Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
demeyerthom icon

graphql-mcp-server

by demeyerthom

Sec3

This server exposes GraphQL operations as callable tools for the Model Context Protocol (MCP), allowing AI agents or other systems to interact with a GraphQL endpoint.

Setup Requirements

  • ⚠️Requires a `config.yaml` file to be present in the execution directory or a path to it configured, specifying `schema_endpoint`, `transport` type/port, `introspection`/`generic_operation` enablement, headers, and a `tools.dir`.
  • ⚠️Requires a directory (`tools.dir`) containing GraphQL operation definitions (`.graphql` files) for additional tools.
  • ⚠️The generic operation tool (if enabled) presents a significant security vulnerability by allowing arbitrary GraphQL operations to be executed without validation.
Review RequiredView Analysis
The `BuildGenericOperationTool` (enabled by `generic_operation.enabled` in config) directly executes arbitrary GraphQL operation strings provided via the `operation` parameter of the `mcp.CallToolRequest` using `GraphqlClient.ExecRaw`. This constitutes a significant security risk, as it allows for GraphQL injection, enabling any client capable of calling this tool to execute arbitrary queries or mutations on the backend GraphQL schema endpoint. There are no apparent sanitization or validation steps for this input. Without strict control over the callers of this tool, it could be exploited for data exfiltration, unauthorized mutations, or denial-of-service against the GraphQL endpoint.
Updated: 2025-12-06GitHub
0
0
Medium Cost
cloudsteak icon

dora-mcp-server

by cloudsteak

Sec2

Provides a server implementation for a Multi-Client Protocol (MCP), likely for managing multiple client connections or game interactions.

Review RequiredView Analysis
A comprehensive security audit cannot be performed as only the `README.md` file was provided as source code. No functional code was available to check for dangerous patterns like 'eval', hardcoded secrets, network vulnerabilities, or malicious patterns. Running this project without reviewing its actual source code is highly risky.
Updated: 2025-12-02GitHub
0
0
High Cost
n1s0-c icon
Sec9

Manages and queries Datadog observability data including incidents, monitors, logs, dashboards, metrics, traces, RUM, and hosts, for AI agents.

Setup Requirements

  • ⚠️Requires `DATADOG_API_KEY` environment variable.
  • ⚠️Requires `DATADOG_APP_KEY` environment variable.
  • ⚠️The number of tokens returned by list operations (e.g., logs, traces, RUM events) can be very high, potentially leading to increased LLM token costs.
Verified SafeView Analysis
The server correctly requires API keys to be set as environment variables, preventing hardcoded secrets. It utilizes the official `@datadog/datadog-api-client` library for most API interactions, ensuring standard security practices for API communication. Custom HTTP client functions (`datadogGet`, `datadogPost`) are used for LLM Observability, which also correctly use environment variables for authentication. There are no obvious signs of 'eval', code obfuscation, or other malicious patterns. Logging is directed to stderr, avoiding interference with stdio communication. The prompt states the server is 'community-maintained' and 'not officially affiliated with... Datadog, Inc.' which is a good disclaimer for users, but doesn't impact the code's security practices.
Updated: 2026-01-19GitHub
0
0
Medium Cost
tomoharu-hayashi icon

mcp-server-brain

by tomoharu-hayashi

Sec8

Provides a 'long-term memory' knowledge base for AI agents, enabling them to learn from experience and avoid repeating past failures by storing, retrieving, and updating knowledge.

