Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
yellnuts icon

mcp-mem0

by yellnuts

Sec8

Manages long-term memory for AI agents using Mem0, serving as an MCP server template.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher based on `pyproject.toml`.
  • ⚠️Needs configuration for an LLM provider (e.g., OpenAI, Ollama) requiring API keys (potentially paid) or a running local server.
  • ⚠️Requires a Supabase vector store, necessitating a `DATABASE_URL` connection string and a Supabase account.
Verified SafeView Analysis
The server uses environment variables for API keys and database connection strings, which is a good practice. It leverages the `mem0ai` library to abstract memory operations, thus not directly exposing raw database queries or LLM calls that could be vulnerable to injection without proper sanitization by the library. No explicit `eval` or malicious patterns are found in the provided source. The default `user_id` is hardcoded to 'user', which limits multi-agent isolation by default but isn't a direct security vulnerability in terms of server-side malicious behavior.
Updated: 2025-12-15GitHub
0
0
Low Cost
faustofuertes icon

kommo-mcp-server

by faustofuertes

Sec8

Automate Kommo CRM lead management for AI agents using the Model Context Protocol, enabling actions like moving leads, pausing agents, and adding notes.

Setup Requirements

  • ⚠️Requires a Kommo CRM account and a long-duration API token with appropriate scopes (crm, files, notifications).
  • ⚠️Designed for deployment on Cloudflare Workers and utilizes Cloudflare Durable Objects for state management, not a generic Node.js environment.
  • ⚠️Primarily intended for integration within the Laburen.com AI agent ecosystem, implying specific client-side expectations for interaction.
Verified SafeView Analysis
The server dynamically receives Kommo authentication tokens and subdomain via HTTP headers or environment variables. While this offers flexibility for multi-account support, it shifts the responsibility for securing these sensitive credentials to the calling client and the underlying Cloudflare Workers infrastructure. No hardcoded secrets were found in the provided source code, nor any direct 'eval' or malicious patterns. Error handling prevents exposing raw stack traces. The security relies heavily on the secure deployment context (e.g., TLS, proper access controls for the Cloudflare Worker endpoints).
Updated: 2025-12-15GitHub
0
0
Medium Cost
rifkimaulana05 icon

onemcp

by rifkimaulana05

Sec8

Connects APIs to AI models using the Model Context Protocol (MCP), generating and caching execution plans for natural-language prompts to ensure accurate, cost-efficient, and high-performance API interaction for AI agents.

Setup Requirements

  • ⚠️Requires an OpenAI, Anthropic, or Google Gemini API Key (paid service) for LLM-based features.
  • ⚠️Requires Java 21 and Apache Maven installed if running natively and building from source.
  • ⚠️Requires a running ArangoDB instance (or Docker to run it) as the default graph database, with a default root password of 'test123' for local setups.
Verified SafeView Analysis
The core Java application utilizes standard libraries for JSON parsing and network requests, avoiding direct 'eval' or dangerous runtime execution from untrusted input. Secrets (like API keys) are configured via environment variables or external configuration, a good practice. However, the default ArangoDB root password of 'test123' in local development scripts and Docker entrypoint presents a significant security risk if not changed in production deployments. The Docker 'entrypoint.sh' allows execution of arbitrary commands passed to the container, which is standard Docker behavior but could be misused in an uncontrolled environment.
Updated: 2026-01-19GitHub
0
0
Low Cost
KeerthiChavla83vandana icon

MCP_Server_filesystem

by KeerthiChavla83vandana

Sec1

A server application for an unknown purpose related to 'MCP', likely for hosting or backend services.

Review RequiredView Analysis
Source code was not provided for analysis. Therefore, a comprehensive security audit could not be performed, and the server is assumed to be unsafe without inspection.
Updated: 2025-11-24GitHub
0
0
Medium Cost
prequired icon
Sec7

An AI-powered system for conversational discovery and generation of production-ready frontend projects using a defined architectural framework like Next.js, Tailwind CSS, and shadcn/ui.

