Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
apkmethedisalpha icon

note-com-mcp

by apkmethedisalpha

Sec7

This server acts as a Model Context Protocol (MCP) gateway to the note.com API, enabling AI agents and automation tools like n8n, Cursor, and ChatGPT to search, analyze, and manage notes on the note.com platform.

Setup Requirements

  • ⚠️Requires note.com account credentials (email, password) or session cookies/tokens (`NOTE_SESSION_V5`, `NOTE_XSRF_TOKEN`) to be set in a `.env` file for authenticated operations. A script is provided to help capture these credentials.
  • ⚠️For remote access and robust integration (e.g., with n8n on a VPS), additional setup is required for secure exposure, such as configuring Cloudflare Tunnel or Nginx with HTTPS and basic authentication. The HTTP server defaults to `localhost` binding.
  • ⚠️The server is a Node.js application, requiring a Node.js runtime (v16+) to be installed.
Verified SafeView Analysis
The server primarily relies on environment variables (.env file) for sensitive data like note.com session cookies, XSRF tokens, email, and password. While this prevents hardcoding in the source, it shifts the responsibility of securing the .env file to the user. The HTTP server's default CORS setting is '*' (allow all origins), which could be a risk if exposed directly to the internet without a protective proxy (like Nginx or Cloudflare Tunnel) with stricter access controls. Debug logs can output sensitive API responses and request bodies if `DEBUG` is enabled. The `degenerator` dependency, used for PAC file resolution, involves dynamic code generation, but within a standard, isolated context not directly exposed to arbitrary user input.
Updated: 2025-12-15GitHub
0
0
Medium Cost
nf-osi icon

mcp-server

by nf-osi

Sec5

Provides tools for Synapse data curation workflows, including portal metadata generation and project review/classification, enabling AI assistants to interact with Synapse resources.

Setup Requirements

  • ⚠️Requires `SYNAPSE_AUTH_TOKEN` environment variable, a personal access token for Synapse (get from https://www.synapse.org/ -> Account Settings -> Personal Access Tokens).
  • ⚠️Requires Python 3.10+.
  • ⚠️Recommended installation and running involves `uvx`, a specific Python dependency management tool.
Review RequiredView Analysis
The server exposes powerful operations directly to the LLM that involve user-provided strings without robust internal validation: 1. SQL Injection Risk: The `synapse_query` tool passes raw `query` strings directly to `synapseclient.tableQuery`. While Synapse may offer some backend protection, an LLM receiving malicious input could craft queries to extract sensitive data or perform unintended operations within the bounds of the `SYNAPSE_AUTH_TOKEN`'s permissions. 2. Arbitrary File Read Risk: The `validate_metadata` tool accepts a `schema_file` path from user input. Without proper sanitization or sandboxing by the MCP client, this could allow the LLM to read arbitrary files from the server's filesystem. 3. Server-Side Request Forgery (SSRF) Risk: Tools like `fetch_schema`, `get_data_classes`, and `get_data_sharing_plan` construct URLs based on user input (e.g., `schema_url`, `templates_url`, `study_id` for DSP API). An LLM could potentially craft these inputs to probe or interact with internal network services if the server has such access. 4. Broad Permissions: The required `SYNAPSE_AUTH_TOKEN` is a personal access token, which can grant extensive permissions to Synapse resources, amplifying the impact of any successful exploitation of the above risks.
Updated: 2025-11-24GitHub
0
0
Low Cost
IhorHolovatsky icon

iholovatsky-mcps

by IhorHolovatsky

Sec7

This repository provides Model Context Protocol (MCP) servers to integrate various external services (financial, business) into personal AI workflows, acting as data providers for AI clients.

Setup Requirements

  • ⚠️Requires .NET 10 SDK
Verified SafeView Analysis
The server components communicate via STDIO, limiting direct network exposure to local processes, which is generally safer. However, the actual C# source code for the integrations (e.g., with financial institutions like IBKR and BNP Paribas) is not provided, making it impossible to audit for hardcoded secrets, improper data handling, or other vulnerabilities within the application logic itself. The inherent nature of these integrations suggests handling sensitive data.
Updated: 2025-11-24GitHub
0
0
Medium Cost
ajinux icon
Sec8

Integrates Pi-hole DNS query data with AI-powered OSINT for home network monitoring and suspicious domain investigation.