Setup Requirements

  • ⚠️Requires Git and the knowledge directory must be a Git repository with a configured 'origin' remote.
  • ⚠️Full notification and UI editing features (sounds, dialogs, VS Code integration) are primarily designed for macOS.
  • ⚠️Requires Python 3.13.
Verified SafeView Analysis
The server uses `pickle.load` for caching embeddings, which can be a security risk if the cache file (`.index_cache.pkl`) is tampered with by an attacker. However, the cache is stored locally within a Git-managed knowledge directory, reducing external exposure, and its validity is checked via a content hash of source files. Input validation for knowledge names (`kebab-case`) prevents path traversal. `subprocess` calls for UI/CLI tools (e.g., `osascript`, `git`, `code`) are handled with input escaping or controlled paths.
Updated: 2025-12-11GitHub
0
0
High Cost
tesfandiari1 icon

graphiti-mcp-server

by tesfandiari1

Sec8

Knowledge graph memory and query service for AI agents, capable of storing and retrieving episodic and factual information to enhance agent capabilities.

Setup Requirements

  • ⚠️Requires an OpenAI API Key (or other supported LLM API key), which may incur costs due to heavy LLM usage for entity extraction and embeddings.
  • ⚠️Requires Docker and Docker Compose for the recommended simplified deployment.
  • ⚠️Requires Python 3.10 or higher for local development.
  • ⚠️An external graph database (FalkorDB or Neo4j) is mandatory; it is either bundled in a combined Docker image or run as a separate container.
Verified SafeView Analysis
Sensitive information like API keys and database credentials are sourced from environment variables, which is a good practice. The server utilizes transport security settings including DNS rebinding protection and allowed hosts/origins for network access. Minor concern: example Docker Compose files provide default, weak database passwords, which should be explicitly overridden with strong secrets in production environments.
Updated: 2025-12-14GitHub
0
0
Low Cost
CyprianFusi icon

mcp-chess-server

by CyprianFusi

Sec9

Provides Chess.com player profile and statistics integration for AI assistants like Claude via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Python >= 3.13
  • ⚠️Integration with Claude Desktop requires specific JSON configuration in the Claude Desktop config file.
Verified SafeView Analysis
The server makes HTTP GET requests to the public Chess.com API, which does not require an API key. Requests include a 10-second timeout and robust error handling. No hardcoded secrets, 'eval' usage, or obvious malicious patterns were found. The 'player_name' parameter is directly inserted into the URL path, which is generally safe for GET requests and unlikely to lead to injection vulnerabilities.
Updated: 2025-12-07GitHub
0
0
Medium Cost
poad icon
Sec9

A Hono wrapper library for building and deploying Model Context Protocol (MCP) servers on AWS Lambda, including an example implementation with AWS CDK for deployment.

Setup Requirements

  • ⚠️Requires an AWS account and AWS CDK CLI configured for deployment of the example server.
  • ⚠️Requires Node.js (v18+) and pnpm package manager to be installed.
  • ⚠️Familiarity with the Model Context Protocol (MCP) SDK is necessary to define custom tools and resources for the server.
Verified SafeView Analysis
The project demonstrates strong security awareness. It explicitly prohibits hardcoding authentication details, recommends using environment variables or AWS Secrets Manager, enforces input validation with Zod, and suggests output escaping to prevent XSS. It also includes `pnpm audit --fix` in its update script for dependency vulnerability scanning and adheres to the principle of least privilege for AWS IAM roles. No `eval` or obvious malicious patterns were found in the provided source code. Logging is handled via `@aws-lambda-powertools/logger`, which is a recommended practice for AWS Lambda.
Updated: 2026-01-18GitHub
0
0
High Cost
Emanskiez icon
Sec7

A Model Context Protocol (MCP) server that provides RAG-powered digital twin assistant functionality using Upstash Vector and Groq, answering questions about a professional profile.

