Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

20
20
Medium Cost
cboxdk icon

statamic-mcp

by cboxdk

Sec6

Provides an AI assistant with structured access and control over Statamic CMS content and configurations through a router-based API.

Setup Requirements

  • ⚠️Requires PHP 8.3+ for execution.
  • ⚠️Requires Laravel 11+ or 12+ and Statamic 5.65+ or 6.0+.
  • ⚠️Initial setup requires running `php artisan mcp:statamic:install` to publish configuration and configure AI assistant integrations (e.g., `.mcp.json`, `.cursorrules`, `.vscode/settings.json`), which may need manual verification or adjustments for specific AI tools.
Verified SafeView Analysis
The custom 'Bearer token' authentication method, which is essentially a base64-encoded email and password, is not a true secure token and is functionally equivalent to basic authentication. If the API endpoint is not exclusively served over HTTPS, this could expose credentials in plain text. The BaseStatamicTool explicitly states it uses 'permissive' argument validation for 'Claude compatibility', which means complex, potentially malicious data structures in arguments might not be fully validated at the base level, relying heavily on individual router implementations for deeper input sanitization. While there are strong positive security features like the `PathValidator` for file operations, whitelisted configuration access for system tools, and robust audit logging with sensitive data redaction, these concerns regarding authentication and base-level input validation are significant.
Updated: 2025-12-15GitHub
20
1
Medium Cost
triepod-ai icon
Sec8

Enhanced Model Context Protocol server for Qdrant vector database providing GPU-accelerated, multi-vector, and collection-specific embedding models for intelligent document storage and retrieval.

Setup Requirements

  • ⚠️GPU acceleration requires Docker with NVIDIA runtime, CUDA 12.x support, and cuDNN 9.13.0 libraries.
  • ⚠️Requires a running Qdrant instance (default: http://localhost:6333).
  • ⚠️The Docker image is substantial (16.5GB) due to pre-installed CUDA runtime, cuDNN, and embedding models.
Verified SafeView Analysis
The server employs `TransportSecuritySettings` to configure `allowed_hosts` and `allowed_origins` for its HTTP transport, which is a good practice against DNS rebinding and CORS attacks. Sensitive credentials like `QDRANT_API_KEY` are handled via environment variables. Extensive use of `subprocess.run` with `shell=True` (e.g., `bash -c`) is present in development and testing scripts for system orchestration; while common in this context, it always warrants caution if inputs were untrusted, but here they appear internally controlled. The HTTP server binds to `0.0.0.0` by default (standard for Docker), meaning it's exposed on all network interfaces, requiring external firewall/reverse proxy considerations if deployed publicly.
Updated: 2026-01-01GitHub
20
3
Medium Cost
quartz-labs-dev icon

pabal-mcp

by quartz-labs-dev

Sec8

Manages App Store and Google Play ASO (App Store Optimization) workflows, including metadata sync, release management, and app registration, directly from an MCP-compatible AI client.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️Needs specific App Store Connect API Key (.p8 file, issuerId, keyId) and Google Play Service Account JSON credentials, configured in `~/.config/pabal-mcp/config.json` with appropriate file permissions.
  • ⚠️Requires an MCP-compatible client (e.g., Cursor, Claude Code, VS Code, Windsurf) to function as a stdio server.
Verified SafeView Analysis
The server runs 100% locally and handles credentials and cached ASO data on the user's machine, reducing external attack surfaces. Sensitive configurations (API keys, service account JSON) are loaded from a user-defined path (`~/.config/pabal-mcp/config.json`) with recommendations for strict file permissions (`chmod 700` for directory, `chmod 600` for files). Logging explicitly redacts sensitive parameters. It leverages official SDKs (`appstore-connect-sdk`, `googleapis`) for store interactions. The `downloadImage` function in `aso-pull` performs external network requests, but these are typically for screenshot URLs originating from the trusted store APIs, and not directly user-controlled in a way that implies immediate vulnerability to arbitrary code execution or large file downloads beyond the scope of ASO data itself. No 'eval' or similar dangerous patterns were found.
Updated: 2025-12-28GitHub
20
20
Low Cost
SeeYangZhi icon

lucide-icons-mcp

by SeeYangZhi

Sec9

Provides a Model Context Protocol (MCP) server to expose Lucide React icons as resources and tools for Large Language Models (LLMs) and agentic applications.

