Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
ranjith8847 icon

MCP_server

by ranjith8847

Sec9

This project demonstrates building and consuming Model Context Protocol (MCP) servers using Python, leveraging FastAPI for HTTP and STDIO for different transport mechanisms, and integrating with LangChain for LLMs to dynamically discover and use tools.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires an API Key/Deployment for the LLM (e.g., SAP AI Core or OpenAI) to be configured via environment variables or direct code modification in the client.
  • ⚠️The client (`fast_mcp_client_langchain.py`) requires the `BASE_URL` variable to be manually updated to the running server's address.
  • ⚠️The `uvicorn` run commands provided in the README (e.g., `uvicorn fast_mcp_server:app`) imply running from within the `FastAPI_MCP_HTTP` subdirectory, which contradicts the initial `cd MCP_server` installation instruction, potentially requiring users to navigate into the subdirectory or adjust the command to `uvicorn FastAPI_MCP_HTTP.fast_mcp_server:app`.
Verified SafeView Analysis
The server code generally appears secure, utilizing standard Python libraries and FastAPI with proper input validation (e.g., division by zero). No 'eval' or direct command injection points were identified. Network requests use httpx with error handling. The primary 'risk' is inherent to LLM applications: the client connects to a configurable BASE_URL, meaning if configured to a malicious server, it could be exploited. However, this is a configuration concern rather than a code vulnerability in the provided server/client logic. LLM interactions inherently require careful prompt engineering and security considerations to prevent misuse of tools.
Updated: 2025-12-12GitHub
0
0
Low Cost
arielfr icon

mcp-heritage

by arielfr

Sec8

An aggregate Model Context Protocol (MCP) server that exposes tools from multiple child MCP servers as a unified interface.

Setup Requirements

  • ⚠️Requires running three separate Node.js processes concurrently: `mcp-child-a.js`, `mcp-child-b.js`, and `parent.js`. The child servers must be running before the parent server can successfully connect and register their tools.
  • ⚠️External API dependencies for child tools (official-joke-api.appspot.com, api.agify.io) are used.
Verified SafeView Analysis
The server architecture involves a parent server aggregating tools from child servers. The `jsonSchemaToZodSchema` function dynamically converts JSON schemas from child services to Zod schemas for validation. While Zod provides strong validation, there's a theoretical risk of performance issues or crashes if child services provide extremely large or maliciously crafted schemas. Child services also make external API calls (e.g., `fetch` to official-joke-api.appspot.com and api.agify.io). No direct use of `eval` or obvious hardcoded secrets was found in the provided code. Overall, the use of a well-maintained SDK (Model Context Protocol SDK) and Zod for validation contributes to a good security posture, assuming child services are trusted.
Updated: 2025-12-12GitHub
0
0
High Cost
gholtzap icon

doctor-claude

by gholtzap

Sec8

Provides Claude Code with access to peer-reviewed medical information from trusted sources and acts as an educational diagnostic medical expert.

Setup Requirements

  • ⚠️Requires Node.js environment to run.
  • ⚠️Requires installation as a Model Context Protocol (MCP) server for Claude Code.
  • ⚠️Relies on local file system (patient-profile.json or ~/.doctor-claude/profile.json) for patient profiles.
  • ⚠️Requires internet access to query MedlinePlus and StatPearls (NCBI).
Verified SafeView Analysis
The server primarily interacts with trusted external medical information sources (medlineplus.gov, ncbi.nlm.nih.gov) via HTTP requests, with explicit domain validation to prevent arbitrary URL fetching. Local file system interaction is limited to managing a user-specific patient profile. There are no clear instances of 'eval', hardcoded secrets, or direct arbitrary command execution based on user input. The `@modelcontextprotocol/sdk` uses `cross-spawn` internally, but this server does not leverage it directly. The main security considerations would involve potential vulnerabilities in web scraping (cheerio library) or the external sites themselves, though these are well-established government/medical domains.
Updated: 2026-01-16GitHub
0
0
Medium Cost
gauravnadkarni icon
Sec7

A Model Context Protocol (MCP) server for accessing and analyzing health metrics data stored in Google Drive spreadsheets, primarily for LLM interaction.

Setup Requirements

  • ⚠️Requires a Google Cloud Platform project with the Google Drive API enabled.
  • ⚠️Requires creating and downloading a Google Service Account JSON credentials file.
  • ⚠️Requires uploading the health data spreadsheet to Google Drive, sharing it with the service account, and providing its File ID.
  • ⚠️Requires Node.js v16 or later.
Verified SafeView Analysis
The server retrieves sensitive health data from Google Drive. Access is managed via Google Service Account credentials, which must be securely stored and configured. The HTTP server's default CORS setting (`origin: "*"`) is insecure for production environments and requires explicit configuration. No obvious 'eval', obfuscation, hardcoded secrets (environment variables are used), or malicious patterns were found in the provided code snippets. The parsing of XLSX files is done with a standard library.
Updated: 2025-11-26GitHub
0
0
Low Cost
troylar icon
Sec8

An MCP server that exposes Open WebUI's API as tools, allowing AI assistants to manage users, groups, models, knowledge bases, and more.

