Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

13
2
Low Cost
clarkemn icon
Sec8

Provides search access to Prisma Cloud documentation for Model Context Protocol (MCP) compatible clients like Claude.

Setup Requirements

  • ⚠️Requires Python 3.12+ and `uv` package manager.
  • ⚠️Initial indexing using `index_prisma_docs` or `index_prisma_api_docs` tools is required before search functionality can be used.
  • ⚠️Requires a preceding `docker build -t prisma-docs-server .` command before running in container mode.
Verified SafeView Analysis
The server listens on all interfaces ("0.0.0.0") by default and uses a highly permissive CORS policy ("allow_origins=["*"]"), which could be a security consideration in a publicly exposed environment. However, the core functionality involves web scraping public documentation and local text searching, which is inherently low risk. No hardcoded secrets or malicious patterns were found. The use of 'json.loads' for configuration is within a controlled context and does not appear to pose a direct code execution risk.
Updated: 2025-12-20GitHub
13
1
Low Cost
SurriyaGokul icon

NetMCP

by SurriyaGokul

Sec9

An AI-powered server that translates natural language requests into optimized Linux network configurations, applying them safely with checkpointing, rollback, and validation capabilities to enhance performance for various workloads like gaming, streaming, or server operations.

Setup Requirements

  • ⚠️Requires a Linux operating system (e.g., Ubuntu 20.04+, Debian 11+).
  • ⚠️Requires Python 3.10+ installed on the host system.
  • ⚠️Relies on the presence of common Linux network utilities (e.g., `ip`, `sysctl`, `tc`, `nft`, `iperf3`, `curl`, `dig`, `ethtool`).
  • ⚠️A one-time setup involves running `./setup_sudo.sh` to configure passwordless sudo access for network management commands, which requires initial user interaction and password authentication.
Verified SafeView Analysis
The project demonstrates strong security practices for a tool requiring privileged access. It employs command allowlisting (`server/config/allowlist.yaml`) to restrict executable binaries, mitigating arbitrary command execution. Automatic checkpoints and rollback provide a safety net for configuration changes, allowing easy restoration of previous states. The `_reject_meta` function in `shell.py` prevents shell metacharacters, reducing command injection risks. The `setup_sudo.sh` script configures granular passwordless sudo for a specific, limited set of network commands, avoiding blanket root access. No direct 'eval' calls, hardcoded secrets, or malicious patterns were identified in the provided code. The inherent risk of modifying live network configurations is well-addressed through these layered safety features.
Updated: 2025-12-25GitHub
13
2
Low Cost
trebortGolin icon

amorce

by trebortGolin

Sec9

Provides a secure, cryptographic trust layer and orchestrator for AI agent communication, enabling cross-framework interaction, LLM discovery, and Human-in-the-Loop (HITL) approvals.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️For production deployments (cloud mode), requires generation and secure management of cryptographic keys (AGENT_API_KEY, DIRECTORY_ADMIN_KEY) in Google Secret Manager, which is a CRITICAL setup step.
  • ⚠️Cloud mode requires Google Cloud Platform (GCP) project and services (Firestore for storage, Redis for rate limiting) to be configured.
  • ⚠️MCP wrapper integration requires external Node.js-based MCP servers (e.g., @modelcontextprotocol/server-filesystem) to be installed via npm.
Verified SafeView Analysis
The project emphasizes a robust zero-trust security model with L1 API key authentication (in cloud mode) and L2 Ed25519 cryptographic signatures for all transactions. It uses Google Secret Manager for secure key management and has actively removed past hardcoded secrets, providing clear guidance for secure key rotation. Human-in-the-Loop (HITL) approvals add an important layer of oversight for sensitive operations. A critical warning exists against using 'standalone' (development) mode in production, as it relaxes signature verification and lacks cloud-managed services; this is a significant risk if ignored. The use of 'subprocess.Popen' to launch external MCP servers is noted, but current configuration implies local control over these commands.
Updated: 2025-12-19GitHub
13
2
Medium Cost
sumup icon

sumup-mcp

by sumup

Sec9

Provides a Model Context Protocol (MCP) server to enable natural language interactions with SumUp APIs via large language models (LLMs).

Setup Requirements

  • ⚠️Requires a SumUp API Key for authentication in every MCP request.
  • ⚠️Designed for deployment as a Cloudflare Worker, utilizing the Wrangler CLI for local development and deployment.
  • ⚠️Requires Node.js version 22 or higher as specified in package.json.
Verified SafeView Analysis
The server enforces API key authentication via the Authorization header, returning an unauthorized response if missing. It relies on environment variables (`SUMUP_API_HOST`, `SUMUP_AUTH_HOST`, `HOST`, `OPENAI_APPS_CHALLENGE`) for sensitive configurations, which is good practice. No 'eval' or obvious obfuscation was found in the provided code snippets. CORS is broadly enabled (`Access-Control-Allow-Origin: *`), which is typical for an API designed for broad client integration. The `SECURITY.md` outlines a responsible disclosure process via a private bug bounty program, indicating a focus on security.
Updated: 2025-12-20GitHub
13
5
High Cost
prismicio icon

prismic-mcp-server

by prismicio

Sec7

This server provides AI agent tools that integrate with Prismic Slice Machine, assisting developers with slice modeling, code generation, mocking, and integration into custom types within a Prismic project.

