Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

30
1
Medium Cost
giuliodambrosio icon

mcp-server-trading-212

by giuliodambrosio

Sec8

An MCP server that enables Claude to interact with a 212 Trading account for managing investments, executing trades, and retrieving market data.

Setup Requirements

  • ⚠️Requires Python 3.14 or higher.
  • ⚠️Requires a 212 Trading account with API access enabled.
  • ⚠️Requires Claude Desktop application, with manual configuration including absolute path to main.py and duplicated API credentials in claude_desktop_config.json.
  • ⚠️Strongly recommends an external math tool for Claude to handle numerical data effectively.
Verified SafeView Analysis
The server correctly uses environment variables for API credentials and explicitly advises against committing the .env file. It uses HTTP Basic Authentication, which is standard for the 212 Trading API. No 'eval' or obvious malicious patterns were found. Rate limiting is handled internally by the client.
Updated: 2025-11-24GitHub
30
1
Low Cost
foundry-mcp icon

team05-mcp-server

by foundry-mcp

Sec1

The system provides a unified interface for controlling a Transmission Electron Microscope (TEAM 0.5), including various components like the microscope hardware, a Gatan Digital Micrograph system, a 4D camera, and a Distiller database, through multiple interconnected servers and MCP agents.

Setup Requirements

  • ⚠️Windows OS Required: `gatan_server.py` and `microscope_server.py` explicitly interact with Windows COM objects and specific Windows paths for Gatan Digital Micrograph. The system is designed for a Windows environment.
  • ⚠️Specialized Hardware/Software Dependencies: Requires a TEAM 0.5 Transmission Electron Microscope, Gatan Digital Micrograph, CEOS RPC Gateway, TIA (ESVision) STEM acquisition software, and a 4D Camera for full functionality.
  • ⚠️Environment Variables Required: Critical environment variables (`CAM_HOST`, `CAM_PORT`, `CAM_IP`, `for_vfdaq` for 4D camera, and `API_URL`, `API_KEY_NAME`, `API_KEY` for Distiller) must be configured.
  • ⚠️Multiple Interdependent Services: The full system comprises several servers/agents that must be run on different physical/virtual machines (`microscope_server.py`, `gatan_server.py`, `mcp_library.py`, `mcp_distiller.py`, `mcp_ncempy.py`, `4Dcamera_commands_mcp.py`) for complete operation. The `run_command` provided only starts the main MCP agent for the microscope controller.
Review RequiredView Analysis
CRITICAL: The use of `pickle.loads` on unauthenticated network input in `microscope_server.py` and `gatan_server.py` allows for arbitrary remote code execution (RCE). This is a severe and easily exploitable vulnerability. High Risk: `4Dcamera_commands_mcp.py` uses `paramiko` and `sshpass -e ssh` to connect via SSH using passwords retrieved from environment variables. Passing passwords directly in this manner, even from environment variables, is not a secure practice for robust automation and can expose credentials (e.g., in process lists). Moderate Risk: `subprocess.call` in `gatan_server.py` executes external `.s` scripts. While these scripts are generated from Python templates, insufficient sanitization of input parameters to the template functions could potentially lead to arbitrary command injection and execution on the Gatan PC. Network Exposure: `microscope_server.py` and `gatan_server.py` bind to all network interfaces (`tcp://*:port`), making them accessible from any device on the network. Without stringent firewall rules and network segmentation, this significantly increases the attack surface. Lack of Authentication/Encryption: Communication between servers (ZeroMQ, raw sockets for 4D camera) does not appear to have explicit authentication or encryption layers implemented in the provided code, relying solely on network-level security.
Updated: 2026-01-17GitHub
30
1
Medium Cost
Alienware2000 icon