Setup Requirements

  • ⚠️Requires OPENWEBUI_URL environment variable to be set.
  • ⚠️Admin operations within Open WebUI require an admin API key passed to the server.
  • ⚠️Requires Python 3.10 or newer.
Verified SafeView Analysis
The server acts as a pass-through proxy for Open WebUI's API. It handles authentication by forwarding the incoming user's bearer token or using a configured API key, prioritizing the incoming token to enforce permission-awareness. All permission checks are enforced by the underlying Open WebUI API. No direct `eval` or obvious malicious patterns found. The main security considerations are the security of the Open WebUI instance itself and proper configuration of access to this MCP server.
Updated: 2025-11-28GitHub
0
0
Medium Cost
NewToolAI icon

imagenx

by NewToolAI

Sec3

An AI tool for generating and processing images and videos from text or other images, functioning as a command-line utility or an MCP server.

Setup Requirements

  • ⚠️Requires API keys for Doubao (Volcengine) and/or Aliyun (Dashscope) services, which are commercial and incur costs.
  • ⚠️Requires Python 3.10+.
  • ⚠️For local file operations, the server process needs appropriate filesystem write permissions.
Review RequiredView Analysis
The `operator.py` module, used by MCP tools like `download`, `crop_image`, `resize_image`, `convert_image`, `adjust_image`, and `paste_image`, accepts arbitrary file paths as input and output. This allows for potential path traversal vulnerabilities, where a malicious user could write to or read from sensitive areas of the server's filesystem by providing paths like `../../../../etc/passwd` or `C:\Windows\System32\drivers\etc\hosts`. The `download` function, in particular, directly writes content from a URL to a user-specified path, which is a critical risk.
Updated: 2025-11-26GitHub
0
0
Low Cost
mcp-case icon

proxy

by mcp-case

Sec8

The MCP Proxy horizontally scales Model Context Protocol (MCP) servers by routing client requests to the same upstream server based on a session ID, ensuring stateful interactions.

Setup Requirements

  • ⚠️Requires a Redis instance for session storage.
  • ⚠️Requires one or more upstream MCP server instances to proxy requests to.
  • ⚠️Requires Docker or Go runtime to build/run.
Verified SafeView Analysis
The proxy handles HTTP requests and relies on Redis for session storage. Redis password is configurable; if left empty, Redis runs without authentication, which can be a security risk in production. The `/health` endpoint is unauthenticated but only returns basic status. There are no obvious 'eval' or malicious code patterns. Built-in error handling for upstream failures includes deleting stale session affinities, which is a good security and reliability practice. Written in Go, which reduces certain classes of memory-related vulnerabilities.
Updated: 2026-01-19GitHub
0
0
Low Cost
snowlxrd icon

mcp2py

by snowlxrd

Sec8

A high-performance, server-rendered Next.js App Router e-commerce application.

Setup Requirements

  • ⚠️Requires Node.js >=20 and pnpm >=9.
  • ⚠️Requires `SHOPIFY_STORE_DOMAIN` and `SHOPIFY_STOREFRONT_ACCESS_TOKEN` environment variables for basic functionality, and `SHOPIFY_REVALIDATION_SECRET` for webhooks.
  • ⚠️Local setup is recommended with Vercel CLI for environment variable management.
Verified SafeView Analysis
The application relies heavily on environment variables for sensitive data (Shopify API tokens, revalidation secrets). Proper management of these variables is crucial; exposure could lead to unauthorized access or control of the Shopify store. The `revalidate` endpoint relies on a shared secret, which if compromised, could allow unauthorized cache invalidation. The `Prose` component uses `dangerouslySetInnerHTML` to render HTML from Shopify product descriptions; while Shopify typically sanitizes these, an unsanitized input from the CMS could introduce XSS vulnerabilities.
Updated: 2026-01-19GitHub
0
0
Medium Cost
DucLe-2005 icon
Sec7

This project serves as a learning example for implementing a Model Context Protocol (MCP) server and client using TypeScript.