Setup Requirements

  • ⚠️Requires AWS Bedrock API Key (AWS_BEARER_TOKEN_BEDROCK) for AI agent functionality.
  • ⚠️Requires Node.js version >= 18.0.0.
  • ⚠️Designed to run within a Prismic Slice Machine project structure (e.g., depends on 'slicemachine.config.json').
Verified SafeView Analysis
The server uses hardcoded Segment API keys for analytics, which are typically public write keys but represent a potential vector for injecting false data if compromised. AI API keys (e.g., AWS_BEARER_TOKEN_BEDROCK) are correctly loaded from environment variables. The test suite uses 'execSync' which is a security risk in tests if not carefully controlled, but this does not affect the core server functionality directly.
Updated: 2025-12-15GitHub
13
3
Low Cost
thepearl icon
Sec9

This MCP server cleans up unused image, color, and data assets in Xcode projects by analyzing Swift code and `.xcassets` catalogs, generating interactive HTML reports.

Setup Requirements

  • ⚠️Requires macOS 13.0+ and Swift 6.0+ (Xcode 14.0+ for build).
  • ⚠️Requires an MCP-compatible client (e.g., Claude Code, VS Code extension, Claude CLI) for interaction.
  • ⚠️Initial setup requires configuring the MCP client with the server's executable path, which varies depending on Homebrew installation or source build.
Verified SafeView Analysis
The server primarily operates on local files, reading project assets and Swift code, and performing deletion/backup operations within the specified project path. It uses `StdioTransport` for communication, not direct network listeners, limiting external attack surfaces. File deletion includes an automatic backup feature, mitigating data loss risks. The Homebrew formula's `--disable-sandbox` flag for `swift build` is noted, which is common for CLI tools needing broad file access but means the tool itself isn't sandboxed during execution. No 'eval' or obvious hardcoded secrets were found.
Updated: 2025-12-15GitHub
13
2
High Cost
gkjpettet icon

mcpwikipedia

by gkjpettet

Sec8

Serves Wikipedia article content, converted to Markdown, to Model Context Protocol (MCP) clients for consumption by Language Models.

Setup Requirements

  • ⚠️Requires a user agent (--useragent) as a command-line argument.
  • ⚠️Manual compilation and placement of Xojo project files is required.
  • ⚠️Requires configuration in the MCP client's mcp.json and a client restart.
Verified SafeView Analysis
No 'eval', obfuscation, hardcoded secrets, or malicious patterns were identified in the provided (truncated) source code or README. The server interacts with the public Wikipedia API. A full security audit would require access to the complete source code.
Updated: 2025-12-20GitHub
13
2
Low Cost
mohandshamada icon

MCP-Gateway

by mohandshamada

Sec6

A federated gateway service for the Model Context Protocol (MCP) that aggregates multiple MCP servers into a single, namespaced, authenticated endpoint for AI agents like Claude.

Setup Requirements

  • ⚠️Requires Node.js 22+
  • ⚠️Requires `sudo` or root privileges for full functionality, particularly for `Desktop Commander` and directory permissions. The default `systemd` service also runs as root.
  • ⚠️Requires Google Chrome to be installed for the `Chrome DevTools` MCP server.
  • ⚠️Initial setup (via `install.sh`) involves interactive prompts for domain, SSL email, and OAuth credentials.
Review RequiredView Analysis
The project implements robust internal security features like timing-safe token comparison, configurable rate limiting, CORS, and environment variable validation/redaction. For its own `/admin/permissions/exec` endpoint, it employs a strict command whitelist and dangerous pattern blacklist. However, critical vulnerabilities exist: 1) The provided `config/gateway.json` (within the prompt context) contains hardcoded API tokens and OAuth client secrets, which is a severe risk if used directly in production. While the documentation suggests generating tokens and using environment variables, this specific configuration example is unsafe. 2) The `install.sh` and `setup-ubuntu.sh` scripts configure the gateway to run as `root` by default, granting maximum privileges to the entire process and its child MCP servers. This significantly increases the blast radius in case of a vulnerability. 3) The 'Desktop Commander' MCP server, a core pre-installed tool, explicitly exposes functionalities to 'Run shell commands' and 'file editing'. While the gateway's *own* `/admin/permissions/exec` endpoint is hardened, the Desktop Commander tool's methods (e.g., `execute_command`) allow arbitrary shell commands to be run by the AI agent through the MCP protocol, potentially bypassing the gateway's internal whitelist/blacklist and inheriting the `root` privileges. This is a very high privilege level for an AI-controlled component.
Updated: 2025-12-19GitHub
13
3
High Cost
aoutpost2-rgb icon

mcp-server

by aoutpost2-rgb

Sec8

A Model Context Protocol (MCP) server that provides real-time Indian options market data and volatility analytics from GetOutpost.in for integration with AI chat models like Claude.

