Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
obsidianempire icon

sample-mcp-server

by obsidianempire

Sec7

A Model Context Protocol (MCP) server for integrating with Salesforce AgentForce to provide intelligent banking service assistance.

Setup Requirements

  • ⚠️Requires Python 3.8+ and pip.
  • ⚠️Salesforce Developer Edition org is crucial for primary integration use case.
  • ⚠️Mobius service and its API credentials (MOBIUS_SERVER, MOBIUS_PORT, MOBIUS_REPOSITORY_ID) are required for the `/askme` endpoint, along with potential SSL certificate configuration.
  • ⚠️Running in MCP mode (`MCP_SERVER_MODE=mcp`) requires the `fastmcp` package, which is an optional dependency.
Verified SafeView Analysis
The server's HTTP mode defaults to permissive CORS (allow_origins=['*']), which should be restricted in production. While it supports external authentication (e.g., Salesforce Named Credentials, API Keys), the server itself does not enforce authentication by default for most of its REST API endpoints, relying on external gateways or explicit middleware setup. The `/askme` endpoint acts as a proxy, handling Mobius credentials via HTTP Basic Auth. While certificate handling is implemented for Mobius SSL, proxying sensitive data requires careful security considerations for both the proxy and the upstream service. Temporary file handling for SSL certificates is present, requiring explicit cleanup.
Updated: 2025-12-11GitHub
0
0
Low Cost
SaherElMasry icon

go-mcp-framework

by SaherElMasry

Sec9

Provides a production-ready framework for building Model Context Protocol (MCP) servers in Go, offering real-time streaming via Server-Sent Events (SSE), multiple transports, and built-in observability and security features.

Setup Requirements

  • ⚠️Requires Go development environment (Go 1.18+)
  • ⚠️Default `Access-Control-Allow-Origin: *` in HTTP transport needs to be configured for production security
  • ⚠️Backends (e.g., filesystem, custom APIs) require specific configuration parameters.
Verified SafeView Analysis
The framework includes robust security features, particularly for filesystem operations, such as path traversal prevention, workspace sandboxing, file size limits, and extension filtering. Concurrency is controlled via semaphores to prevent resource exhaustion. Configuration supports environment variable expansion, which is good for secrets management but means sensitivity to the execution environment. The default CORS policy in examples is `"*"` (allow all origins), which is generally unsafe for production and requires explicit configuration.
Updated: 2026-01-17GitHub
0
0
Medium Cost
kaichiachen icon
Sec8

Connects AI assistants to Home Assistant, enabling AI agents to control and query smart home entities and services.

Setup Requirements

  • ⚠️Requires a running Home Assistant instance.
  • ⚠️A Home Assistant Long-Lived Access Token (HA_TOKEN) is mandatory and must be kept secure.
  • ⚠️Requires Python 3.13+ for local development/running outside Docker. The Docker image handles this automatically.
  • ⚠️Network access to port 8000 on the host running the server is required for MCP clients to connect.
Verified SafeView Analysis
Secrets (HA_TOKEN, HA_URL) are configured via environment variables or Home Assistant add-on options, not hardcoded. The server's functionality relies on a Home Assistant long-lived access token, which grants broad control over the HA instance; its security is paramount. The server uses `json.loads` for parsing input parameters to service calls, which is generally safe for data but could be a vector for vulnerabilities if Home Assistant services themselves are susceptible to specially crafted JSON. Network access to the MCP server on port 8000 should be restricted to trusted clients. No `eval` or `exec` found. The code handles common HTTP errors robustly.
Updated: 2026-01-17GitHub
0
0
Low Cost
C45h888 icon

888.MCP

by C45h888

Sec9

High-speed Redis-based pub/sub message bus and central nervous system for an agentic trading system, handling market data, sentiment, and trading signals.