Setup Requirements

  • ⚠️Requires a Google Gemini API Key (GEMINI_API_KEY) for LLM interactions, which may incur costs.
  • ⚠️The 'src/data/users.json' file is directly modified, so subsequent runs will operate on a modified dataset.
Verified SafeView Analysis
The server parses JSON directly from LLM output for tools like 'create-random-user'. While basic cleaning is applied, robust validation against malformed or excessively large LLM-generated JSON is not explicitly detailed, which could lead to parsing errors or resource exhaustion. Additionally, the 'createUser' function directly writes user data (from LLM generation or user elicitation) to a local JSON file without comprehensive input validation beyond basic schema checks, posing a potential risk of data integrity issues or file bloat if malicious or malformed input is received.
Updated: 2026-01-19GitHub
0
0
Medium Cost
kaichiachen icon

ha-mcp-server

by kaichiachen

Sec8

Connects AI assistants to Home Assistant, enabling them to control devices, query states, manage automations/scripts, and retrieve system information.

Setup Requirements

  • ⚠️Requires a Home Assistant Long-Lived Access Token (HA_TOKEN) which must be generated and provided.
  • ⚠️Correct configuration of HA_URL is critical, especially when running in Docker where 'host.docker.internal' might be needed to reach the host's Home Assistant instance.
  • ⚠️Requires Python 3.13 or newer, which might be a 'gotcha' for older environments.
Verified SafeView Analysis
The server correctly handles Home Assistant API interactions via HTTPX and authentication with a bearer token. It reads the token from environment variables or a configuration file, avoiding hardcoding. Input parameters for service calls are parsed as JSON, which can lead to parsing errors but not arbitrary code execution. Error handling is present. The primary security consideration is the sensitivity of the HA_TOKEN, which grants broad control over the Home Assistant instance, but this is an inherent aspect of such an integration. No 'eval' or other highly dangerous patterns were observed in the truncated source.
Updated: 2026-01-17GitHub
0
0
High Cost
nathaliaju icon

grammarly-mcp

by nathaliaju

Sec8

This MCP server provides a tool for detecting AI-generated content and plagiarism in text using Grammarly, with optional AI-powered text rewriting and analysis features.

Setup Requirements

  • ⚠️Requires API keys for either Browserbase (BROWSERBASE_API_KEY, BROWSERBASE_PROJECT_ID) OR Browser Use Cloud (BROWSER_USE_API_KEY, BROWSER_USE_PROFILE_ID), both of which are paid cloud browser services.
  • ⚠️Requires API keys for at least one LLM provider (e.g., OPENAI_API_KEY, ANTHROPIC_API_KEY, GOOGLE_GENERATIVE_AI_API_KEY, or CLAUDE_API_KEY). If no API key is provided, it attempts to use Claude via CLI authentication ('claude login'), which requires local setup.
  • ⚠️For Browser Use Cloud, a pre-configured browser profile with Grammarly login (BROWSER_USE_PROFILE_ID) is required, implying an initial manual setup to link with a Grammarly account.
Verified SafeView Analysis
The server leverages third-party cloud browser automation (Browserbase/Stagehand or Browser Use Cloud) and various LLM providers (Claude, OpenAI, Google, Anthropic). The code itself sanitizes user text before sending it to LLMs and restricts browser navigation to Grammarly domains, which are good practices. API keys are expected to be configured via environment variables, not hardcoded. The overall security is highly dependent on the robustness of these external cloud services and LLM providers. No `eval` or blatant malicious patterns were found in the provided source code.
Updated: 2026-01-19GitHub
0
0
Low Cost
strtob icon
Sec9

Yii2 backend server providing token-based access to database tables and columns for LLM agents, including metadata, CRUD operations, and an admin GUI.

Setup Requirements

  • ⚠️Requires PHP >= 8.0, Yii2 >= 2.1, and Composer.
  • ⚠️Requires `mootensai/yii2-enhanced-gii` and `mootensai/yii2-relation-trait`.
  • ⚠️Database migrations must be run to create required MCP tables.
  • ⚠️The admin GUI and permission system implicitly depend on a parent Yii2 application's user authentication and an `app\models\Mandate` model for multi-tenancy and authorization checks.
Verified SafeView Analysis
The server demonstrates robust security features including token-based Bearer authentication, brute-force protection with progressive token locking and IP-based blocking, and rate limiting. All API requests are logged. Database interactions in `ToolsController` use parameterized queries, mitigating SQL injection risks. Column and table access are controlled by explicit permissions stored in `tbl_mcp_table` and `tbl_mcp_table_column`. No 'eval' or obvious obfuscation found. The admin GUI assumes an existing Yii2 user authentication system with permissions (e.g., 'mandates_see_all'), which is good practice for a module but implies external dependency for overall security context.
Updated: 2025-12-12GitHub
PreviousPage 295 of 713Next