEL_NAME` environment variables for LLM-driven analysis in the associated `trigger_error_analysis.py` script.
Verified SafeView Analysis
The server uses environment variables for API keys and authentication tokens, which is a good practice. It implements an authentication middleware using `FASTMCP_API_TOKEN` for incoming requests. External HTTP requests are made using `httpx` with JSON payloads. No direct `eval()` or unsanitized shell command execution is observed. Potential risks include LLM prompt injection (if LLMs are used via `trigger_error_analysis.py`) and misconfiguration of sensitive environment variables.
Updated: 2025-11-27GitHub
PreviousPage 218 of 713Next