Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
LinkedInLearning icon
Sec5

Educational repository for learning to integrate external development tools with GitHub Copilot using the MCP protocol.

Setup Requirements

  • ⚠️Requires Visual Studio Code with GitHub Copilot
  • ⚠️Requires Node.js
Review RequiredView Analysis
No server source code was provided for analysis. The repository contains only documentation (README, CONTRIBUTING.md) which do not inherently pose security risks related to server execution. A proper security audit of the MCP Server would require access to its actual implementation files.
Updated: 2026-01-05GitHub
0
0
Medium Cost
hitoshura25 icon

mcp-server-generator

by hitoshura25

Sec9

Generates production-ready Model Context Protocol (MCP) servers with a dual-mode architecture (MCP and CLI), acting as a meta-generator for AI agents to create other MCP servers.

Setup Requirements

  • ⚠️Requires Python >=3.10
  • ⚠️Requires 'uv' to be installed for the recommended 'uvx' installation method
  • ⚠️Requires Git to be configured (user.name/email) for 'AUTO' package prefix detection
Verified SafeView Analysis
The project is highly security-conscious, actively identifying and warning against high-risk patterns like code execution, file operations, and credential handling within tool definitions. It includes input sanitization to prevent template injection and provides detailed security guidelines (SECURITY.md) with secure coding patterns, rate limiting, audit logging, and sensitive data redaction examples. No obvious malicious patterns or hardcoded critical secrets were found in the generator's core logic. The primary risk lies in how users implement the generated tool's business logic, for which the project provides extensive guidance and utility functions.
Updated: 2025-11-21GitHub
0
0
High Cost
mateusluizfb icon
Sec1

Analyzes JVM bytecode from specified classes to identify performance optimizations and suggest improvements.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) to be installed and 'javap' command accessible in PATH.
  • ⚠️User must manually compile JVM language projects (e.g., Java, Kotlin, Clojure) to generate .class files before analysis.
  • ⚠️Requires an MCP client/environment for invocation and communication (e.g., VSCode with MCP extension).
Review RequiredView Analysis
CRITICAL: The server uses `child_process.execSync` to run `find` and `javap` commands, directly embedding user-provided `cwd` and `className` into the shell command string. This is a severe command injection vulnerability, allowing an attacker to execute arbitrary shell commands on the system where the server is running. For example, a malicious `className` like `'; rm -rf /'` could be catastrophic. This is highly unsafe.
Updated: 2025-11-26GitHub
0
0
High Cost
jayhemnani9910 icon

offline-ai

by jayhemnani9910

Sec7

Provides a local filesystem interface (list directory, read file, search) for AI coding agents to interact with the workspace.

Setup Requirements

  • ⚠️Requires the 'mcp' Python package to be installed (`pip install mcp`).
  • ⚠️Requires Ollama to be running locally on port 11434.
  • ⚠️Requires sourcing `~/.ai_profile` to set up environment variables and aliases for the workspace and Ollama.
Verified SafeView Analysis
The server uses standard input/output (stdio) for communication, which reduces network exposure risks. It does not contain 'eval' or obvious obfuscation. However, the 'list_dir', 'read_file', and 'grep' functions take 'path' as an argument directly from the AI agent. This means a malicious or unconstrained agent could potentially read or list any file on the system (e.g., '/etc/passwd') if the MCP client (like Continue) does not implement path sanitization or sandboxing at a higher level. Additionally, the 'grep' function's regex pattern, also provided by the agent, could potentially be crafted for a Regular Expression Denial of Service (ReDoS) attack, causing performance issues on large files.
Updated: 2025-12-13GitHub
0
0
Medium Cost
bsim0927 icon
Sec4

Enables LLMs to interact with the TexasSolver console poker solver for game theory analysis through structured parameters.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️Requires the TexasSolver console_solver binary (v0.2.0 or compatible) to be installed locally and executable.
  • ⚠️The `TEXAS_SOLVER_PATH` environment variable must be set to the absolute path of the TexasSolver binary.
Review RequiredView Analysis
The `load_range` tool and the range handling in `run_solver` and `build_game_tree_config` allow an LLM or malicious user to specify an absolute path for range files (e.g., `/etc/passwd`). The server will then read the content of this file and include it in the `range_string` in its response, which is a significant arbitrary file read vulnerability. Although the server communicates via stdio, this vulnerability allows sensitive local files to be disclosed. Other aspects like using `child_process.spawn` (instead of `exec`) and extensive input validation are positive, but the file read vulnerability is critical.
Updated: 2025-12-22GitHub
0
0
Medium Cost
granerodev icon

balizamcp

by granerodev

Sec9

Provides real-time information about active V16 emergency beacons in Spain to LLMs and other consumers.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Requires configuration in a compatible MCP client like Claude Desktop.
Verified SafeView Analysis
The server fetches data from a trusted official source (DGT) over HTTPS. It uses internal caching and processes input parameters for filtering data safely, without direct injection into system commands or databases. XML parsing is done via regex, which extracts data but does not execute it. No apparent hardcoded secrets or malicious patterns were found. Relies on the security of the @modelcontextprotocol/sdk.
Updated: 2026-01-18GitHub
0
0
Low Cost
BlockRunAI icon
Sec5

A curated directory/list of Model Context Protocol (MCP) servers for marketing, growth, and analytics integrations.