game-agents

by Alienware2000

Sec9

A sandbox for learning agentic development, where LLM-driven agents interact with game environments via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires GROQ_API_KEY (paid API for Groq LLMs).
  • ⚠️Requires the 'mcp' Python package to be installed.
  • ⚠️Requires Python 3 (specific version not stated, but modern versions are implied).
Verified SafeView Analysis
The server uses the official FastMCP SDK and exposes specific game actions as tools, limiting arbitrary command execution. LLM output parsing includes JSON decoding with error handling, preventing direct code injection via `eval()` or similar dangerous functions. Sensitive API keys are managed via environment variables. The architecture promotes separation of concerns, which enhances security.
Updated: 2025-12-09GitHub
30
1
High Cost
ANcpLua icon

ancplua-mcp

by ANcpLua

Sec8

Provides C#/.NET Model Context Protocol (MCP) servers to expose development tools for filesystem, Git, CI, Roslyn, and multi-AI orchestration workflows.

Setup Requirements

  • ⚠️Requires .NET SDK 10.0.100 or later.
  • ⚠️Many functionalities, especially AI orchestration, require API keys for external services (e.g., Anthropic, Google, OpenAI, Codecov, GitGuardian), which often incur usage costs.
  • ⚠️Some AI integrations (e.g., CodeRabbit, Copilot) involve GitHub App setup beyond simple API keys.
Verified SafeView Analysis
The project demonstrates a strong focus on security, actively addressing vulnerabilities such as code injection and path traversal (fixed in recent changelogs). Secrets are managed via environment variables and are masked in debug outputs. Process execution is hardened against deadlocks and argument injection in `ProcessRunner`. Arbitrary command execution via `CiTools.RunCommandAsync` is documented as a potential risk, requiring careful client usage. Regular security reviews and high test coverage targets (80%) are in place.
Updated: 2026-01-19GitHub
30
1
Medium Cost
eze-godoy icon
Sec9

Integrates Netherlands Railways (NS) train information into AI assistants for route planning, pricing, and real-time departures.

Setup Requirements

  • ⚠️Requires an NS API Key from apiportal.ns.nl, which involves registration and subscription to specific APIs.
  • ⚠️Requires either Docker or a Python 3.11+ environment with `uv` (recommended) or `pip`.
  • ⚠️Needs an MCP-compatible client (e.g., Claude Desktop, custom AI agent framework) for practical use.
Verified SafeView Analysis
The server retrieves `NS_API_KEY` from environment variables, which is a good practice for handling secrets. It uses `httpx` for external API communication, which is a robust HTTP client. The Docker image is configured to run as a non-root user. Error handling in development mode (`ENVIRONMENT=development`) might expose stack traces in the response for unexpected errors, which is a minor information disclosure risk, but is intended for debugging and likely mitigated in production.
Updated: 2026-01-19GitHub
30
1
Low Cost
descoped icon

mcp-pkg-local

by descoped

Sec9

Provides an MCP tool for LLMs to scan, index, and understand local dependency source code in Python and Node.js projects, enabling intelligent code analysis and generation.

Setup Requirements

  • ⚠️Requires Node.js v20.0.0+.
  • ⚠️For Python projects, a Python interpreter (likely 3.8+) and a virtual environment (`.venv`, `venv`) are expected.
  • ⚠️Relevant package managers (e.g., pip, uv, npm, yarn) must be installed and accessible in the system's PATH or within the detected virtual/project environment for the scanner to function correctly.
Verified SafeView Analysis
The server executes system commands via Shell-RPC (e.g., `which`, `pip install`, `uv sync`). Input validation with Zod and tool-specific argument schemas are in place to mitigate arbitrary command injection. The `read-package` tool is explicitly designed as read-only. No hardcoded secrets or direct arbitrary network calls are apparent from the server's code; network interactions are a side-effect of underlying package manager commands which are monitored and controlled by the robust timeout system.
Updated: 2026-01-19GitHub
30
1
High Cost
risboo6909 icon

lit-mcp

by risboo6909

Sec7

Facilitates LLM interaction with the Flibusta book repository by providing tools to search for and retrieve book-related information via web scraping.

