Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
bryankaufman icon

mcp-healthcare-servers

by bryankaufman

Sec8

Provides medical-specific Model Context Protocol servers for FHIR, PubMed, Apple Mail, and GraphRAG Protocol integration.

Setup Requirements

  • ⚠️Requires Node.js and/or Python development environments (polyglot project)
  • ⚠️Server-specific run commands and configurations are documented within individual server directories, implying a multi-component setup
Review RequiredView Analysis
Analysis based on provided documentation only. Documentation outlines strong security practices, HIPAA compliance, and the use of environment variables for sensitive configuration. No 'eval', obfuscation, hardcoded secrets, or malicious patterns were found in the provided documentation files. The actual server implementation code was not available for inspection.
Updated: 2025-11-22GitHub
0
0
High Cost
monamaret icon
Sec9

Converts PDF datasheets and documents into structured Markdown, extracts images, detects diagrams, and generates PlantUML for integration with AI coding assistants via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Go 1.21+ (if building from source)
  • ⚠️Requires specific configuration for `PDF_INPUT_DIR` and `OUTPUT_BASE_DIR` (via .env file or environment variables)
  • ⚠️Primarily designed for integration with AI assistants via Model Context Protocol (MCP); not a standalone application for general user interaction without specific MCP client tooling.
Verified SafeView Analysis
The server uses standard I/O for communication (stdio transport) and relies on robust Go libraries for PDF parsing and image processing. Path handling for input and output directories utilizes `filepath.Clean` and `filepath.Join`, mitigating simple path traversal vulnerabilities. Resource limits for image processing are in place to prevent memory exhaustion. There is no direct execution of arbitrary commands or `eval`-like patterns observed. Configuration is loaded from environment variables, which is a secure practice, provided the environment variables themselves are managed securely during deployment. The primary security risk would come from misconfiguring `PDF_INPUT_DIR` or `OUTPUT_BASE_DIR` to sensitive file system locations.
Updated: 2025-11-28GitHub
0
0
Medium Cost

42crunch-mcp-server

by poguuniverse

Sec7

A Model Context Protocol (MCP) server that enables AI assistants to interact with the 42crunch API security platform.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Requires 42crunch account and API token (external service)
  • ⚠️Requires LLM API Key for UI functionality (e.g., OpenAI, Claude, Gemini)
Verified SafeView Analysis
The server connects to a third-party API security platform using a sensitive API token. If exposed publicly without proper authentication, it could lead to unauthorized access to API security data. The project structure and documentation appear standard for a Python web service.
Updated: 2025-11-19GitHub
0
0
Medium Cost
bhaskar9298 icon
Sec9

Manages and tracks personal expenses, allowing users to add, list, and summarize financial transactions.

Setup Requirements

  • ⚠️Data stored in a temporary directory, meaning expense records will not persist across restarts of the server or system reboots.
  • ⚠️Requires Python 3.11 or newer.
Verified SafeView Analysis
The server uses parameterized SQL queries, mitigating SQL injection risks. No obvious hardcoded secrets, 'eval' usage, or obfuscation were found. The database is stored in a temporary directory, which is not a security vulnerability but an operational concern regarding data persistence. The use of a broad 'except Exception as e' could hide specific errors, but for an agent-facing tool, it provides general error messages.
Updated: 2025-11-27GitHub
0
0
Medium Cost
satishk01 icon
Sec4

Proxies AWS Q CLI calls to AWS Labs MCP servers, automatically tracing interactions to Langfuse for observability and cost analysis.

