Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
quintindk icon
Sec7

Provides an MCP server and CLI tool to download images and draw.io diagrams from Confluence pages for AI assistants or standalone use.

Setup Requirements

  • ⚠️Requires a Confluence instance URL and a Personal Access Token with read permissions.
  • ⚠️Python 3 and `pip` dependencies are required for local installation.
  • ⚠️Docker is recommended for easy deployment, requiring volume mounts for downloaded files to persist on the host.
Verified SafeView Analysis
The tool can download files to arbitrary absolute paths specified by the user or an AI agent, potentially allowing writes to sensitive system locations if the process has broad filesystem permissions. While the `resolve_output_path` function attempts to contain relative paths to a mounted `/output` directory within Docker, it explicitly returns absolute paths unmodified. `CONFLUENCE_PERSONAL_TOKEN` is a critical secret, correctly handled via environment variables but its security depends on the runtime environment. No 'eval' or obfuscation detected.
Updated: 2025-11-27GitHub
0
0
Medium Cost
RycnCDL icon
Sec8

Provides a Model Context Protocol (MCP) server for Microsoft Sentinel to enable natural language SOC operations and multi-tenant security management through Python and PowerShell tools.

Setup Requirements

  • ⚠️Requires Python 3.10+ and PowerShell 7+ installed locally.
  • ⚠️Requires an Azure Service Principal with specific RBAC roles (e.g., Microsoft Sentinel Reader, Log Analytics Reader) configured in environment variables.
  • ⚠️Requires the SentinelManager.ps1 PowerShell script to be manually downloaded and its path configured via an environment variable (`SENTINEL_MANAGER_SCRIPT`).
  • ⚠️Claude Desktop integration requires manual editing of a JSON configuration file with custom paths and environment variables, which can be error-prone (e.g., Windows path escaping).
Verified SafeView Analysis
The server uses a PowerShell Bridge to execute local and remote scripts, which is a powerful capability. While the implementation includes whitelisting of PowerShell functions and parameter sanitization to mitigate command injection risks, the underlying `subprocess.run` and `pypsrp` for remote execution carry inherent risks if the environment is not properly secured. Remote PowerShell execution with `pypsrp` by default disables certificate validation (`cert_validation=False`), which is noted as a development/test setting and should be set to `True` in production. Sensitive credentials are managed via environment variables, which is a good practice, and explicit warnings against hardcoding them are present.
Updated: 2025-11-29GitHub
0
0
Medium Cost
DCode-v05 icon

MCP-Server-Client

by DCode-v05

Sec5

An advanced AI assistant enabling natural language interaction (reading, analyzing, modifying) with local Excel spreadsheets via Google Gemini and the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Google Gemini API Key (paid, usage-based).
  • ⚠️Requires Node.js and npm for frontend setup.
  • ⚠️Excel files must be manually placed in the `excel_data/` directory for the LLM to access them.
Review RequiredView Analysis
The FastAPI backend configures CORS with `allow_origins=['*']`, which is a critical security vulnerability for any deployment exposed to the internet, allowing arbitrary domains to make cross-origin requests. Although the LLM's file operations are sandboxed to the `excel_data/` directory (preventing directory traversal), this broad CORS policy could enable an unauthenticated attacker to make requests that control the LLM's tool calls, potentially leading to unauthorized modification or deletion of Excel data within the allowed directory. No explicit `eval()` or code obfuscation found.
Updated: 2026-01-03GitHub
0
0
Medium Cost
littlebearapps icon

mcp-audit

by littlebearapps

Sec9

Tracking and analysis of MCP tool usage and token costs across multiple AI coding platforms (Claude Code, Codex CLI, Gemini CLI), with a programmatic MCP server for real-time metrics, optimization recommendations, and configuration analysis.

Setup Requirements

  • ⚠️Requires `pip install token-audit[server]` for MCP server functionality.
  • ⚠️Gemma tokenizer download requires `pip install huggingface_hub`, and may involve HuggingFace token/license acceptance or GitHub API rate limits.
  • ⚠️Python < 3.11 may require `pip install toml` for TOML configuration file support.
Verified SafeView Analysis
The project demonstrates strong security awareness. It includes explicit path validation (`validate_config_path`) to restrict file access to known, safe directories, preventing path traversal. Credential detection (`credential_detector.py`) is implemented, and sensitive values are redacted in output. External calls to `git` are for metadata collection, captured, and not executed, limiting risk. Tarball extraction for the Gemma tokenizer includes `_validate_tarball_member` to prevent path traversal attacks. The MCP server interfaces sanitize inputs and outputs. The main risks are contained by robust internal controls.
Updated: 2025-12-30GitHub
0
0
Low Cost
pranavkrishna-sn icon

TESTING-FS

by pranavkrishna-sn

Sec8

A boilerplate or framework for developing modular web applications with distinct backend API and frontend UI components.