Setup Requirements

  • ⚠️Requires Java runtime environment.
  • ⚠️Requires active internet access to `https://flibusta.is`.
  • ⚠️Only supports books in the Russian language.
  • ⚠️The `fbSearch` tool is currently unimplemented and returns an error message.
Verified SafeView Analysis
The project heavily relies on web scraping an external, unauthenticated website (Flibusta.is). This inherently carries risks such as unexpected changes in the website's structure leading to broken parsing, potential ingestion of untrusted external content, and the possibility of triggering rate limits or IP bans if used excessively. The `HttpClient` includes retry logic and limits concurrent requests, which helps manage some of these network risks. No explicit hardcoded credentials, malicious patterns, or dangerous `eval` calls were found in the provided code. Input parameters are URL-encoded before use, which is a good practice for preventing URL injection.
Updated: 2025-11-24GitHub
30
1
Medium Cost
elevateinformatics icon

mcp-server-odoo

by elevateinformatics

Sec9

Enables AI assistants (like Claude) to interact with Odoo ERP systems for data access, record management, and natural language control.

Setup Requirements

  • ⚠️Requires an existing Odoo ERP instance (version 17.0+).
  • ⚠️For secure, production use, the Odoo MCP module (mcp_server) must be installed on your Odoo server.
  • ⚠️The recommended installation method via MCP settings or 'uvx' requires the 'uv' package to be installed first.
  • ⚠️Requires either an Odoo API Key OR an Odoo username and password for authentication.
Verified SafeView Analysis
The project explicitly warns against using 'YOLO Mode' (a development/testing bypass of security) in production environments, which is a strong positive. For production use, it requires a dedicated Odoo MCP module for access control and recommends API key authentication. Input validation is performed using Pydantic and custom error handling, and error messages are sanitized to prevent leakage of sensitive internal details (e.g., file paths, full tracebacks). The use of 'ast.literal_eval' for domain parsing is generally safe. The 'streamable-http' transport allows remote access, requiring careful network configuration, but this is adequately documented.
Updated: 2026-01-19GitHub
30
1
Medium Cost
lesleslie icon

session-mgmt-mcp

by lesleslie

Sec9

Manages comprehensive developer sessions by integrating AI-powered features like conversation memory, code analysis, quality monitoring, agent recommendations, and Git worktree coordination to enhance development workflows.

Setup Requirements

  • ⚠️Requires `uv` for dependency management (recommended: `curl -LsSf https://astral.sh/uv/install.sh | sh`).
  • ⚠️Requires LLM API Keys (e.g., `OPENAI_API_KEY`, `ANTHROPIC_API_KEY`, `GEMINI_API_KEY`) for AI-powered features, which are typically paid services. Alternatively, a local Ollama server can be configured.
  • ⚠️Utilizes `DuckDB` for reflection and knowledge graph databases; requires installation of Python packages which might involve system dependencies (handled by `uv sync`).
  • ⚠️May download large embedding models from HuggingFace Hub during initialization (`Xenova/all-MiniLM-L6-v2`).
  • ⚠️Optional features like application monitoring (`app_monitor.py`) rely on system-specific libraries (`psutil`, `watchdog`).
  • ⚠️Optional serverless storage requires `redis` and/or `boto3`.
Verified SafeView Analysis
The server demonstrates strong security practices: - Subprocess executions (`subprocess.run`, `asyncio.create_subprocess_exec`) explicitly use `shell=False` and validate inputs (e.g., `_validate_git_command`, `_is_safe_branch_name`, `_is_safe_path`) to prevent injection. - SQL queries extensively use parameterized statements (`conn.execute(query, params)`) to mitigate SQL injection risks. - LLM API keys are managed via environment variables and masked in logs/output, preventing hardcoded secrets. - Insecure deserialization (`pickle`, unsafe `yaml.load`) is not evident; `json.loads` is used for controlled data. - Regex patterns used for parsing and analysis, particularly those in `session_buddy/utils/regex_patterns.py`, leverage a `ValidatedPattern` class to prevent ReDoS attacks. - File system operations incorporate path validation to prevent traversal vulnerabilities. - Robust permissions and role-based access control (`SessionPermissionsManager`, `TeamKnowledgeManager`) are implemented for internal operations and team collaboration.
Updated: 2026-01-19GitHub
30
1
High Cost
dynastynodes icon