Setup Requirements

  • ⚠️Requires a running Redis instance for operation (local or external).
  • ⚠️An `MCP_API_KEY` is mandatory for all authenticated endpoints in production mode (`MCP_DEV=false`); API keys must be managed securely via provided admin endpoints.
  • ⚠️Full functionality for historical data archiving and retrieval (`/tool/retrieve`) depends on S3 configuration (`S3_DATA_BUCKET`, `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`). Without these, retrieval endpoints will return `501 Not Implemented`.
  • ⚠️The optional RAG endpoint (`/tool/search_rag`) requires specific environment variables (`VECTOR_DB_TYPE`, `VECTOR_DB_URL`, `VECTOR_DB_API_KEY`) to connect to an external vector database. It defaults to a mock engine for development.
Verified SafeView Analysis
The MCP Server demonstrates a robust security posture, incorporating multi-key API authentication with granular role-based access control (RBAC), SHA256 hashing for API keys, and triple-tier rate limiting (IP, per-key, and per-endpoint) to mitigate various attack vectors including DoS and brute force. Comprehensive input validation (Pydantic and JSON Schema) prevents data injection, and structured JSON logging with secret sanitization ensures no sensitive information is leaked. HTTPS enforcement (via Render.com), proper security headers, and least-privilege IAM policies for S3 (with encryption and versioning) further harden the system. A clearly defined development mode (`MCP_DEV=true`) bypasses authentication, but its use is explicitly flagged for non-production environments. Administrative endpoints for key management are strictly secured with admin-only permissions. The RAG endpoint (Phase 6) has been specifically remediated to comply with these strong security standards.
Updated: 2025-12-13GitHub
0
0
Medium Cost
andriyshevchenko icon

Essential-MCP-Servers

by andriyshevchenko

Sec7

Provides a reference configuration and baseline for connecting AI clients to various external tools and services via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js and npm/npx installed to run the example servers.
  • ⚠️Requires an EXA_API_KEY for the Exa MCP server, which typically involves a third-party service and potential costs.
Verified SafeView Analysis
The repository itself (README.md) does not contain explicit vulnerabilities like hardcoded secrets or 'eval'. However, it describes and provides example configurations for running external `npx` packages (e.g., `@playwright/mcp`, `exa-mcp-server`), which inherently introduces supply chain risks as trust is placed in those third-party packages. The nature of some described MCP servers (e.g., remote Python code execution, local filesystem and desktop actions) implies significant security implications for the *runtime environment* if not properly sandboxed or managed by the end-user. API keys (e.g., EXA_API_KEY) are explicitly handled as environment variables, which is a good security practice.
Updated: 2026-01-19GitHub
0
0
High Cost
LibraxisAI icon

rmcp_memex

by LibraxisAI

Sec7

Lightweight Model Context Protocol (MCP) server providing local Retrieval-Augmented Generation (RAG) capabilities with embedded vector store and local/remote embeddings.

Setup Requirements

  • ⚠️Requires Rust toolchain with Cargo (stable)
  • ⚠️Requires protobuf compiler to be installed for build dependencies
  • ⚠️MLX HTTP server is an optional external dependency if not using fastembed fallback
Verified SafeView Analysis
The `rag_index` function accepts a `path` argument, allowing a client to specify arbitrary local file paths for indexing. If the server is exposed to untrusted input or runs with elevated privileges, this could lead to information disclosure by indexing sensitive files. Additionally, LanceDB filter predicates are constructed with manual string sanitization (`replace('\'', "''")`), which, while present, always carries a higher risk compared to parameterized queries for preventing injection vulnerabilities.
Updated: 2026-01-11GitHub
0
0
Low Cost
Sanjayvk98 icon
Sec9

This server provides a local API for managing and summarizing personal expense entries.

Setup Requirements

  • ⚠️Python 3.12+ required
  • ⚠️Requires 'fastmcp' dependency to be installed
  • ⚠️Requires write access to a temporary directory for the SQLite database
Verified SafeView Analysis
The server uses parameterized SQL queries, effectively preventing SQL injection. No hardcoded secrets or dangerous functions like 'eval' or 'exec' are present. The SQLite database is created in a temporary directory, which ensures write access but could theoretically be accessed by other processes on the same system in a multi-user environment, although this is a minor concern for a typical local expense tracker. The file access for categories is limited to a local JSON file within the application directory.
Updated: 2025-12-14GitHub
0
0
Medium Cost
frankpunx icon
Sec4

Provides AI-powered search capabilities for a Minecraft Proxy/Server, enabling natural language queries within the Minecraft environment.

Setup Requirements

  • ⚠️Requires an AI API Key (e.g., OpenAI, Google Gemini, Anthropic), which may incur costs.
  • ⚠️Requires a running Minecraft Proxy/Server (MCP) instance to connect to.
  • ⚠️Specific AI model (e.g., OpenAI GPT-3.5/4, custom embedding model) and its dependencies will be required, but are unspecified.
Review RequiredView Analysis
No source code or detailed README was provided for analysis. As a server application, it inherently faces network security risks. Without code review, critical aspects such as input validation, authentication, authorization, and the presence of hardcoded secrets or dangerous patterns (`eval`, obfuscation) cannot be verified. Running any server application without a thorough code audit is inherently risky.
Updated: 2025-12-16GitHub
0
0
Low Cost
William-Ger icon
Sec8

Provides comprehensive Bible study tools, verse lookup, search, chapter reading, and devotional content generation capabilities for AI assistants.