Verified SafeView Analysis
The provided content consists solely of README.md and CONTRIBUTING.md files. This repository ('awesome-marketing-mcp') is a documentation project listing other MCP servers, not an executable server itself. Therefore, a security audit for server-side vulnerabilities (e.g., 'eval', obfuscation, network risks, hardcoded secrets) cannot be performed on this repository as it does not contain server source code. The markdown files themselves are safe to read.
Updated: 2026-01-17GitHub
0
0
Low Cost
GHjiejie icon

mcp-server

by GHjiejie

Sec2

This MCP server provides a structured environment for AI models to access predefined tools, dynamic resources, and reusable prompt templates for various software development tasks.

Setup Requirements

  • ⚠️Requires Node.js and npm to be installed.
  • ⚠️The `MCP_FILE_RESOURCES_DIR` environment variable MUST be set, as the default path is hardcoded to a developer's specific local directory, posing a security and functionality risk.
  • ⚠️Integration with Claude Desktop requires manual configuration in `claude_desktop_config.json`.
Review RequiredView Analysis
CRITICAL: The server is vulnerable to path traversal attacks due to insufficient sanitization of user-provided URI paths in `src/server/services/fileResourceService.ts`. An attacker could potentially read arbitrary files on the server's filesystem by crafting malicious `file://` URIs. Additionally, the `DEFAULT_RESOURCE_DIR` is hardcoded to a specific local user path (`/Users/jie/Documents/Github/my-mcp-server/resources`), which is a significant information leakage risk and poor practice for deployment if not explicitly overridden by `MCP_FILE_RESOURCES_DIR`.
Updated: 2025-11-30GitHub
0
0
Medium Cost
u9401066 icon

medical-calc-mcp

by u9401066

Sec6

Provides a Model Context Protocol (MCP) server that offers a comprehensive suite of 90+ validated medical calculators for AI agents, facilitating diagnostic, prognostic, and treatment decisions by exposing them as discoverable and executable tools.

Setup Requirements

  • ⚠️Default security features (rate limiting, API key authentication) are DISABLED by default. Explicitly enable them via environment variables (`SECURITY_AUTH_ENABLED`, `SECURITY_API_KEYS`, `SECURITY_RATE_LIMIT_ENABLED`) for secure remote deployment.
  • ⚠️Requires Python 3.11+.
  • ⚠️For HTTP/SSE transport modes, `uvicorn` is required, which is usually installed with the project's dependencies.
Review RequiredView Analysis
The project includes a robust `SecurityMiddleware` for rate limiting and API key authentication. However, these critical security features are **disabled by default**. Running the server in network-exposed modes (`--mode sse` or `--mode http`, which defaults to binding on `0.0.0.0`) without explicitly enabling authentication and rate limiting (`SECURITY_AUTH_ENABLED=true`, `SECURITY_API_KEYS=your-key`, `SECURITY_RATE_LIMIT_ENABLED=true`) poses a significant risk of unauthorized access and abuse. On the positive side, logging is designed to be PHI-free, and API key comparisons use constant-time operations.
Updated: 2026-01-08GitHub
0
0
Medium Cost
stayce icon
Sec9

Provides an MCP interface for AI agents to access, search, and browse the WHO International Classification of Functioning, Disability and Health (ICF) data.

Setup Requirements

  • ⚠️Requires WHO ICD-API credentials (free registration at https://icd.who.int/icdapi)
  • ⚠️Requires Python 3.11+
  • ⚠️Local installation (`pip install -e .`) is needed after cloning the repository.
Verified SafeView Analysis
The server securely handles API credentials via environment variables, preventing hardcoding. It uses `httpx` for asynchronous HTTP requests to the legitimate WHO API. No `eval`, `exec`, or direct shell command usage was found. The FastMCP server uses STDIO transport, which is generally safe for local agent communication and does not inherently expose public network ports.
Updated: 2026-01-16GitHub
0
0
Low Cost
JohnnyB90 icon
Sec5

Provides a desktop application for managing connections to MCP servers.

Review RequiredView Analysis
Source code was not provided for analysis beyond the README. As a desktop application managing server connections, it inherently has the potential to handle sensitive credentials or connection details. Without access to the actual code, it is impossible to audit for specific risks like 'eval' usage, obfuscation, hardcoded secrets, or malicious network patterns. The score reflects a neutral stance due to the lack of code visibility.
Updated: 2025-12-09GitHub
0
0
Low Cost
ossdhaval icon
Sec8

Serves as a Model Context Protocol (MCP) adapter for an Employee Management backend API, exposing employee operations and data as MCP tools and resources.

Setup Requirements

  • ⚠️Requires a Java Runtime Environment (JRE) to execute.
  • ⚠️Requires the project to be built into a JAR file (e.g., `target/mcp-backend-server-1.0.0.jar`).
  • ⚠️Requires an external Employee Management backend API to be running and accessible via the `BACKEND_API_URL`.
Verified SafeView Analysis
The server uses environment variables for backend API URL, authentication tokens, and API keys, which is good practice to avoid hardcoded secrets. There are no obvious 'eval' or direct system command executions. Input validation for resource IDs relies on `Integer.parseInt`, which is generally safe when used for in-memory filtering, but could be problematic if directly used in database queries without further sanitization (not the case here). Error messages from backend API calls may expose some internal details, which is a minor information leakage risk.
Updated: 2025-11-25GitHub
PreviousPage 289 of 713Next