Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

26
2
Medium Cost
getjotsu icon

mcp-servers

by getjotsu

Sec9

Provides current weather conditions and forecasts from the Open-Meteo API for a given geographical location.

Setup Requirements

  • ⚠️Python 3.12+ is required.
  • ⚠️Open-Meteo API is free for non-commercial use, but requires a license for commercial applications.
  • ⚠️Cloudflare Worker deployment requires `wrangler` CLI and specific build steps (e.g., `uv venv`, `uv pip install .`, `npx wrangler dev`).
Verified SafeView Analysis
The server uses `httpx` for external API calls, which are constructed using f-strings with type-hinted float inputs (latitude, longitude), mitigating URL injection risks. No direct usage of `eval` or similar dangerous functions was found. `USER_AGENT` is hardcoded. Sensitive API keys are not required by this specific server as Open-Meteo is free for non-commercial use. The `MockHttpxAsyncClient` in `worker.py` is an adaptation for Cloudflare Workers and appears benign. Overall, the code seems well-structured and follows good security practices for its purpose.
Updated: 2025-11-19GitHub
25
16
Low Cost
4R9UN icon
Sec9

An AI-powered MCP server that facilitates KQL query execution against Azure Data Explorer through natural language conversion, intelligent schema discovery, and RAG-enhanced context.

Setup Requirements

  • ⚠️Requires Azure CLI to be installed and pre-authenticated (`az login`).
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Access to an Azure Data Explorer cluster is needed for full functionality.
Verified SafeView Analysis
The server implements robust security measures by relying on Azure CLI for authentication, avoiding hardcoded credentials, and providing strong input validation and bracketing for KQL queries (especially for NL2KQL conversion). This significantly mitigates KQL injection risks. Direct KQL execution, like most query tools, assumes the input KQL is from a trusted source. No 'eval' or obvious obfuscation patterns were detected. Local schema caching uses SQLite in the user profile directory, which has local file system security implications.
Updated: 2025-12-28GitHub
25
1
Low Cost
fern-api icon
Sec8

This server acts as a Model Context Protocol (MCP) tool to facilitate interactions with MongoDB AI for answering database-related questions and to check local MongoDB daemon versions.

Setup Requirements

  • ⚠️Requires MongoDB daemon (`mongod`) to be installed and accessible on the host machine for the `check_mongod__version` tool to function.
Verified SafeView Analysis
The server uses `child_process.exec` to run `mongod --version`. While the command is hardcoded and safe in this specific implementation, using `exec` can be a security risk if user input were to influence the command string. The server also acts as a proxy to an external MongoDB AI service (`https://knowledge.mongodb.com`), meaning its security is partly dependent on the upstream service. No direct hardcoded secrets or obvious malicious patterns were found in the provided source code. The `message` payload to the external API is JSON stringified, which helps prevent direct injection on the client side.
Updated: 2025-11-20GitHub
25
28
High Cost
aws-solutions-library-samples icon

guidance-for-vibe-coding-with-aws-mcp-servers

by aws-solutions-library-samples

Sec8

Building AI-powered development workflows for a hotel booking agent using Amazon Bedrock AgentCore and AWS Model Context Protocol (MCP) Servers, demonstrating 'vibe coding' techniques in an interactive workshop format.

Setup Requirements

  • ⚠️Requires Node.js v20.18.1+ and pnpm for development and documentation.
  • ⚠️Requires Python (with uv), AWS CLI, AWS CDK CLI, Docker, and Graphviz for self-deployment.
  • ⚠️At least one AI Assistant tool (Amazon Q Developer, Cline, Kiro) is required for workshop activities.
  • ⚠️Docker users may need to explicitly enable ARM64 emulation for AgentCore container images (`docker run --privileged --rm tonistiigi/binfmt --install all`).
Verified SafeView Analysis
The project's `open-vite-access.sh` script modifies AWS Security Groups to open port 5173 to a user-provided IP address and CloudFront. This script requires broad EC2 and Security Group modification permissions for the AWS CLI, which could be a risk if the environment is compromised or the script is misused. However, it's intended for legitimate workshop setup. Secrets such as API keys and Cognito credentials are securely managed through AWS Parameter Store and Secrets Manager, which is a good practice. Python code includes `uvx bandit -ll` for static analysis, and no direct `eval` or obvious code injection vulnerabilities were found in the provided snippets. The project is safe to run assuming the user understands and controls the AWS permissions granted for deployment and setup.
Updated: 2025-12-18GitHub
25
1
Medium Cost
develooper1994 icon

tefas_scraper

by develooper1994

Sec3

This MCP Server allows users to scrape and analyze fund data from the TEFAS (Turkey Electronic Fund Distribution Platform) through a Model Context Protocol integration with Gemini CLI, or via a standalone command-line interface.