Setup Requirements

  • ⚠️Requires Bun or Node.js runtime
  • ⚠️Requires an MCP client (e.g., Claude Desktop) for interaction
  • ⚠️Git required to clone the repository for setup
Verified SafeView Analysis
The server uses `zod` for schema validation of tool inputs, which is a good security practice. HTTP request handling isolates requests to prevent collisions. The web scraping (crawling) component runs as a build-time script, not directly exposed to runtime user input, reducing runtime attack surface. No obvious direct `eval` calls or hardcoded secrets for runtime operation are present.
Updated: 2025-12-19GitHub
20
1
Medium Cost
logpare icon

logpare-mcp

by logpare

Sec3

Semantic log compression for AI assistants to reduce LLM context window usage and provide diagnostic insights.

Setup Requirements

  • ⚠️Requires Node.js 20 or later.
  • ⚠️For public HTTP deployments, the default `noopAuthMiddleware` *must* be replaced with proper authentication for security.
  • ⚠️For local development, if working with the `logpare` core library, ensure it's available as a sibling repository for `pnpm link` behavior (as suggested in `CLAUDE.md`).
Review RequiredView Analysis
The HTTP transport, when enabled, uses `noopAuthMiddleware` by default. This middleware explicitly grants full authentication and all scopes to any connecting client. This is a critical security risk for any public or untrusted deployment, allowing unauthorized access to log processing and results. It is explicitly noted in the source code as a placeholder that 'Replace with actual OAuth validation in production.' For local `stdio` transport use (e.g., Claude Desktop), the risk is contained as it operates locally.
Updated: 2026-01-02GitHub
20
2
Low Cost
dhyabi2 icon

NANO_MCP_SERVER

by dhyabi2

Sec8

Provides a JSON-RPC 2.0 API for AI agents to interact with the NANO cryptocurrency network, including wallet management, transactions, balance checks, and QR code generation, with an emphasis on self-documenting errors and fast integration.

Setup Requirements

  • ⚠️Test wallet setup requires human intervention to fund generated addresses with NANO for full functionality, which can take 30-60 seconds.
  • ⚠️Proof-of-Work (PoW) generation for transactions (e.g., send, initialize, receive) can be CPU-intensive and vary significantly (10-60 seconds), requiring generous timeouts (minimum 60s) to prevent operation failures.
Verified SafeView Analysis
The server uses standard `nanocurrency` libraries for cryptographic operations. It integrates comprehensive input validation and explicitly warns against exposing private keys, masking them in error logs. It is configured to use public RPC nodes by default, which do not require an API key, mitigating risks from hardcoded secrets in that context. Test wallet private keys are stored locally in a file, which is a known risk for a test environment but is clearly documented as such and should be excluded from version control for production deployments. No 'eval' or obvious obfuscation was found in the provided source code.
Updated: 2025-12-30GitHub
20
7
Low Cost
Fabric-Pro icon

fizzy-mcp

by Fabric-Pro

Sec9

Enables AI assistants (like Claude, Cursor, GitHub Copilot) to interact with Fizzy project management tools (boards, cards, comments, etc.) through natural language by acting as a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️FIZZY_ACCESS_TOKEN environment variable is required when using the `stdio` transport.
  • ⚠️Requires Node.js 18 or higher to run the server locally.
  • ⚠️Requires a Fizzy account with API access to generate a personal access token for authentication.
Verified SafeView Analysis
The server implements robust security measures, including explicit origin validation, per-user authentication using Authorization: Bearer headers (for HTTP/SSE transports), optional client-level authentication via MCP_AUTH_TOKEN, and default localhost-only binding. Tool execution is safely mapped via a switch statement, avoiding dynamic code execution (e.g., eval). Rate limiting is available for Cloudflare deployments. Security warnings are logged for insecure configurations. Fizzy access tokens are read from environment variables or per-request headers, not hardcoded. Overall, a well-secured design with strong emphasis on multi-user isolation and access control.
Updated: 2025-12-19GitHub
20
1
Low Cost
PancrePal-xiaoyibao icon

get_biji_mcp

by PancrePal-xiaoyibao

Sec9

Integrate Get笔记 (GetBiji) API with Model Context Protocol (MCP) to enable AI-powered knowledge base search and retrieval capabilities for applications like Claude Desktop.

Setup Requirements

  • ⚠️Requires a valid `GET_BIJI_API_KEY` from Get笔记 (GetBiji) API, which likely requires registration and may involve costs from the third-party API.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Primarily designed for integration with `Claude Desktop` or other MCP-compatible clients.
Verified SafeView Analysis
The server correctly uses environment variables (`dotenv`) for sensitive API keys, preventing hardcoded secrets. It implements rate limiting to mitigate abuse. Input schemas for tools are defined using the MCP SDK, which provides a layer of validation, though direct type casting `args as { ... }` is used in the handler. API calls are made via Axios with error handling. There is no evident use of `eval` or arbitrary command execution based on user input. Logging to `stderr` is employed, which is generally safer than writing to easily accessible files. Overall, the code follows good security practices for its intended purpose as an integration server.
Updated: 2026-01-02GitHub
19
11
Medium Cost
yosider icon
Sec8

Provides a Model Context Protocol (MCP) interface for interacting with Cosense pages, enabling programmatic retrieval, listing, searching, and modification of content.