Setup Requirements

  • ⚠️Requires Node.js 18+ or 20+
  • ⚠️Requires pnpm as the package manager
  • ⚠️Requires an Upstash Vector database with data populated via `populate-db.ts` before first use
  • ⚠️Requires Groq API key
  • ⚠️Requires a `.env.local` file with `UPSTASH_VECTOR_REST_URL`, `UPSTASH_VECTOR_REST_TOKEN`, `GROQ_API_KEY` (and `GMAIL_USER`, `GMAIL_APP_PASSWORD` for the email feature)
Verified SafeView Analysis
The core RAG and MCP server logic (`mcp-server.ts`, `lib/rag.ts`) uses environment variables for API keys and includes input validation, mitigating common risks. However, the `app/api/send-email/route.ts` endpoint directly embeds user-provided `name`, `contact`, and `message` into an HTML email body without explicit sanitization, posing a potential Cross-Site Scripting (XSS) vulnerability for the email recipient. The `populate-db.ts` script contains `index.reset()`, which could wipe the database if executed carelessly.
Updated: 2025-12-02GitHub
0
0
Low Cost
alejandroclaro icon

technical-analysis-mcp

by alejandroclaro

Sec9

Provides a microservice for fetching comprehensive technical and descriptive financial data for stocks and cryptocurrencies using free sources.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️Requires 'uv' for dependency management and execution
  • ⚠️Requires internet access for real-time data fetching
Verified SafeView Analysis
The server relies on 'yfinance' for data fetching, a widely used, unofficial API wrapper. The parsing logic robustly handles dictionary access with explicit type and existence checks, returning structured error objects for invalid inputs. There are no 'eval' or hardcoded secrets found in the provided source. The mentioned 'cache and local database' are not explicitly implemented in the provided truncated code, so specific risks related to them cannot be assessed, but if custom, they would need further review for injection/access control.
Updated: 2026-01-18GitHub
0
0
Low Cost
jonmatum icon
Sec7

Demonstrates a dual-interface architecture for a Todo application, allowing interaction via a traditional web app and an AI interface (MCP server) powered by shared business logic.

Setup Requirements

  • ⚠️Requires Docker to be installed and running.
  • ⚠️Requires manual configuration in Kiro CLI's `mcp_config.json` to connect to the MCP server.
  • ⚠️The Python backend and MCP server are developed with Python 3.11.
Verified SafeView Analysis
The server uses hardcoded 'test' AWS credentials for DynamoDB local, which would be a critical vulnerability if deployed to a real AWS environment without being replaced. The FastAPI backend has a permissive CORS policy (`allow_origins=["*"]`), which is unsafe for production deployment. No obvious `eval()` or direct command injection vulnerabilities were found in the application logic itself. These issues are acceptable for a local demo but require careful remediation for production.
Updated: 2025-12-14GitHub
0
0
Medium Cost
Akatama icon
Sec9

Exposes tools for an MCP-compatible client to search a books database by author or title via an external API.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer
  • ⚠️Relies on the availability and responsiveness of the external Books API ('https://booksapi-webapp.azurewebsites.net')
Verified SafeView Analysis
No direct security vulnerabilities found in the provided source code (no 'eval', hardcoded secrets, or malicious patterns). It acts as a proxy to an external Books API. Input sanitization ('.strip()') is applied before passing values to the external API paths/query parameters. Relies on the security and availability of the external API ('booksapi-webapp.azurewebsites.net').
Updated: 2025-12-14GitHub
0
0
High Cost
bivex icon

ILSpy-Mcp

by bivex

Sec9

Provides .NET assembly decompilation and analysis capabilities to developer tools via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires .NET 8.0 SDK to build and run.
  • ⚠️Requires a compatible IDE (e.g., Cursor) with MCP support for full integration.
  • ⚠️Manual editing of the IDE's MCP configuration file (e.g., .cursor/mcp.json) is necessary for setup.
Verified SafeView Analysis
The server design emphasizes security: all operations are read-only, assembly paths and inputs are validated, operations are timeout-protected to prevent resource exhaustion, and error messages are sanitized to avoid leaking sensitive information. There are no indications of 'eval', obfuscation, hardcoded secrets, or malicious network patterns. It relies on environment variables or appsettings.json for configuration, allowing secrets to be managed externally.
Updated: 2025-12-08GitHub
PreviousPage 284 of 713Next