Setup Requirements

  • ⚠️Requires `uvx` to be installed and available in the PATH.
  • ⚠️Requires a correctly configured AWS environment (credentials, region, profile) for accessing AWS services.
  • ⚠️Requires Langfuse API keys (`LANGFUSE_PUBLIC_KEY`, `LANGFUSE_SECRET_KEY`) and host (`LANGFUSE_HOST`) for tracing.
  • ⚠️Python 3.7+ and required packages (`mcp`, `langfuse`, `python-dotenv`, `fastmcp`) must be installed.
Review RequiredView Analysis
The server's primary function involves executing external MCP server packages (`awslabs.*-mcp-server@latest`) via `uvx`. Using `@latest` versions of external packages without explicit version pinning or content hashing introduces a significant supply chain security risk, as a compromise of an upstream package could lead to arbitrary code execution. No hardcoded secrets were found, and environment variables are used for sensitive configurations.
Updated: 2025-11-24GitHub
0
0
Medium Cost
soumyajindal07 icon

RemoteMCPServer

by soumyajindal07

Sec9

Provides an HTTP API for programmatic web searching using the Tavily search engine.

Setup Requirements

  • ⚠️Requires a Tavily API Key (TAVILY_API_KEY) configured in the environment or .env file (Tavily is a paid service).
  • ⚠️Requires Python 3.x and installation of 'fastmcp', 'python-dotenv', and 'langchain-community' packages.
Verified SafeView Analysis
The code uses environment variables for API keys, preventing hardcoded secrets. No 'eval' or direct arbitrary code execution functions were found. The server binds to '0.0.0.0', which is standard for a publicly accessible service but requires proper firewalling and access control in production environments.
Updated: 2025-11-26GitHub
0
0
Medium Cost
BanShan-Alec icon
Sec9

Generates professional Markdown reports of GitLab user activity, integrating with AI assistants via Model Context Protocol.

Setup Requirements

  • ⚠️Requires GitLab Access Token with 'read_user' or 'api' permissions.
  • ⚠️Requires Node.js 18.19.0 or higher.
Verified SafeView Analysis
The server loads GitLab API keys from environment variables, which is a standard and recommended practice. Input dates are validated with regex to prevent injection attacks. Outbound network requests to GitLab are rate-limited and have a 5-second timeout. Local caching uses LowDB and is cleared if the access token changes, enhancing data isolation. No 'eval' or similar dangerous functions are evident in the provided code.
Updated: 2025-12-03GitHub
0
0
Medium Cost
illustris icon

nix-mcp

by illustris

Sec7

A Model Context Protocol (MCP) server for interacting with Nix build, evaluation, and search functionalities.

Setup Requirements

  • ⚠️Requires Nix CLI to be installed and configured on the host system.
  • ⚠️Requires Python 3 to run the server script.
  • ⚠️Requires a compatible MCP client (e.g., Claude Desktop) to connect and utilize the tools.
Verified SafeView Analysis
The server wraps Nix CLI commands using `subprocess.run` with a list of arguments, which generally mitigates common shell injection risks. There are no explicit uses of Python's `eval()` or obfuscation. The primary security consideration is that the server directly exposes powerful Nix functionalities (like building, evaluating, and searching) to an LLM. While `extra_args` allows for flexible command line additions, it is appended as separate arguments to the Nix command, making direct shell injection difficult. However, a malicious or poorly instructed LLM could potentially pass Nix-specific arguments or expressions that lead to resource exhaustion, information leakage, or unwanted system modifications through Nix itself, rather than a flaw in the server's code. Logs are written to `/tmp` which can aid auditing.
Updated: 2026-01-18GitHub
0
0
Low Cost
movias-eu icon

School_MCP

by movias-eu

Sec8

Provides a Model Context Protocol (MCP) server for querying school vacation calendars across Belgium, Netherlands, and Luxembourg for 2019-2028.