Setup Requirements

  • ⚠️Node.js >= 18.0.0 is required.
  • ⚠️Requires `npm run build` to compile TypeScript to JavaScript before starting the server.
  • ⚠️Relies on `@modelcontextprotocol/sdk` for communication over standard input/output (stdio), meaning it expects an orchestrator to communicate via this transport.
Verified SafeView Analysis
The `generate_project` tool allows specifying an `outputPath` for file system writes. If this path is directly controlled by untrusted user input without validation, it could lead to directory traversal vulnerabilities, overwriting arbitrary files, or exhausting disk space on the host system. The generated code itself, influenced by discovery answers, could theoretically introduce client-side vulnerabilities (e.g., XSS) if content is not properly sanitized, though the server itself does not execute this generated code.
Updated: 2025-12-03GitHub
0
0
Low Cost
dominiquekossi icon
Sec8

Tracks and manages LLM API costs across multiple providers, offering budget alerts, detailed analytics, and an optional REST API microservice.

Setup Requirements

  • ⚠️For production use, 'InMemoryStorage' should be replaced with a persistent storage provider (e.g., JSON, SQLite, Redis, etc.) as data is lost on server restart.
  • ⚠️The /budget.status endpoint currently returns the overall budget status, not a namespace-specific one, even if a namespace query parameter is passed.
Verified SafeView Analysis
The server includes input validation for most API endpoints, which is a good practice. Generic error responses (`details: err.message`) could potentially expose sensitive internal error details in a production environment, requiring careful handling or a more abstract error message layer. The BudgetManager's 'getStatus' endpoint currently does not support namespace filtering even when a namespace query parameter is provided to the MCPServer, which is a functional limitation that could lead to data interpretation issues in a multi-tenant setup, but not a direct security flaw.
Updated: 2025-11-20GitHub
0
0
Low Cost
sadjad-chrono icon

mcp-learning

by sadjad-chrono

Sec7

This MCP server provides a simple arithmetic 'add' tool for AI assistants like Claude, enabling them to perform basic addition operations locally.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️Requires manual modification of the Claude Desktop configuration file (`claude_desktop_config.json`).
  • ⚠️Local usage via built package requires specifying an absolute path to the `dist/mcpserver/index.js` file.
Verified SafeView Analysis
The core functionality in `src/mcpserver/index.ts` (the 'add' tool) is simple and appears safe, using Zod for input validation and not involving file system access or dynamic code evaluation. However, the `package.json` includes `puppeteer` and `robotjs` as dependencies. These are powerful libraries capable of browser automation and desktop control (mouse, keyboard). While they are not currently utilized in the provided `index.ts`, their presence in a project described as providing 'arithmetic tools' introduces a potential risk for future, unaudited tool implementations or if a vulnerability were found that could leverage these high-privilege dependencies.
Updated: 2025-12-01GitHub
0
0
Low Cost
cocolizh icon

mcp-demo-repo

by cocolizh

Sec1

The specific use case cannot be determined as no source code was provided for analysis.

Review RequiredView Analysis
CRITICAL: No source code was provided for analysis, making a security audit impossible. Therefore, a security score of 1 is assigned as safety cannot be verified.
Updated: 2025-11-20GitHub
0
0
Low Cost
freakynit icon

snippets-mcp

by freakynit

Sec8

An MCP server for storing, searching, and managing code snippets using AI-powered semantic search and traditional keyword matching.

Setup Requirements

  • ⚠️Requires Node.js and npm installed to run via npx.
  • ⚠️First run will download a ~80MB AI model (`all-MiniLM-L6-v2`) locally, requiring internet access and disk space.
Verified SafeView Analysis
The server stores data in a local JSON file (configurable path), limiting external database exposure. It uses `@xenova/transformers` for local AI model inference, avoiding external AI API calls. No obvious hardcoded secrets or direct 'eval' usage were found. The primary risks involve the permissions granted to the MCP server process (as it has file system write access) and the integrity of the downloaded AI models and npm packages. The input validation using Zod helps prevent malformed inputs.
Updated: 2025-12-01GitHub
0
0
Medium Cost
tingyiy icon
Sec9

Enables LLM agents to automate tasks and interact with Atlassian Jira and Confluence Cloud.

