Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
TheaMarieM icon
Sec8

AI-powered portfolio acting as a digital twin, offering interactive querying, interview simulation, and RAG-driven semantic search of professional experiences via the Model Context Protocol (MCP) for AI assistants like Claude Desktop and VS Code Copilot.

Setup Requirements

  • ⚠️Requires Node.js 18+ and pnpm
  • ⚠️Requires Python 3.8+ with pip
  • ⚠️Requires Upstash accounts (Redis + Vector) and corresponding API keys for full functionality
  • ⚠️Requires a Groq API key for LLM responses (or optional OpenAI API Key fallback/embeddings, depending on configuration)
  • ⚠️Requires a local Ollama server running if `LLM_PROVIDER` is 'ollama'
  • ⚠️Requires a local embedding service running (`scripts/serve_local_embeddings.py`) if `USE_LOCAL_EMBEDDINGS` is 'true'
Verified SafeView Analysis
The project demonstrates good security practices with explicit rate limiting (Redis-based for chat, in-memory for RAG as implemented in `app/api/rag/route.ts`), comprehensive input validation, and content filtering for sensitive information and prompt injections. It uses secure session ID generation and sets security headers on API responses. Environment variables are correctly used for secrets. The use of `json.loads` on external API responses carries inherent risk, but is standard practice when interacting with LLM/embedding services and is handled within `try-except` blocks. In-memory rate limiting for RAG in the Next.js backend could be a concern for multi-instance production deployments, which the README addresses by suggesting Redis for production.
Updated: 2025-11-19GitHub
0
0
Low Cost
bioanywhere icon

tacos

by bioanywhere

Sec7

Provides Docker deployment configuration and CI/CD for a world-news-api-clients server.

Setup Requirements

  • ⚠️Requires Docker for local development and execution.
  • ⚠️Requires a GCP account, project ID, and project number for cloud deployment and Artifact Registry integration.
  • ⚠️Requires GitHub repository secrets (`GCP_PROJECT_ID`, `GCP_PROJECT_NUMBER`) for CI/CD.
  • ⚠️Requires `gcloud` CLI installed and configured to pull images from Google Artifact Registry.
Verified SafeView Analysis
The provided source code (README) outlines secure practices for GCP integration, utilizing Workload Identity Federation and repository secrets for credentials. There are no obvious hardcoded secrets or malicious patterns visible in the README itself. However, a comprehensive security audit for `eval`, obfuscation, network risks within the application, or insecure configurations is not possible without access to the actual `Dockerfile`, `docker-compose.yml`, `run.sh`, and the application's source code.
Updated: 2025-12-13GitHub
0
0
High Cost
adamanz icon
Sec8

An MCP server enabling AI agents like Claude to analyze videos and images using the Qwen3-VL-8B-Instruct model deployed on Blaxel's H100 GPUs.

Setup Requirements

  • ⚠️Requires a Blaxel account and API key (Blaxel is a paid, subscription-based service).
  • ⚠️Requires `ffmpeg` to be installed locally on the system where the MCP server runs.
  • ⚠️Requires Python 3.10 or newer.
  • ⚠️Requires manual configuration in Claude Desktop's `claude_desktop_config.json`.
Verified SafeView Analysis
The server uses `subprocess.run` to execute `ffmpeg` for video frame extraction. While `ffmpeg` is a standard and generally robust tool, processing external video URLs with it can theoretically expose the system to vulnerabilities if a maliciously crafted video file exploits a flaw in `ffmpeg`. The code itself does not show immediate signs of code injection or hardcoded secrets, and API keys are loaded from environment variables. Network requests are handled by `httpx` with timeouts.
Updated: 2025-11-30GitHub
0
0
High Cost
firda0802 icon
Sec9

An AI-powered platform for generating and managing various types of documents, presentations, spreadsheets, creative content (ebooks, stories), and multimedia (images, videos, voiceovers), integrated with chat capabilities.

Setup Requirements

  • ⚠️Requires a Google Gemini API Key (via Lovable AI Gateway)
  • ⚠️Requires an ElevenLabs API Key for voice generation
  • ⚠️Requires a Firebase Project setup (API Key, Auth Domain, Project ID, etc.)
  • ⚠️Requires a Supabase Project setup (URL, Publishable Key, Service Role Key, Database Schema, RPC functions)
  • ⚠️Requires a Stripe account and API keys for subscription management and payments
  • ⚠️Requires a Resend API Key for transactional emails
  • ⚠️Supabase Edge Functions run on Deno, requiring Deno for local development/testing of functions.
Verified SafeView Analysis
The project demonstrates strong security practices by utilizing environment variables for all sensitive API keys and secrets, robust Firebase authentication for user management, and Supabase Edge Functions as an authenticated API gateway. Client-side input is sanitized (e.g., HTML content via DOMPurify). Server-side rate limiting and usage checks are implemented to prevent abuse. No obvious malicious patterns or unsafe `eval` usage were detected. The primary area for external risk is the reliance on third-party APIs (Gemini/Lovable, ElevenLabs, Stripe, Resend), whose security postures are beyond the direct control of this application.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Digital-Defiance icon

mcp-recording

by Digital-Defiance

Sec1

Provides recording and playback functionality for an MCP server, likely integrated within a larger AI capabilities suite.

