Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
AyushSingh7404 icon

MCP-servers

by AyushSingh7404

Sec8

A Model Context Protocol (MCP) server that enables interaction with Twitter, including posting tweets and searching Twitter content, potentially leveraging AI models.

Setup Requirements

  • ⚠️Requires Node.js 18+ runtime environment.
  • ⚠️Requires Twitter API credentials (e.g., TWITTER_APP_KEY, TWITTER_APP_SECRET, TWITTER_ACCESS_TOKEN, TWITTER_ACCESS_SECRET, TWITTER_BEARER_TOKEN) configured via a .env file.
  • ⚠️May require API keys for AI model providers (e.g., OPENAI_API_KEY, ANTHROPIC_API_KEY) if the MCP server's functionality involves calling these models.
Verified SafeView Analysis
The server uses `dotenv` for loading environment variables, which is a good practice for managing sensitive API keys. It relies on the `twitter-api-v2` library for Twitter interactions, which is a well-established package. The presence of `mcp-evals` as a runtime dependency, which in turn includes AI SDKs (e.g., OpenAI, Anthropic), suggests that the server likely integrates with external AI models. This introduces inherent network security considerations related to API key management for both Twitter and potentially AI services. No direct `eval()` usage, obfuscation, or obvious malicious patterns are present in the provided `package.json` or `package-lock.json` snippets. The `linear_transformation.py` file is a Python Manim script unrelated to the Node.js server and was ignored for this security analysis.
Updated: 2025-11-19GitHub
0
0
Low Cost
callme-DP icon

bear-mcp-server

by callme-DP

Sec7

Transforms Bear Notes into a 'second brain' personal knowledge analysis system, supporting semantic retrieval, topic clustering, tag drift analysis, PARA tracking, and visualization with AI capabilities.

Setup Requirements

  • ⚠️Requires Bear Notes app (macOS/iOS) for data source.
  • ⚠️Requires a locally running Ollama server with 'qwen2.5:7b' (or specified model) for advanced LLM features (summarization, concept extraction in graph exports).
  • ⚠️Requires a mixed Node.js/Python environment with specific dependencies (e.g., umap-learn, scikit-learn, plotly, neo4j driver, sentence-transformers) for full functionality like visualization and Neo4j import.
  • ⚠️Initial setup involves large model downloads for embeddings (Xenova/all-MiniLM-L6-v2) and potentially summarization.
Verified SafeView Analysis
The core Node.js server accesses Bear's SQLite database in read-only mode, which is critical for data safety. SQL queries use placeholders to prevent injection. Embedding models are downloaded from reputable sources (HuggingFace). However, the Python script for importing data into Neo4j (import_to_neo4j_brew.py) explicitly uses 'auth=None', which is a significant security flaw if the Neo4j instance requires authentication. Additionally, the Node.js tools designed for writing/modifying notes (e.g., 'insertNote', 'modifyNoteTag') will fail due to the read-only database connection, which is an accidental safety measure but highlights an architectural discrepancy. The server's debug logging of full 'curl' commands could also expose query content in logs.
Updated: 2025-12-02GitHub
0
0
Low Cost
econo21c icon

mcp-server

by econo21c

Sec9

An MCP (Multi-tool Communication Protocol) server exposing basic arithmetic operations as callable tools.

Setup Requirements

  • ⚠️Python 3 required
  • ⚠️fastmcp library required
  • ⚠️Docker required for containerized deployment
Verified SafeView Analysis
The server implements basic arithmetic functions with explicit type hints for inputs. It handles division by zero. There are no 'eval' calls, direct file system interactions, network calls beyond serving its API, or hardcoded secrets. The use of 'os.getenv' for the port is standard practice. The containerization via Docker (implied by smithery.yaml) further enhances isolation. Overall, it appears very safe.
Updated: 2025-11-27GitHub
0
0
Medium Cost
M-Asan0 icon
Sec9

A minimal MCP server for Cursor to safely inspect project files and structure for the Coloraid project during debugging.

Setup Requirements

  • ⚠️Docker required for building and running the server image.
  • ⚠️Manual MCP configuration required in Cursor's `mcp.json` file and enabling in settings.
  • ⚠️Requires the host Coloraid project directory to be explicitly mounted into the Docker container.
  • ⚠️WSL integration is presented as the primary setup for Windows users, adding an extra layer of configuration.
Verified SafeView Analysis
The `_safe_join` function robustly prevents path traversal attacks by resolving paths and ensuring they remain strictly within the defined `PROJECT_ROOT`. Communication is via stdio, minimizing the network attack surface. File access is read-only within the mounted volume.
Updated: 2025-11-29GitHub
0
0
Low Cost
MontoyaAndres icon

anju

by MontoyaAndres

Sec8

A monorepo platform for developing and managing AI agents through the Model Context Protocol (MCP), alongside a web frontend and a backend API for user, organization, and project management.