synapseflow

by dynastynodes

Sec6

The SynapseFlow MCP Server facilitates real-time communication and orchestration between clients (web app, CLI) and a multi-agent AI backend for cross-domain research discovery using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Docker & Docker Compose for database setup (PostgreSQL, Redis, Neo4j).
  • ⚠️Requires a HuggingFace API Key for the backend to access AI models (can incur costs).
  • ⚠️The MCP server depends on a running SynapseFlow backend service (`http://localhost:4000` by default).
Verified SafeView Analysis
Network Risks: The SSE server endpoint `/stream` explicitly sets `Access-Control-Allow-Origin: *` in `sse-server.ts`. This allows any domain to establish an SSE connection, posing a significant CORS vulnerability if sensitive data is streamed or if it allows arbitrary requests to trigger actions. It should ideally be restricted to `config.corsOrigins`. The server also binds to `0.0.0.0` by default, making it publicly accessible if exposed without proper firewall rules. Hardcoded Secrets: No direct hardcoded secrets found within the MCP server's source code. `HUGGINGFACE_API_KEY` is an environmental variable for the *backend* service, not the MCP server itself. Eval/Obfuscation: No use of `eval` or code obfuscation observed.
Updated: 2026-01-19GitHub
30
1
Low Cost
Axyor icon
Sec9

AI-driven, constraint-aware meal planning for families and groups using local LLM models.

Setup Requirements

  • ⚠️Requires MongoDB for data storage.
  • ⚠️Requires Docker for easy setup and database management.
  • ⚠️Requires a GitHub Personal Access Token with `read:packages` scope for private NPM package `@axyor/family-serve-database`.
  • ⚠️Requires Node.js 22.x.
Verified SafeView Analysis
The server demonstrates a strong commitment to security with robust input sanitization (`InputSanitizer`) to prevent prompt injection, XSS, and MongoDB injection, and comprehensive output validation (`OutputValidator`) capable of detecting and masking/blocking PII (emails, phone numbers, SSN, credit card numbers) and large outputs. Sensitive credentials are handled via environment variables, and the default MCP transport is stdio, limiting network exposure. Docker services (MongoDB, Mongo Express) are locally bound by default. The code uses detection patterns to identify and reject potentially malicious input rather than executing it. The only minor reduction from a perfect 10 is the reliance on external `rotating-file-stream` and `pino` (via `@axyor/family-serve-database`) for logging, whose internal mechanisms are not fully exposed in the provided code, though they are standard and generally trustworthy libraries.
Updated: 2026-01-18GitHub
30
1
Medium Cost
kungfusheep icon

hue

by kungfusheep

Sec3

Controls Philips Hue lights and smart home devices via CLI or as a Model Context Protocol (MCP) server for AI agents.

Setup Requirements

  • ⚠️Requires Go 1.21 or later to build the application.
  • ⚠️Requires a Philips Hue Bridge with v2 API support.
  • ⚠️Obtaining the necessary Hue Bridge API username involves a manual process of pressing a physical button on the bridge and then making a specific HTTP POST request to register the application. This is a friction point for initial setup.
  • ⚠️The application explicitly bypasses TLS certificate verification, which could expose local network traffic to eavesdropping or tampering if the local network is compromised.
Review RequiredView Analysis
CRITICAL: The application's HTTP client explicitly sets `InsecureSkipVerify: true` for TLS configurations when connecting to the Hue Bridge. This bypasses all certificate validation, rendering the HTTPS connection vulnerable to Man-in-the-Middle (MITM) attacks. While this might simplify local network setup, it creates a severe security risk that could allow an attacker to intercept or alter communication with the Hue Bridge. This flaw fundamentally undermines the security of data transmitted over the network. Other aspects, such as using environment variables for sensitive keys and internal parsing of commands, demonstrate good practice and mitigate common injection vulnerabilities, but the TLS bypass is a critical vulnerability.
Updated: 2026-01-18GitHub
PreviousPage 225 of 713Next