Review RequiredView Analysis
Security cannot be assessed as only the README.md file was provided as 'SOURCE CODE'. Without access to the actual server implementation files, it's impossible to check for critical vulnerabilities such as 'eval' usage, obfuscation, network risks, hardcoded secrets, or malicious patterns. Therefore, it is considered highly unsafe to run without a full code audit.
Updated: 2025-12-04GitHub
0
0
Medium Cost
Rodr116 icon
Sec9

This MCP server provides AI assistants with direct access to the Gentleman Programming Book for reading, searching, and understanding software architecture concepts.

Setup Requirements

  • ⚠️Requires the 'Gentleman Programming Book' repository to be cloned locally, and the 'BOOK_PATH' environment variable correctly set to its 'src/data/book' directory.
  • ⚠️Semantic search requires either a paid OpenAI API key (set as 'OPENAI_API_KEY') or a locally running Ollama server with the 'nomic-embed-text' embedding model (free, local).
  • ⚠️Requires Go 1.21 or superior to compile from source.
Verified SafeView Analysis
The server handles file system access by reading MDX book files from a configurable 'BOOK_PATH'. This path is set via an environment variable, which requires the user to ensure it points to a trusted location. API keys (OpenAI) and Ollama URLs are also configured via environment variables, which is good practice. There are no apparent 'eval' statements, command injection vulnerabilities, or malicious patterns found in the provided source code. External network calls are made to OpenAI or Ollama for embeddings, which are standard for such functionality.
Updated: 2026-01-19GitHub
0
0
Low Cost
mmcdermott-ashleyne icon

fde_sql_mcp

by mmcdermott-ashleyne

Sec9

Provides an MCP server for programmatically interacting with on-prem SQL Server instances using Windows authentication, offering tools to enumerate database objects.

Setup Requirements

  • ⚠️Python 3.10+ required.
  • ⚠️ODBC Driver 17 or 18 for SQL Server must be installed on the host.
  • ⚠️The account running the server requires Windows authentication permissions to the target SQL Server instance.
  • ⚠️SQL Server host address must be configured via 'fde_sql_mcp.config.json' or 'SQL_SERVER_HOST' environment variable.
Verified SafeView Analysis
The server relies on Windows authentication (Trusted_Connection=yes) and explicitly externalizes SQL Server connection details to 'fde_sql_mcp.config.json' or environment variables, avoiding hardcoded secrets. All SQL queries used by the tools are fixed strings targeting system views ('sys.databases', 'sys.tables', etc.), which inherently mitigates SQL injection risks. The 'pyodbc' library is a standard and secure choice for database connectivity. 'TrustServerCertificate' is configurable. No 'eval' or obfuscation found.
Updated: 2026-01-16GitHub
0
0
High Cost
Lewis-R-L icon

gpt-mcp-server

by Lewis-R-L

Sec2

An MCP server integrating with italki's API to provide language learning services, including teacher recommendations, language/country metadata, and personal calendar events, with an optional OAuth 2.0 authentication provider.

Setup Requirements

  • ⚠️Weak Password Hashing: The mock OAuth provider uses SHA256 for password hashing, which is insecure for production use.
  • ⚠️Access Token Logging: When `LOG_REQUEST_RESPONSE=true`, the full Authorization header (including access tokens) is logged to console, posing a severe security risk.
  • ⚠️Non-persistent Data in Serverless: The embedded NeDB database (`OAUTH_DB_PATH=/tmp/db` on Vercel) and in-memory MCP sessions are not persistent across serverless function invocations or server restarts, making the mock OAuth provider unsuitable for production.
Review RequiredView Analysis
CRITICAL ISSUES: 1. Weak Password Hashing: The mock OAuth provider (NeDBUsersStore) uses SHA256 for password hashing, which is not cryptographically secure for user credentials in production environments and is highly susceptible to brute-force and rainbow table attacks. The code acknowledges this is 'for demo purposes' but it's a severe vulnerability if used. 2. Access Token Logging: When `LOG_REQUEST_RESPONSE` environment variable is set to `true`, the full `Authorization` header (including sensitive access tokens) is explicitly logged in plaintext to the console (main.ts, `oauthHeaders.authorization` in access log middleware). This is a severe security risk as access tokens grant access to user data and should never be logged. 3. Wildcard CORS for Admin API: The admin API (admin-server.ts) uses `Access-Control-Allow-Origin: *` (wildcard CORS). While the local version runs on a separate port, the Vercel deployment integrates it into the main app. Exposing an administrative interface with such permissive CORS without strong authentication and origin checks is a high security risk. OTHER ISSUES: - Non-persistent Data in Serverless: The in-memory MCP sessions and the NeDB database (when `OAUTH_DB_PATH` points to `/tmp/db` on Vercel) are not persistent across serverless function invocations or server restarts, leading to data loss for OAuth clients, users, and sessions. This is a functional limitation, not a direct security flaw in the code logic itself, but impacts the reliability and security posture of the OAuth provider in a production serverless environment.
Updated: 2025-12-22GitHub
0
0
Medium Cost
HenFaibishProjects icon