Setup Requirements

  • ⚠️Requires an Atlassian account with an API Token.
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️The JIRA_URL environment variable must specifically point to the Jira Cloud REST API v3 endpoint (e.g., `https://your-domain.atlassian.net/rest/api/3`).
  • ⚠️All required environment variables (ATLASSIAN_USERNAME, ATLASSIAN_API_KEY, JIRA_URL, CONFLUENCE_URL) must be configured in a `.env` file or passed to the server process.
Verified SafeView Analysis
Uses environment variables for sensitive credentials (ATLASSIAN_USERNAME, ATLASSIAN_API_KEY) and httpx for secure asynchronous HTTP requests over HTTPS. No direct use of 'eval', 'exec', or system shell commands (e.g., 'subprocess') was identified in the provided source code. JQL/CQL queries are passed directly to Atlassian APIs; therefore, the security of these queries relies on the Atlassian API's validation and the LLM agent's adherence to safe query construction, rather than server-side sanitization. Attachment downloads fetch content from URLs provided by the respective Atlassian APIs, mitigating direct URL injection risks.
Updated: 2026-01-19GitHub
0
0
Medium Cost
dalianuyou icon

remote-mcpserver

by dalianuyou

Sec6

An AI chatbot application that utilizes the Model Context Protocol (MCP) to interact with multiple external services (MCP servers), specifically for retrieving and managing research paper information from arXiv and potentially accessing a filesystem and other web resources.

Setup Requirements

  • ⚠️Requires ANTHROPIC_API_KEY (Paid service) to be set in a .env file.
  • ⚠️Requires Node.js and npm/npx installed for the 'filesystem' MCP server.
  • ⚠️Requires 'uv' (Python package installer/runner) installed globally or in path to run Python components and other MCP servers.
Review RequiredView Analysis
The primary `Research_MCPServer.py` code is reasonably secure, avoiding direct code injection vulnerabilities. However, the client (`Chatbot_MultiMCPClient.py`) launches other MCP servers specified in `server_config.json` using `npx` and `uvx`. This means the overall security is dependent on the trustworthiness and security of these external packages (`@modelcontextprotocol/server-filesystem`, `mcp-server-fetch`). The `filesystem` server, in particular, could expose broad filesystem access to the LLM (via tool calls) if not carefully contained, posing a risk of unauthorized file operations or data leakage in sensitive directories. The `search_papers` tool creates directories and writes JSON files based on LLM-provided topics, which could lead to excessive disk usage or unintended file creation if the LLM is jailbroken, though the path sanitization helps prevent directory traversal.
Updated: 2025-12-14GitHub
0
0
High Cost
jatingodnani icon

mcp-server

by jatingodnani

Sec3

Provides browser automation capabilities for AI agents using Playwright for tasks like navigation, data extraction, interaction, and custom JavaScript execution.

Setup Requirements

  • ⚠️Requires Playwright Chromium browser to be installed separately via `npx playwright install chromium` after `npm install`.
  • ⚠️The server must be configured with an absolute path to its `dist/index.js` file when integrating with an MCP client (e.g., Claude).
Review RequiredView Analysis
The `evaluate` tool allows arbitrary JavaScript code to be executed via `eval()` in the browser context. This is a significant security risk, as a malicious prompt could trick the AI agent into executing harmful code on the currently navigated website, potentially leading to cross-site scripting (XSS), data exfiltration, or other browser-based attacks. While intended for AI agents, direct `eval` makes it highly vulnerable to prompt injection or compromised AI logic.
Updated: 2025-11-22GitHub
PreviousPage 282 of 713Next