Setup Requirements

  • ⚠️Requires Docker for containerized deployment or LibreChat integration.
  • ⚠️Requires `MCP_AUTH_TOKEN` environment variable for production authentication.
  • ⚠️Relies on a local `kalender 2019_2028.csv` file for its data source.
Verified SafeView Analysis
The server implements token-based authentication via the `MCP_AUTH_TOKEN` environment variable, which is crucial for production. Authentication is explicitly disabled if the token is not set (development mode). Audit logging is present for all MCP requests. While it does not implement the full OAuth 2.0 specification mentioned in the MCP 2025-06-18 spec, it provides a functional token-based security layer. CORS is enabled by default and should be restricted for production deployments. No `eval` statements, obfuscation, or hardcoded sensitive secrets were found in the provided source code. The project's documentation (README, UPGRADE_SUMMARY.md, MCP_COMPLIANCE.md) is commendably transparent about its security stance and recommendations for production.
Updated: 2025-11-26GitHub
0
0
Low Cost
kyagoshi icon

pgmcp

by kyagoshi

Sec9

The server provides introspection capabilities for PostgreSQL databases, allowing users to list tables, retrieve schema details, get index information, discover foreign keys, and generate Mermaid-formatted Entity-Relationship diagrams.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires the 'uv' package manager (specifically 'uvx' for installation/running).
  • ⚠️Requires access to a PostgreSQL database, with connection details (host, port, database name, user, password) provided via environment variables.
Verified SafeView Analysis
The server explicitly establishes all database connections as read-only (`conn.set_session(readonly=True)`), preventing any write operations (INSERT, UPDATE, DELETE, CREATE). All SQL queries use parameterized statements (`%s`), effectively mitigating SQL injection risks. Database credentials are securely loaded from environment variables, not hardcoded. The project also incorporates a `pip-audit` workflow to scan for dependency vulnerabilities.
Updated: 2025-12-29GitHub
0
0
Medium Cost
eh24905-wiz icon

jira-mcp

by eh24905-wiz

Sec9

Enables AI assistants to interact with Jira for issue management, progress tracking, and team activity monitoring through a standardized Model Context Protocol interface.

Setup Requirements

  • ⚠️Requires a Jira Cloud Account with API access enabled.
  • ⚠️Requires a Jira API Token to be generated and configured.
  • ⚠️Requires setting critical environment variables (JIRA_BASE_URL, JIRA_USER_EMAIL, JIRA_API_TOKEN) for authentication and access.
Verified SafeView Analysis
The server securely handles sensitive Jira API credentials by requiring them to be set as environment variables, preventing hardcoding. It uses Zod for input schema validation and implements specific type handling and conversion (e.g., for Jira's Atlassian Document Format) when updating fields, which helps prevent injection attacks. There are no indications of 'eval' or direct arbitrary command execution. While JQL injection is a theoretical risk for Jira's API itself (e.g., crafting queries to retrieve excessive data), the server mitigates this with `maxResults` limits and doesn't translate it into server-side code execution.
Updated: 2025-12-15GitHub
0
0
High Cost
b9b4ymiN icon

myMCPserver

by b9b4ymiN

Sec3

Provides professional-grade financial analysis tools for stock valuation, investment decision-making, and portfolio management, integrating real-time data from Thai stock markets.

Setup Requirements

  • ⚠️Requires Node.js 18+ runtime environment.
  • ⚠️Relies on an external SET Watch API (`SET_WATCH_API_HOST`) for Thai stock data, which may require specific authentication or have usage limits (default host is provided, but reliability/access unclear).
  • ⚠️The exposed file system tools (`delete_file`, `write_file`) necessitate robust sandboxing or highly constrained AI agent permissions to prevent accidental or malicious system-level damage.
Review RequiredView Analysis
The server exposes powerful file system manipulation tools (read, write, delete, list, search files) through `src/tools/fileSystemTools.ts`. Specifically, `delete_file` with recursive capability poses a critical risk for data loss or system compromise if the server is exposed without stringent sandboxing or if an unconstrained AI agent misuses these tools. `path.resolve` allows operations relative to the server's working directory. While API keys are handled via environment variables, the direct file system access makes it highly vulnerable if not deployed in a strictly isolated and controlled environment.
Updated: 2026-01-17GitHub
PreviousPage 287 of 713Next