Setup Requirements

  • ⚠️Requires a PostgreSQL database connection string (DATABASE_URL) for `@anju/db`.
  • ⚠️Designed for deployment on Cloudflare Workers, requiring a Cloudflare account and Hyperdrive setup for database connectivity.
  • ⚠️Needs comprehensive environment variable configuration (e.g., JWT_SECRET, GOOGLE_CLIENT_ID/SECRET, API/WEB/MCP URLs) in a `.env` file at the monorepo root.
Verified SafeView Analysis
The overall project structure demonstrates good security practices for the main API (`apps/api`), including robust authentication via 'better-auth', role-based authorization for organization/project access, and Zod for input validation. Secrets are correctly managed via environment variables. However, the MCP server (`apps/mcp`) endpoint has a broad CORS policy (`origin: ['*']`) and does not enforce authentication/authorization using the common 'UserMiddleware.verify' or 'createAuth' methods found in the API server. While the currently implemented MCP tools and resources (`add`, `config`, `user`, `greeting`) only expose non-sensitive data (e.g., dummy user profiles) or perform simple operations, expanding its functionality to interact with sensitive data from the `@anju/db` without adding robust authentication could introduce significant vulnerabilities. The `NODE_ENV=production` hardcoded in `wrangler.toml` for `development` environment is a configuration inconsistency, but 'better-auth' correctly uses secure cookies if `NODE_ENV` is set to 'production', which it effectively is during Cloudflare deployment.
Updated: 2026-01-06GitHub
0
0
Medium Cost
blazkrzisnik icon

MCP-server

by blazkrzisnik

Sec8

Exposes employee and salary data from a Supabase database via a Model Context Protocol (MCP) server, designed for deployment on Vercel.

Setup Requirements

  • ⚠️Requires an existing Supabase project with 'employees' and 'salaries' tables configured.
  • ⚠️Requires `SUPABASE_URL` and `SUPABASE_KEY` environment variables.
  • ⚠️Primarily designed for deployment on Vercel, requiring Vercel CLI for local development.
Verified SafeView Analysis
No 'eval', obfuscation, or hardcoded secrets were found. Database interactions use the Supabase client library, which generally mitigates direct SQL injection risks from tool inputs. The `Access-Control-Allow-Origin: *` header broadly allows cross-origin requests; this could be a security concern if strict origin control is required, but may be intentional for a public MCP server.
Updated: 2025-12-08GitHub
0
0
High Cost
AmirHashmi017 icon
Sec4

An agent-based, multi-system AI platform designed to automate research discovery, intelligence analysis, and business proposal generation using LangGraph workflows.

Setup Requirements

  • ⚠️Requires a running MongoDB instance for user and research data persistence.
  • ⚠️Requires 'GOOGLE_API_KEY' configured for LLM interaction (Gemini Flash model is used).
  • ⚠️Relies heavily on four external microservices (Volvox, Smart Research, Innoscope, Kickstart) that must be deployed and accessible, with their URLs configured via environment variables.
Review RequiredView Analysis
Critical vulnerability due to a hardcoded, weak default 'JWT_SECRET_KEY' in 'app/config.py' that must be overridden in production. The 'CORSMiddleware' with 'allow_origins=['*']' is insecure for production. The system relies on multiple external microservices, whose security and availability also impact the overall platform.
Updated: 2026-01-07GitHub
0
0
Medium Cost
alexandremahdhaoui icon

testenv-vm

by alexandremahdhaoui

Sec7

Provisions virtual machines, networks, and SSH keys for end-to-end infrastructure testing, solving the gap for systems requiring actual VMs rather than containers.