Setup Requirements

  • ⚠️Requires manual sign-up for GetOutpost.in and manual retrieval of API access and refresh tokens from developer tools to configure a local JSON credentials file.
  • ⚠️Requires Node.js version 24.0.0 or higher.
  • ⚠️Primarily designed for integration with Claude Desktop and the Model Context Protocol, limiting standalone use.
Verified SafeView Analysis
The server uses an external credentials file ('.getoutpost_credentials.json') to store API tokens and email, which is good practice, avoiding hardcoded secrets. It implements automatic token refreshing, enhancing security and usability. All communication with the GetOutpost.in API uses HTTPS. The `mcp_server.ts` (HTTP transport) uses `cors` with `origin: '*'`, which is broad. While potentially acceptable for a local desktop extension, it would be a concern in a publicly accessible web server context. No 'eval', obfuscation, or other overt malicious patterns were detected in the provided source code.
Updated: 2025-12-16GitHub
13
2
Low Cost
tobedoit icon
Sec9

Facilitate Google Calendar event creation and management via an MCP server, primarily for integration with AI agents like Claude Desktop App.

Setup Requirements

  • ⚠️Requires Python 3.13 or higher (as per pyproject.toml).
  • ⚠️Requires manual setup of Google Cloud Project, OAuth 2.0 Client ID, and acquisition of a refresh token.
  • ⚠️Designed for integration with the Claude Desktop App.
Verified SafeView Analysis
The server correctly uses environment variables for Google OAuth2 credentials (client ID, client secret, refresh token), avoiding hardcoded secrets. It relies on standard Google API client libraries for authentication and interaction. No 'eval' or other highly dangerous functions are present. The primary security consideration is the secure management of the OAuth2 refresh token by the user, as the server expects it to be pre-obtained and provided.
Updated: 2025-12-21GitHub
13
3
Low Cost
ricard1406 icon

Little_MCP

by ricard1406

Sec2

A local AI assistant leveraging Retrieval-Augmented Generation (RAG) and multi-tool agents for document Q&A, real-time information, and SQL database interaction.

Setup Requirements

  • ⚠️Requires Ollama installed and running locally with 'qwen3:1.7b' and 'nomic-embed-text' models pulled.
  • ⚠️Requires an OpenWeather API key (free tier available) set in the .env file.
  • ⚠️Requires a local MariaDB server setup with specified database, tables (FRUITS, VEGGIE), and user credentials ('DB_USER', 'DB_PASSWORD') configured in the .env file to use SQL functionalities.
  • ⚠️PDF document 'data/Candidates and Scores List - Test Data - compact.pdf' must exist for RAG system initialization.
Review RequiredView Analysis
The server-side SQL tools (`get_SQL_response` and `put_SQL_insert`) directly execute user-provided SQL queries/statements (`myParam`) against a MariaDB database without proper sanitization. This constitutes a critical SQL Injection vulnerability, allowing attackers to perform arbitrary database operations (e.g., read, update, delete, or drop tables) if they can directly access the `/get_SQL_response` or `/put_SQL_insert` API endpoints. While the client-side agent is designed to generate SQL, direct API access bypasses this, making the system highly vulnerable.
Updated: 2025-12-17GitHub
13
2
Low Cost
gkjpettet icon

mcpfetch

by gkjpettet

Sec1

A server for fetching HTML or Markdown content from the web.

Setup Requirements

  • ⚠️Requires a Xojo runtime environment if not statically linked/bundled.
  • ⚠️Requires Xojo IDE and license for any modifications or recompilation.
Review RequiredView Analysis
No actual source code was provided for analysis beyond the README.md file. Therefore, a meaningful security audit for patterns like 'eval', obfuscation, hardcoded secrets, or malicious code cannot be performed. Fetching arbitrary content from the web always carries inherent risks (e.g., Server-Side Request Forgery (SSRF), potential for XSS if content is rendered or processed client-side without strict sanitization, or resource exhaustion/DoS from large payloads). Without the Xojo source code, it's impossible to verify how these risks are mitigated, if at all.
Updated: 2025-12-21GitHub
PreviousPage 257 of 713Next