Setup Requirements

  • ⚠️Requires a Python environment with FastAPI, SQLAlchemy, and Pydantic for the backend.
  • ⚠️Requires a Node.js/npm/yarn environment for the React frontend.
  • ⚠️Requires a database (e.g., SQLite, PostgreSQL) for SQLAlchemy models to persist data.
Verified SafeView Analysis
The provided code snippets are mostly boilerplate and do not contain obvious 'eval' statements, hardcoded secrets, or malicious patterns. The frontend uses a placeholder `baseURL: 'https://api.example.com'` which would need secure configuration in a production environment. SQL models use SQLAlchemy, which generally prevents SQL injection when used correctly.
Updated: 2026-01-13GitHub
0
0
Low Cost
pulkitdabur icon

MCP-Server

by pulkitdabur

Sec6

A server for exposing local tool APIs via the Model Context Protocol (MCP) to be consumed by AI/ML clients or agents.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️For the 'MCP-demo', the 'add_tool.py' (Tool API) must be run in a separate process before starting 'mcp_server.py'.
  • ⚠️The server binds to '0.0.0.0', requiring network awareness.
Verified SafeView Analysis
The 'Templatized-MCP-Server' dynamically loads Python functions from modules defined in a YAML configuration file. While the provided YAML refers to internal project functions, this dynamic loading pattern (`import_module`, `getattr`) can introduce a significant security risk if the configuration file or module paths could be influenced by untrusted input, potentially leading to arbitrary code execution. The 'MCP-demo' implementation is less prone to this specific risk as the tool is explicitly defined. Both servers bind to '0.0.0.0', making them accessible from all network interfaces, which should be secured in a production environment.
Updated: 2025-12-06GitHub
0
0
Medium Cost
aranej icon
Sec8

An MCP server enabling AI language models to interact with YouTube content, providing tools for video information retrieval, transcript management, channel data, playlist management, and basic content manipulation.

Setup Requirements

  • ⚠️Requires `YOUTUBE_API_KEY` environment variable for most functionality.
  • ⚠️Requires `YOUTUBE_OAUTH_CLIENT_ID` and `YOUTUBE_OAUTH_CLIENT_SECRET` environment variables for write operations (e.g., creating/modifying playlists).
  • ⚠️Full YouTube API setup (Google Cloud project, YouTube Data API v3 enabled, API key, and OAuth credentials) is necessary.
Verified SafeView Analysis
The server uses environment variables for YouTube API keys and OAuth client secrets, and stores OAuth tokens in a local file (`youtube-mcp-token.json` in user's home directory), which are standard practices. A local HTTP server is started on `localhost:8888` for the OAuth callback flow; this is generally safe for local use. No code obfuscation, 'eval' usage, or obvious malicious patterns were found. Security relies on proper management of API keys/secrets and host system file permissions for stored tokens.
Updated: 2025-12-25GitHub
0
0
High Cost
Vibe-Code-Agent icon

github-review

by Vibe-Code-Agent

Sec7

An MCP server for comprehensive GitHub Pull Request review, code analysis, and security issue detection.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️A GitHub Personal Access Token (GITHUB_TOKEN) with repository access is required, but this token is unlikely to work for GitHub Copilot API calls, causing AI analysis features to fail as implemented.
  • ⚠️The AI analysis relies on GitHub Copilot API, which may incur costs and requires proper authentication not directly provided by a standard GITHUB_TOKEN.
Verified SafeView Analysis
The server correctly uses environment variables for the GITHUB_TOKEN, which is good practice. No 'eval' or direct code execution vulnerabilities from user input were found. However, there is a significant functional flaw in `src/services/CodeAnalyzer.ts`: it attempts to authenticate with `https://api.githubcopilot.com` using the `GITHUB_TOKEN` which is intended for the standard GitHub API. GitHub Personal Access Tokens (PATs) are generally not valid for GitHub Copilot's API, meaning the core AI-powered analysis features will likely fail unless a different, compatible authentication method is manually configured or the code is modified. This is not a direct security vulnerability of the server's code, but a critical functional bug regarding authentication for a key feature. Additionally, if the AI generates malicious or incorrect recommendations, applying them to the codebase could introduce risks, though the server itself only generates comments and does not automatically apply fixes.
Updated: 2025-12-08GitHub
0
0
Low Cost
eiabhiram icon
Sec9

Checks the health status of a specific local API endpoint (GET localhost:8080/api/ticket).