Setup Requirements

  • ⚠️Requires Python 3.x and pip to install dependencies.
  • ⚠️Expects a Python virtual environment to be set up in the repository root.
  • ⚠️Requires Gemini CLI to be installed for extension usage.
  • ⚠️The application bypasses SSL/TLS certificate verification for all HTTPS requests, which is a significant security risk.
Review RequiredView Analysis
The `mcp_server.py` explicitly disables SSL/TLS certificate verification by setting `verify=False` in its `_make_request` method. This makes the application vulnerable to Man-in-the-Middle (MITM) attacks, as it will connect to servers without validating their identity. This is a critical security vulnerability for any application handling network requests, especially to financial data sources.
Updated: 2025-11-19GitHub
25
27
Low Cost
jovaneyck icon

fsi-mcp-server

by jovaneyck

Sec5

Provides a Model Context Protocol (MCP) server wrapper for F# Interactive (FSI) to enable AI-assisted development workflows with programmatic access to FSI sessions.

Setup Requirements

  • ⚠️Requires .NET 6.0 or later installed.
  • ⚠️Requires F# Interactive (`dotnet fsi`) to be available in the system's PATH.
  • ⚠️Explicitly labelled as 'not yet ready for production/enterprise use' by the developers, indicating it's a proof-of-concept.
Verified SafeView Analysis
The server is explicitly a 'technical proof-of-concept' and 'not yet ready for production/enterprise use'. It functions by allowing remote execution of arbitrary F# code provided by clients (via console or HTTP/MCP), which is its intended purpose. This means a compromised client or an insecure deployment could lead to arbitrary code execution on the host machine. By default, it binds to '0.0.0.0' for HTTP/HTTPS, potentially exposing it to network interfaces. While no explicit hardcoded secrets or 'eval' of untrusted shell commands are visible beyond its core F# code execution, its nature as a remote code execution tool requires careful deployment and strict trust in all interacting clients.
Updated: 2025-12-23GitHub
25
25
Low Cost
Epistates icon

turbovault

by Epistates

Sec10

Transforms an Obsidian vault into an intelligent knowledge system, providing AI agents with 44 specialized tools for reading, writing, searching, analyzing, and managing notes with high performance.

Setup Requirements

  • ⚠️Requires Rust 1.90.0+ toolchain installed for building/running from source or `cargo install`.
  • ⚠️Requires an existing Obsidian vault directory to operate on (or one can be created via the `create_vault` tool).
  • ⚠️Integration with AI clients like Claude Desktop requires manual editing of the `claude_desktop_config.json` file.
Verified SafeView Analysis
The project demonstrates excellent security practices, including path traversal protection using `path_trav` crate, type-safe deserialization, atomic file operations to prevent data corruption, hash-based conflict detection, and file size limits. Explicitly states 'No shell execution' and 'Zero command injection risk'. Docker deployment runs as a non-root user. An external `mcp-scanner` audit reported all 44 tools as 'Safe' with 'No threats detected'. No hardcoded secrets or 'eval' patterns were found.
Updated: 2025-12-16GitHub
25
1
Low Cost
ebarron icon

ONTAP-MCP

by ebarron

Sec5

A Model Context Protocol (MCP) server providing comprehensive access to NetApp ONTAP storage systems, supporting STDIO and HTTP transports for multi-cluster management, volume lifecycle operations, data protection, and NFS/CIFS access control.

Setup Requirements

  • ⚠️Requires NetApp ONTAP cluster(s) with admin credentials for any functionality.
  • ⚠️The demo UI (if used) requires an OpenAI API Key for chatbot features (paid service).
  • ⚠️Default HTTP transport settings disable SSL certificate validation and allow all CORS origins (security implications for production).
Verified SafeView Analysis
The server's `OntapApiClient` explicitly disables SSL/TLS certificate validation (`rejectUnauthorized: false`) for API calls to ONTAP clusters, which is a significant security risk as it makes the connection vulnerable to man-in-the-middle attacks. The HTTP transport also enables Cross-Origin Resource Sharing (CORS) from any origin (`origin: '*'`), which is insecure for production deployments. For demo purposes, plaintext credentials can be stored in `demo/clusters.json`, which is a local security risk, though explicitly documented as for demo/lab use only and git-ignored.
Updated: 2026-01-06GitHub
25
6
High Cost
neosun100 icon

glm-asr

by neosun100

Sec8

An all-in-one service for high-accuracy speech recognition (ASR) across multiple languages, featuring Web UI, REST API, SSE streaming, and MCP server integration.