Setup Requirements

  • ⚠️Requires a deployed instance of the FastMCP server, accessible via a public SSE URL (e.g., on Railway), as indicated by the usage example.
  • ⚠️Requires Node.js and `npx` for the `mcp-remote` client to connect the server to Claude Desktop.
  • ⚠️The server itself requires Python 3.x and the `requests` library (`pip install requests`) if run locally rather than deployed.
Verified SafeView Analysis
The server uses the `requests` library to interact with `https://bible-api.com/`. No 'eval' or obvious code injection vulnerabilities are present in the provided source code. Input parameters are passed to the external API, and standard URL encoding by the `requests` library mitigates common injection risks on the server side. The primary security consideration would be the reliability and security of the `bible-api.com` itself, which is outside the scope of this server's code. No hardcoded secrets or sensitive credentials were found.
Updated: 2026-01-17GitHub
0
0
Low Cost
jeffaf icon
Sec8

The server provides a Model Context Protocol (MCP) interface for basic calculator tools, deployable on Cloudflare Workers without authentication for AI agents.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment.
  • ⚠️The server is 'authless' by design; deployers must implement external authentication (e.g., Cloudflare Access) if private access is needed.
  • ⚠️Local development with client applications like Cloudflare AI Playground or Claude Desktop requires specific configuration to point to 'localhost:8787/sse' or a deployed URL.
Verified SafeView Analysis
The source code itself (src/index.ts) is simple, implementing basic arithmetic operations without direct user input execution (e.g., no 'eval'). It uses Zod for input schema validation, enhancing input safety. The core functionality relies on `@modelcontextprotocol/sdk`, a standard library for MCP. The 'authless' nature is explicitly stated in the README, indicating a design choice for public accessibility (e.g., Cloudflare AI Playground). This means the server does not enforce authentication by default, requiring the deployer to understand its implications or implement authentication upstream if a private server is desired. No hardcoded secrets were found in the provided code.
Updated: 2025-11-29GitHub
0
0
Medium Cost
Left-Coast-Tech icon

espn-mcp

by Left-Coast-Tech

Sec9

This MCP server provides real-time access to ESPN's public API for live sports data for NFL, NHL, and NBA leagues, serving information like standings, scores, team stats, schedules, and playoff details.

Setup Requirements

  • ⚠️Node.js environment (version 18.0.0 or higher) required
  • ⚠️npm package manager required
  • ⚠️Requires configuration in Claude Desktop or Claude Code's .mcp.json file for usage
Verified SafeView Analysis
The server appears well-structured, using predefined ESPN API endpoints and performing validation on input parameters like 'league' and resolving 'team' names against a known list. There are no obvious signs of 'eval' or direct arbitrary code execution. Data fetching is done via standard 'fetch' to hardcoded ESPN domains. No sensitive API keys or credentials are hardcoded or expected via environment variables for ESPN's public API, reducing direct secret exposure risk. The main security considerations would be the inherent risks of interacting with an external public API and ensuring proper sanitization of all user-provided arguments, although the existing validation helps mitigate this.
Updated: 2025-12-01GitHub
0
0
Medium Cost
9506hqwy icon
Sec8

Provides a Model Context Protocol (MCP) server to expose Redmine functionalities as tools for AI agents or other MCP-compatible clients.

Setup Requirements

  • ⚠️Requires an existing Redmine server instance to connect to.
  • ⚠️Authentication to Redmine requires either an API Key or username/password.
  • ⚠️If connecting to a non-localhost Redmine instance, ensure Redmine is configured for HTTPS to prevent credentials from being sent in plain text, as the default `--url` is HTTP.
  • ⚠️Some tool names might exceed 46 characters, which could lead to truncation in certain client environments like VS Code's Copilot Chat panel, as noted in the source code comments.
Verified SafeView Analysis
The server uses standard API key or basic authentication for connecting to the Redmine instance, passed via environment variables or CLI flags (not hardcoded). It runs via standard I/O (stdio) and does not directly expose network ports, limiting its direct network attack surface. By default, the server operates in a read-only mode, disabling destructive API calls. A notable point is that the default Redmine server URL is HTTP (http://127.0.0.1:3000), which means credentials would be sent in plain text if Redmine itself is not configured for HTTPS, posing a risk for non-local or insecure Redmine deployments. The 'X-Redmine-Switch-User' header, if used with an administrator account, allows impersonation, which is a powerful feature of Redmine's API that the MCP server exposes; its misuse depends on the Redmine account's privileges and the security of the MCP server's deployment.
Updated: 2025-12-09GitHub
PreviousPage 291 of 713Next