Setup Requirements

  • ⚠️Requires Node.js 18+
  • ⚠️An API server must be running on `http://localhost:8080` with a `/api/ticket` endpoint.
Verified SafeView Analysis
The server targets a fixed local endpoint (localhost:8080/api/ticket) and does not contain `eval`, hardcoded secrets, or external network calls to untrusted domains. Input parameters for the tool are empty, further reducing injection risks. The primary risk is the trustworthiness of the `localhost:8080/api/ticket` endpoint itself, which is outside this server's control.
Updated: 2025-11-28GitHub
0
0
Low Cost
mikeybizzzle icon

prompt-library-app

by mikeybizzzle

Sec8

A personal AI prompt database with multiple access methods including a Web UI, Desktop App, CLI, and integration with Claude Code via its Model Context Protocol (MCP) for managing, searching, and creating prompts.

Setup Requirements

  • ⚠️Requires pnpm for building and managing workspaces.
  • ⚠️Requires local Node.js environment (>=20.0.0) with the MCP server built locally, and its exact path needs to be configured in Claude Code settings.
  • ⚠️Optional GitHub sync feature requires a configured GitHub repository and a personal access token (GITHUB_TOKEN) for authentication.
Verified SafeView Analysis
The server uses a local SQLite database, which limits direct external data exposure. Input validation for API routes and MCP tools is handled using Zod schemas, a good practice for data integrity and preventing injection. GitHub synchronization, while using external credentials (GITHUB_TOKEN), includes validation for the repository path to prevent arbitrary file system access. The GITHUB_TOKEN itself needs to be securely managed by the user, and its exposure depends on environment variable configuration or UI setup, not on hardcoding within the server logic. No 'eval' or obvious obfuscation was found in the provided code snippets. The MCP server itself acts as an intermediary, processing requests for local data, not directly making calls to external AI models.
Updated: 2025-12-02GitHub
0
0
Medium Cost
EmmyrtGame icon
Sec3

Provides a multi-tenant AI tool server for dental clinics, integrating WhatsApp communication, Google Calendar scheduling, CRM functionalities, and Meta CAPI marketing events to automate patient interactions and business operations.

Setup Requirements

  • ⚠️Requires Google Service Account JSON, Meta Pixel ID/Access Token, and Wassenger API Key/Device ID configured per client.
  • ⚠️Database setup is mandatory via Prisma: `npx prisma db push` and initial admin user seeding `npx ts-node src/db/seed.ts`.
  • ⚠️A strong `ENCRYPTION_KEY` environment variable is critical for securing sensitive client data. The system warns if it's missing or invalid.
Review RequiredView Analysis
The server has critical security vulnerabilities. The `JWT_SECRET` used for admin authentication defaults to a hardcoded 'dev-secret' if the environment variable is not set. Additionally, the `src/db/seed.ts` script creates a default 'admin' user with a hardcoded password ('TempPassword123!'). Both issues are severe and pose a significant risk if deployed without manual intervention to change these defaults. Sensitive client API keys (Meta, Wassenger) and Google Service Account credentials are encrypted using an `ENCRYPTION_KEY` which is loaded from an environment variable, which is good practice.
Updated: 2026-01-09GitHub
0
0
High Cost
NorceTech icon

commerce-agent-sdk

by NorceTech

Sec9

Provides an AI-powered conversational shopping assistant as a backend-for-frontend (BFF) that integrates with Norce Commerce and can be embedded in webshop UIs.

Setup Requirements

  • ⚠️Requires Node.js 20 or higher.
  • ⚠️Requires an OpenAI API Key (typically a paid service).
  • ⚠️Requires integration with Norce Commerce platform (specific API URL, Client ID, Client Secret, OAuth Scope).
  • ⚠️Optionally requires a Redis instance for session management (`REDIS_URL` environment variable if `SESSION_STORE` is set to 'redis').
  • ⚠️If 'Simple Auth' is enabled, `SIMPLE_AUTH_JWT_SECRET` (or deprecated `DEMO_JWT_SECRET`) must be at least 32 characters long.
Verified SafeView Analysis
The project demonstrates strong security practices for a reference implementation. It explicitly avoids hardcoding secrets, uses environment variables for sensitive data (.env.example as a template). It implements request body validation (Zod) and message length/token estimation limits to prevent abuse (413 errors). Rate limiting is in place for demo auth endpoints. OAuth credentials are handled server-side (NorceTokenProvider) and never exposed to the client. The 'Simple Auth' mechanism is clearly marked as not for production and has basic JWT signing/verification. Error responses (ErrorEnvelope) are designed to be frontend-safe, redacting sensitive information. CORS is explicitly configured. No 'eval' or similar dangerous patterns were observed. Overall, it is well-structured for security for its stated purpose.
Updated: 2026-01-19GitHub
PreviousPage 288 of 713Next