Setup Requirements

  • ⚠️Requires a running Pi-hole instance.
  • ⚠️Requires the Pi-hole API password.
  • ⚠️Needs an MCP client to interact with, as it's an MCP server, not a standalone UI.
Verified SafeView Analysis
The server correctly handles sensitive information by requiring the Pi-hole API password via environment variables, .env file, or command-line flags. It uses standard Go libraries and well-known third-party packages for DNS querying and WHOIS lookups. There are no instances of 'eval' or other dynamic code execution risks. The installation script downloads a binary from GitHub, which carries standard supply chain risks if the repository is compromised, but the script itself is straightforward. Network connections are made to Pi-hole (internal) and public DNS/WHOIS servers (external) as part of its intended functionality.
Updated: 2025-12-14GitHub
0
0
Low Cost
fwornle icon
Sec8

A real-time constraint enforcement and monitoring system designed to integrate with AI coding agents (like Claude Code) to prevent policy violations and ensure code quality and security before execution. It provides a dashboard for visualization and management of constraints and violations.

Setup Requirements

  • ⚠️Claude Code Hook Configuration: Requires manual or semi-automated modification of Claude Code's local settings file (.claude/settings.local.json) and a restart of Claude Code to activate real-time constraint enforcement hooks (UserPromptSubmit, PreToolUse).
  • ⚠️LLM API Key Requirement: Semantic validation, a core advanced feature, requires an API key for a supported LLM provider (e.g., GROK_API_KEY for Groq, ANTHROPIC_API_KEY for Anthropic, GOOGLE_API_KEY for Gemini), which may incur costs and require external accounts.
  • ⚠️External Database Dependencies: Certain features (vector search for violations, advanced analytics) rely on external databases like Qdrant (vector DB) and Redis (cache), often deployed via Docker. The setup script warns if QDRANT_HOST is not set and suggests a docker run command.
Verified SafeView Analysis
The server's primary function is to enhance security by enforcing coding constraints (e.g., detecting hardcoded secrets, 'eval()' usage). It uses 'execSync' internally for loading configurations and health checks, which, while controlled by internal paths, could be a vector if external inputs were to influence the commands. The dashboard API is exposed with CORS for all origins, which is appropriate for local development but a significant risk if publicly exposed. Logging is carefully configured to avoid stdout when running as an MCP server or hook, preventing RPC stream corruption.
Updated: 2026-01-10GitHub
0
0
Low Cost
sebastienblanc icon

mcp-api-server

by sebastienblanc

Sec9

Provides an authenticated API and internal tools for managing and assessing database regions within a platform.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) 11+ (or higher, depending on Quarkus version).
  • ⚠️Requires Maven or Gradle to build and run the Quarkus application.
  • ⚠️Requires an authentication provider (e.g., OIDC, JWT) configured for Quarkus to satisfy '@Authenticated' and '@RolesAllowed' annotations.
Verified SafeView Analysis
The code correctly implements authentication and role-based authorization for its API endpoints and tools using Quarkus security features. The current implementations are simple string echoes and logging, showing no direct interaction with databases or system commands that could introduce injection vulnerabilities within this snippet. No 'eval', obfuscation, or hardcoded secrets are present. The actual security of region management depends on external services not detailed in this snippet.
Updated: 2025-12-15GitHub
0
0
Low Cost
0xKaveman icon
Sec5

Enables AI agents to query Ethereum balances and execute token swaps via a Model Context Protocol (MCP) server in Rust.

Review RequiredView Analysis
A comprehensive security audit is impossible as the source code provided was limited to only the README.md. Therefore, checks for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns could not be performed. Given it's a server for financial trading on Ethereum, security is paramount and would require a full code review.
Updated: 2025-11-26GitHub
0
0
Medium Cost
sriniketh icon
Sec9

Integrates MediaWiki content with Model Context Protocol (MCP) compatible systems (e.g., LLMs) to provide grounded information retrieval from wiki-based websites.