mcp-gitpower-server

by HenFaibishProjects

Sec9

This server acts as a Model Context Protocol (MCP) tool provider, allowing an agent to list GitHub repositories for a specified organization or user.

Setup Requirements

  • ⚠️Requires a GitHub Personal Access Token (GITHUB_TOKEN) with sufficient permissions (e.g., 'repo' scope for private repos, or public_repo for public ones).
  • ⚠️Requires a GitHub organization or username (GITHUB_ORG) to be specified.
  • ⚠️Requires Node.js (version 18 or higher is recommended based on dependencies).
Verified SafeView Analysis
The code correctly loads GitHub credentials from environment variables, avoiding hardcoded secrets. It utilizes a well-known SDK (@octokit/rest) for GitHub interactions. The application's core logic for handling tool calls appears straightforward and free from obvious malicious patterns or 'eval' usage. Input validation is handled by the MCP SDK's schemas (ListToolsRequestSchema, CallToolRequestSchema). The main security concern would be ensuring the GITHUB_TOKEN has appropriate, least-privilege scopes.
Updated: 2025-12-01GitHub
0
0
Medium Cost
jordanlixu icon

eth-mcp-server

by jordanlixu

Sec9

Provides Ethereum-related tooling like balance queries, token price lookup, and Uniswap swap simulation for AI agents via a Model Context Protocol (MCP) interface.

Setup Requirements

  • ⚠️Requires numerous environment variables (`INFURA_URL`, `WALLET_ADDRESS`, `USDC`, `BTC`, `WETH`, `UNI`, `BETH`, `UNISWAP_V2_ROUTER`), which must be set to valid Sepolia testnet addresses or URLs.
  • ⚠️The `rmcp` Rust SDK is pulled directly from a GitHub `main` branch, which might introduce stability concerns compared to a released version and requires `git` tooling.
  • ⚠️Relies on an Ethereum RPC provider (e.g., Infura) which will incur costs based on usage.
Verified SafeView Analysis
The server explicitly states that it does NOT execute real transactions; swap functionality uses `eth_call` for safe simulation only, significantly reducing financial risk. There are no indications of 'eval', obfuscation, or hardcoded sensitive secrets. Environment variables are used for RPC URLs and contract addresses. The use of `.unwrap()` in some places can lead to panics on unexpected errors or invalid input, which is a robustness concern but not a direct security vulnerability in terms of arbitrary code execution.
Updated: 2025-11-19GitHub
0
0
Low Cost
SunmaiLee icon
Sec8

Boilerplate for creating Model Context Protocol (MCP) servers with integrated AI capabilities (e.g., image generation, code review prompts) using TypeScript and Hugging Face.

Setup Requirements

  • ⚠️Requires a Hugging Face API token (`hfToken`) for the image generation tool.
  • ⚠️Requires `npm install` and `npm run build` (or `npx smithery build`) for setup and compilation from TypeScript to JavaScript.
  • ⚠️Built using the Smithery framework, which expects a `createServer` function as the default export in `src/index.ts`.
Verified SafeView Analysis
Hugging Face API token (hfToken) is explicitly required via configuration, preventing hardcoding. Input validation for tools is enforced using Zod schemas, which helps mitigate common input-related vulnerabilities. The server makes external API calls to Hugging Face for image generation, introducing a dependency on that service's security. The 'code_review' tool generates an LLM prompt but does not execute code itself; any execution risk lies with the client's LLM environment.
Updated: 2025-11-27GitHub
0
0
Low Cost
tonyfruzza icon

vice-mcp-server

by tonyfruzza

Sec7

Provides AI assistants with debugging and control capabilities for the VICE C64 emulator.

Setup Requirements

  • ⚠️Requires Python 3.7+.
  • ⚠️Requires VICE C64 emulator running with the '-remotemonitor' flag enabled.
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop) for interaction.
Verified SafeView Analysis
The server connects to a local VICE emulator's remote monitor interface, reducing network exposure. It includes a `send_monitor_command` tool which allows arbitrary commands to be sent to the emulator. While this grants significant control over the emulated environment, it does not directly expose the host system to arbitrary command execution. No 'eval' or obvious hardcoded secrets were found.
Updated: 2025-12-15GitHub
PreviousPage 280 of 713Next