Setup Requirements

  • ⚠️Requires Linux (Windows/macOS not supported for libvirt/QEMU providers).
  • ⚠️Requires installation of virtualization dependencies (libvirt 6.0+, QEMU/KVM 6.0+, qemu-img, genisoimage/mkisofs/xorriso) on the host machine.
  • ⚠️Requires appropriate user permissions (e.g., membership in 'libvirt' and 'kvm' groups, or sudo access) for resource provisioning and network bridge creation.
Verified SafeView Analysis
The system leverages external tools like 'virsh' and 'qemu-img', which are inherently powerful and require careful input sanitization, though current implementations appear structured. SSH client connections (pkg/client/ssh.go) use 'ssh.InsecureIgnoreHostKey()' for testing purposes, which is a known security risk if used in production but acceptable in a test environment. SSH private keys are managed and stored on the local filesystem (e.g., .forge/testenv-vm/artifacts/), requiring host-level file permission management (mode 0600 is mentioned). No explicit 'eval' or similar arbitrary code execution patterns were found outside of Go's template engine which is designed to be safe.
Updated: 2025-12-26GitHub
0
0
Low Cost
AINative-Studio icon

ainative-strapi-mcp-server

by AINative-Studio

Sec9

Manages and publishes blog posts, tutorials, and events in Strapi CMS through an AI assistant using natural language.

Setup Requirements

  • ⚠️Requires a running Strapi CMS instance, accessible via `STRAPI_URL`.
  • ⚠️Requires authentication with Strapi, either via `STRAPI_API_TOKEN` or a combination of `STRAPI_ADMIN_EMAIL` and `STRAPI_ADMIN_PASSWORD`.
  • ⚠️Designed for interaction with an MCP (Model Context Protocol) compatible AI assistant.
Verified SafeView Analysis
The server uses environment variables for all sensitive Strapi credentials (API token or admin email/password), which is a good practice. It leverages standard and well-maintained libraries like axios and @modelcontextprotocol/sdk. There are no direct uses of `eval` or other highly dangerous functions, and string sanitization is used for slug generation. The primary security considerations for deployment are securing the underlying Strapi instance and ensuring the provided `STRAPI_URL` points to a trusted endpoint, as this server acts as an authenticated client to that URL.
Updated: 2026-01-15GitHub
0
0
Medium Cost
ukicar icon

sweet-bnf

by ukicar

Sec9

Provides a Model Context Protocol (MCP) server to access and retrieve data from the Gallica digital library of the Bibliothèque nationale de France (BnF) via search tools and extended item-specific functions.

Verified SafeView Analysis
The project uses Zod for robust input validation, mitigating injection risks. It relies on environment variables for sensitive configuration, avoiding hardcoded secrets. HTTP requests are handled by `undici`, a modern and secure client, with built-in retry logic and error handling. Unhandled promise rejections and uncaught exceptions are gracefully logged. CORS headers are appropriately set.
Updated: 2025-11-30GitHub
0
0
Medium Cost
Atomic-Germ icon

mcp-lubrication

by Atomic-Germ

Sec9

This project specifies an MCP server and API to help agentic models and automation log, track, and resolve sources of friction in developer workflows.

Setup Requirements

  • ⚠️The project is currently in the design/specification phase, meaning no functional server implementation exists yet.
  • ⚠️Requires Node.js 18+ and pnpm for development and eventual runtime.
  • ⚠️A database (SQLite for development, PostgreSQL for production) and a `JWT_SECRET` environment variable are required for a functional deployment.
Verified SafeView Analysis
The server is currently a design specification, so executable server logic for a full audit is not available. However, the design explicitly incorporates strong security practices including token-based authentication (JWT_SECRET required in production), scoped tokens, HMAC-signed webhooks (WEBHOOK_SECRET), and API rate limiting. Hardcoding secrets in production is warned against, and development secrets are noted. Actual implementation would require further audit.
Updated: 2025-12-02GitHub
0
0
Medium Cost
jasonwilbur icon

cloud-cost-mcp

by jasonwilbur

Sec9

A multi-cloud pricing comparison server for AWS, Azure, GCP, and OCI, enabling users to compare compute, storage, egress, and Kubernetes costs with natural language queries and calculate workload estimates.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Relies on external public pricing APIs which may be subject to availability, rate limits, or changes in API structure.
Verified SafeView Analysis
The server is transparently implemented in TypeScript, without using 'eval' or obfuscation. It relies on well-known public APIs (instances.vantage.sh, Azure Retail Prices API, Oracle Cloud Price List API) for real-time data, explicitly stating 'No API Keys Required,' which mitigates the risk of hardcoded or exposed secrets. Network calls are made to these public sources for pricing data. The @modelcontextprotocol/sdk is a dependency, and its usage within the server's context appears confined to standard MCP server operations (handling ListTools and CallTool requests). Communication with the client is via standard I/O, which is a contained environment.
Updated: 2026-01-19GitHub
PreviousPage 274 of 713Next