Setup Requirements

  • ⚠️Requires an NVIDIA GPU with at least 6GB VRAM.
  • ⚠️Docker and NVIDIA Container Toolkit are highly recommended for deployment.
  • ⚠️Initial model download requires an active internet connection (model size 1.5B parameters).
Verified SafeView Analysis
CORS is broadly enabled (`allow_origins=["*"]`) in the FastAPI (`main.py`) and Flask (`app.py`) implementations, which might be a concern if the API handles sensitive data beyond ASR. The `mcp_server.py` directly consumes `audio_path` from the client; a malicious MCP client could attempt to pass arbitrary file paths, though the `gpu_manager.transcribe` mitigates some direct exploitation by re-saving to a temporary file for processing. The `eval` call in `inference.py` uses a hardcoded string and is not user-controllable, thus not a direct vulnerability.
Updated: 2025-12-28GitHub
25
17
Medium Cost
nonatofabio icon

local_faiss_mcp

by nonatofabio

Sec8

Provides a local FAISS-based vector database as an MCP server for Retrieval-Augmented Generation (RAG) applications, enabling document ingestion, semantic search, and prompt generation.

Setup Requirements

  • ⚠️Requires Pandoc for extended document format support (DOCX, HTML, EPUB, etc.). Native PDF/TXT/MD work without it.
  • ⚠️Requires Python 3.10 or newer.
  • ⚠️Downloads embedding and re-ranking models from Hugging Face on first use, requiring network access and disk space.
Verified SafeView Analysis
The server uses `subprocess.run` to invoke 'pandoc' for extended document format support. While 'pandoc' is a reputable tool, executing external binaries with user-provided file paths carries an inherent, albeit low, risk. Communication uses stdio, which limits direct network attack surface. No apparent hardcoded secrets or malicious patterns were found. The system is designed for local-first operation, implying trust in the local environment and user-controlled index directory.
Updated: 2025-12-18GitHub
25
1
High Cost
rlaksana icon

cortex

by rlaksana

Sec3

AI-optimized knowledge management system providing advanced memory storage, multi-strategy semantic search, intelligent deduplication, and comprehensive monitoring for AI agent knowledge operations, including deep Z.AI integration.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0
  • ⚠️Requires Docker and Docker Compose (for Qdrant, Redis, Prometheus, Grafana)
  • ⚠️Requires OpenAI API Key (Paid Service, for embeddings and some Z.AI fallbacks)
  • ⚠️Requires Qdrant Vector Database (Self-hosted or managed service with credentials)
  • ⚠️Requires Z.AI API Key (Paid Service, for core AI functionality using models like glm-4.6)
  • ⚠️Manual testing requires global installation of `@modelcontextprotocol/inspector`
Review RequiredView Analysis
The server implements robust security middleware including JWT authentication, API key validation, IP validation, rate limiting, CORS, Helmet for security headers, and input sanitization (SQL/XSS prevention). It leverages `process.env` for configuration and includes a `KeyVaultService` for sensitive key management. However, a critical vulnerability exists due to the explicit use of `new Function()` in `src/services/monitoring/runbook-integration-service.ts` to execute `scriptContent`. If 'runbook' definitions or `scriptContent` can be influenced by untrusted or even privileged user input without strict sandboxing, this constitutes an arbitrary code execution vulnerability. This severely undermines the claim of 'production readiness' as it provides a direct code injection vector.
Updated: 2025-11-19GitHub
25
17
Medium Cost
levz0r icon
Sec4

Converts HTML content from web pages or raw strings into Markdown format, with options for including metadata, truncating content, and saving to files.

Setup Requirements

  • ⚠️Requires an MCP client/platform (e.g., Claude Code, Cursor, Codex) to be configured for interaction.
  • ⚠️Requires Node.js (version 18 or higher) to be installed.
Review RequiredView Analysis
The server has potential vulnerabilities related to file system access and network requests. The `saveToFile` parameter in `html_to_markdown` and `filePath` in `save_markdown` use `path.resolve` without sanitization, potentially allowing arbitrary file writes outside the intended directory (e.g., via path traversal like `../../etc/passwd`). Additionally, the `url` parameter in `html_to_markdown` fetches content from external URLs without explicit validation, which could expose the server to Server-Side Request Forgery (SSRF) if a malicious URL is provided.
Updated: 2025-12-23GitHub
PreviousPage 239 of 713Next