Setup Requirements

  • ⚠️Requires Docker to build and run.
  • ⚠️Requires an MCP-compatible client (e.g., Claude, LM Studio) to interact with the server.
  • ⚠️Requires environment variables WIKI_NAME and WIKI_API_URL to be set.
Verified SafeView Analysis
The server uses Ktor for HTTP requests and Jsoup for HTML cleaning, both standard and generally secure libraries. Environment variables are used for configuration, preventing hardcoded secrets. Error handling for API calls is present. The `cleanHtmlContent` function uses Jsoup to strip HTML, which helps mitigate XSS risks in content returned to a consuming model. No 'eval' or similar dangerous patterns were found. The primary security consideration outside the server's code itself would be ensuring the integrity and trustworthiness of the upstream MediaWiki API it connects to.
Updated: 2026-01-17GitHub
0
0
High Cost
BooboNikita icon

mcp-server-demo

by BooboNikita

Sec4

An example project demonstrating how to build an MCP server and an intelligent client capable of automatic tool calling and multi-agent orchestration for compliance risk assessment, sales, and technical support.

Setup Requirements

  • ⚠️Requires Python 3.13+.
  • ⚠️Requires Kimi (Moonshot AI) API Key and API URL for LLM functionality (a paid service).
  • ⚠️To enable full client functionality, multiple local services (MCP servers, embedding service) must be run concurrently on specific ports, e.g., `python database.py` (port 8000), `python src/compliance_warning/server.py` (port 8001), and `python src/embedding_service.py` (port 8003). There are also `a2a` agents with their own port configurations, potentially conflicting if run simultaneously with other components.
Review RequiredView Analysis
The `database.py` file hardcodes MySQL root user credentials ('root', '123456') for a local database connection. This is a critical security vulnerability for anything beyond an isolated, ephemeral demo. The `subprocess.Popen` calls in `src/a2a/manager.py` are used for internal agent orchestration with fixed module names, posing a low risk of arbitrary command execution. Inter-service communication relies on fixed `localhost` ports without explicit authentication, which could be a risk if `localhost` network access is compromised. The `src/compliance_warning/service.py` attempts to 'auto-fix' LLM-generated JSON by replacing escaped quotes, which could lead to unexpected parsing or resource exhaustion if presented with a maliciously crafted payload.
Updated: 2026-01-19GitHub
0
0
Low Cost
swapnildagade1213 icon

MCP_Server_Demo

by swapnildagade1213

Sec9

Provides a Python template for building Model Context Protocol (MCP) servers to integrate AI assistants with custom tools and resources.

Setup Requirements

  • ⚠️Requires `uv` package manager
  • ⚠️Requires Python 3.13 or higher
Verified SafeView Analysis
The provided `mcp_demo.py` file is simple and does not contain obvious security vulnerabilities like `eval`, `exec`, or direct shell commands. It loads environment variables via `dotenv`, which is good practice. The tools return hardcoded values. Any future additions of tools or resources, especially those interacting with external APIs or file systems, would require careful implementation to avoid introducing risks.
Updated: 2025-12-29GitHub
0
0
Medium Cost
commercelayer icon

mcp-server-metrics

by commercelayer

Sec9

This MCP server provides a local implementation with a suite of metrics tools for Commerce Layer data analysis, enabling extraction of data from order, return, or cart history.

Setup Requirements

  • ⚠️Requires Commerce Layer API client_id and client_secret to be set as environment variables (CL_CLIENT_ID, CL_CLIENT_SECRET).
  • ⚠️Requires Node.js version 22 or higher.
  • ⚠️Uses pnpm for package management; ensure pnpm is installed or adapt to npm/yarn if preferred.
Verified SafeView Analysis
The server handles API credentials (client_id, client_secret) securely by requiring them as environment variables, preventing hardcoding. Network requests are made using standard 'fetch' to the Commerce Layer API. Local file system access is limited to reading static documentation files within the project, posing minimal risk. No 'eval' or direct 'child_process' execution is observed. Authentication tokens are verified with `jwtVerify`.
Updated: 2026-01-03GitHub
0
0
Low Cost
NPham1402 icon

MCP-Server-Hono

by NPham1402

Sec1

Provides a lightweight web server and API platform built with the Hono framework, likely designed for applications related to Minecraft (MCP).

Setup Requirements

  • ⚠️Requires Node.js runtime (version not specified, but typically >=16)
  • ⚠️Requires 'npm' or 'yarn' for dependency management
  • ⚠️May require a build step (e.g., TypeScript compilation) before running
Review RequiredView Analysis
No source code was provided for analysis. Therefore, it is impossible to audit for security risks such as 'eval', obfuscation, hardcoded secrets, network vulnerabilities, or malicious patterns. The score reflects the inability to perform any security review.
Updated: 2025-11-26GitHub
PreviousPage 293 of 713Next