Setup Requirements

  • ⚠️Requires `COSENSE_PROJECT_NAME` environment variable to be set.
  • ⚠️Requires `COSENSE_SID` environment variable (session cookie) for authentication, which must be treated as a secret for writing and reading private pages.
  • ⚠️For `npx` users, JSR-hosted package dependencies necessitate adding `@jsr:registry=https://npm.jsr.io` to `~/.npmrc` first.
Verified SafeView Analysis
The server uses environment variables (COSENSE_PROJECT_NAME, COSENSE_SID) for configuration, which is a good practice for handling sensitive data like the session cookie (COSENSE_SID). The `COSENSE_SID` is explicitly noted to be treated as a secret, as its compromise could grant access to the Cosense project. Input validation for tools is performed using Zod schemas, mitigating common injection risks. No 'eval' or other direct code execution from user input is observed. Network interactions are confined to the Cosense API via standard libraries. The inherent risk lies in the secure handling of the `COSENSE_SID` by the user.
Updated: 2025-12-22GitHub
19
1
Medium Cost
AlexeyEvlampiev icon

local-service-launchpad

by AlexeyEvlampiev

Sec8

Provides a script to set up a comprehensive local development environment using Docker for various backend services and cloud emulators.

Setup Requirements

  • ⚠️Docker (Desktop or Engine) must be installed and running.
  • ⚠️PowerShell 5.1+ (Windows) or PowerShell 7+ (Linux/macOS) is required.
  • ⚠️Some container ports (e.g., Omnigres 8080, 8081) may conflict with other existing local services.
  • ⚠️Anvil (Ethereum) blockchain state is not persistent by default across container restarts.
Verified SafeView Analysis
The script orchestrates Docker containers for local development services, utilizing default hardcoded credentials (e.g., 'postgres/postgres', 'guest/guest'). These are suitable for local development environments and are not intended for production or public exposure. There is no indication of 'eval', obfuscation, or malicious patterns in the provided source code or README description. Data persistence is managed via local directories, enhancing local data security. The primary security consideration is to ensure these services are not exposed externally.
Updated: 2025-12-31GitHub
19
7
Medium Cost
timothywarner-org icon

copilot-memory-store

by timothywarner-org

Sec8

A persistent local memory store for AI assistants and coding agents, enabling context engineering by saving, searching, and compressing developer-specific knowledge across conversations.

Setup Requirements

  • ⚠️Requires `DEEPSEEK_API_KEY` environment variable for optional LLM-assisted compression and context shaping (DeepSeek is a paid service).
  • ⚠️MCP client integration (e.g., VS Code Copilot Chat) requires reloading the client application after server configuration changes.
  • ⚠️Memories are stored in a local plaintext JSON file, which is not encrypted and should not contain sensitive information. Users must manage this file (e.g., via `.gitignore`).
Verified SafeView Analysis
The server uses stdio for core MCP communication, limiting network exposure. It explicitly warns against storing sensitive data in its plaintext local JSON memory file. File locking is implemented for concurrent write safety. Optional integration with DeepSeek LLM involves external API calls (via HTTPS), but requires an API key and is clearly opt-in. No hardcoded secrets or 'eval' calls were found. The security model is transparent about its limitations (e.g., no encryption at rest, no authentication).
Updated: 2025-12-15GitHub
19
18
Medium Cost
zscaler icon
Sec9

AI-assisted management and monitoring of Zscaler Zero Trust Exchange platform services.

Setup Requirements

  • ⚠️Requires Zscaler API credentials (client_id, client_secret, customer_id, vanity_domain)
  • ⚠️Python 3.11+ required
  • ⚠️Write operations are disabled by default and require explicit flags (`--enable-write-tools` and `--write-tools` allowlist)
  • ⚠️Project is in 'Public Preview' and not recommended for production deployments due to potential API/feature changes.
Verified SafeView Analysis
The server implements a robust, multi-layered security model. It defaults to read-only mode, requiring explicit `--enable-write-tools` and a mandatory `--write-tools` allowlist for any write operations. Destructive actions (`delete_*`) require double confirmation (AI agent dialog + server-side confirmation). Credentials are managed via environment variables or `.env` files, preventing hardcoding. Network bindings (`0.0.0.0`) for HTTP transports are standard but require careful environment configuration in production. No apparent malicious patterns or obfuscation.
Updated: 2025-12-16GitHub
PreviousPage 248 of 713Next