Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
SNIKO icon

zero-mcp

by SNIKO

Sec9

Building lightweight HTTP Model Context Protocol (MCP) servers for AI tool integration.

Setup Requirements

  • ⚠️Requires Node.js >=18.0.0
  • ⚠️For production, `allowedOrigins` must be explicitly configured to restrict CORS to trusted clients.
Verified SafeView Analysis
The server implements robust input validation using Zod for JSON-RPC requests and tool arguments. CORS is handled, but the default `*` allowed origins needs to be explicitly restricted by the user for production deployments. No 'eval', obfuscation, or hardcoded secrets were found.
Updated: 2025-12-03GitHub
0
0
Low Cost
mulesoft icon
Sec5

This project contains the source content and configuration for a MuleSoft Multi-Cloud Platform (MCP) documentation server, likely served using Antora.

Setup Requirements

  • ⚠️The actual server implementation code is not provided in the truncated source, making direct setup and execution of the server impossible from this snippet.
  • ⚠️Requires Antora CLI or a compatible environment to process and generate the documentation content.
Review RequiredView Analysis
The provided source code consists only of documentation and configuration files (`CONTRIBUTING.md`, `README.md`, `antora.yml`). No executable server code was provided to perform a comprehensive security audit for 'eval', obfuscation, network risks, or hardcoded secrets. Therefore, a definitive security assessment of the server itself cannot be made from this snippet.
Updated: 2026-01-15GitHub
0
0
Medium Cost
ayushgoswami666 icon
Sec1

To provide personalized financial insights for investment decisions by leveraging Fi-Money's MCP Server and AI capabilities.

Setup Requirements

  • ⚠️Requires access and setup for Fi-Money's MCP Server (account, API keys, specific configuration likely needed).
  • ⚠️Likely requires API keys for external AI services (e.g., OpenAI, Google AI) to power 'AI-Powered' features.
  • ⚠️Specific programming language runtime and package manager dependencies are unknown without source code.
Review RequiredView Analysis
CRITICAL: Insufficient source code provided for a comprehensive security audit. Only the repository name and a truncated README title were available. It is impossible to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns without the actual code. Therefore, no meaningful security assessment can be performed, and running the server is advised against until a full code review is possible.
Updated: 2025-11-29GitHub
0
0
Low Cost
Indrapuma icon
Sec1

A basic implementation of a client-server communication system, likely demonstrating a custom or simplified protocol ('MCP').

Review RequiredView Analysis
Source code was not provided in the prompt, therefore a comprehensive security audit is impossible. Without reviewing the implementation details, it is impossible to determine if the server contains vulnerabilities such as unsanitized input, hardcoded secrets, dangerous functions like 'eval', or improper network handling. Running any software without code review is inherently risky.
Updated: 2025-12-03GitHub
0
0
Low Cost
anand25014-cell icon

test-mcp-server

by anand25014-cell

Sec9

Manages and tracks personal or small-scale financial expenses by adding, listing, and summarizing entries.

Setup Requirements

  • ⚠️Requires Python 3.14+ as specified in pyproject.toml (Python 3.14 is currently in development and not a stable release).
  • ⚠️Expects 'categories.json' to exist in the same directory as 'main.py' for the categories resource, otherwise, file read operations will fail.
Verified SafeView Analysis
Uses parameterized queries for all database operations, effectively preventing SQL injection vulnerabilities. No 'eval' or similar dangerous functions detected. No hardcoded sensitive credentials or environment variables are observed in the provided code. File I/O is limited to a local SQLite database and a JSON configuration file.
Updated: 2025-12-14GitHub
0
0
Low Cost
TencentCloudADP-DevRel icon

deploy-website

by TencentCloudADP-DevRel

Sec1

A simple API service to deploy, list, and delete HTML websites, including a specialized endpoint for deploying 3D model viewers from COS GLB links.

Setup Requirements

  • ⚠️Requires Node.js and npm to run.
  • ⚠️File storage directory (`WEBSITE_DIR`) can be configured via environment variable, defaults to `./public`.
  • ⚠️The default configuration (via `npm start`) is highly insecure and should not be exposed publicly without significant modifications or explicit use of the `src/index-secure.ts` version with proper API key management.
  • ⚠️The `/api/deploy-3d-website` endpoint expects a `templates/3d-website.html` file, which is not provided in the truncated source, potentially causing errors if not present.
Review RequiredView Analysis
The default server (using `src/index.ts` via `npm start`) has severe security vulnerabilities, as detailed in the `SECURITY_REVIEW.md`. Critical issues include: 1. **Path Traversal**: Allows deletion of arbitrary system files. 2. **XSS Risk**: Uploaded HTML is served directly, enabling malicious script execution. 3. **No Authentication**: Anyone can upload, delete, and list files. 4. **Inconsistent File Size Limits**: Multer is not configured with limits, making it vulnerable to large file uploads. 5. **Filename Conflicts**: New files can overwrite existing ones. 6. **Error Leakage**: Detailed error messages are exposed, which can aid attackers. 7. **Temporary File Cleanup**: Lacks robust temporary file handling. While a more secure version (`src/index-secure.ts`) exists that addresses many of these, it is not the default execution path and also omits the `/api/deploy-3d-website` endpoint.
Updated: 2025-12-11GitHub
0
0
High Cost
CNSeniorious000 icon

temporary-mcp-servers

by CNSeniorious000

Sec6

Provides Model Context Protocol (MCP) servers for managing IPython sessions, interacting with Discord, and fetching/parsing web content via a webview.

Setup Requirements

  • ⚠️Requires 'uv' package manager.
  • ⚠️Requires Python 3.12+.
  • ⚠️The Discord MCP Server requires a `DISCORD_TOKEN` environment variable, which must be a user token and usage might violate Discord's ToS.
  • ⚠️The Webview MCP Server uses `pywebview` and may require a desktop environment or X server to run, even if the window is hidden.
Verified SafeView Analysis
The IPython MCP server is designed to execute arbitrary Python code, which is a significant security risk if exposed to untrusted input. The Discord MCP server uses a user access token, which is typically against Discord's Terms of Service for self-botting and carries account termination risk. The `eval(parent)` call in `ipython-mcp.py` is used internally for virtual environment setup with `site.getsitepackages()` paths, making it less of a direct exploit vector than arbitrary user-controlled `eval`. The webview server loads external URLs, which poses inherent risks from malicious web content, though it runs hidden/minimized.
Updated: 2026-01-03GitHub
0
0
Medium Cost
gufao icon
Sec9

Provides AI assistants with secure access to Google Calendar to manage events and calendars.

Setup Requirements

  • ⚠️Requires Node.js 20+ and Docker Desktop with MCP Toolkit enabled.
  • ⚠️Requires a Google Cloud Console project with Google Calendar API enabled and manual OAuth 2.0 credentials setup.
  • ⚠️Requires running a one-time authentication script (`npm run auth`) to generate an OAuth token file.
  • ⚠️Requires manual configuration of Docker MCP catalog and registry YAML files for deployment.
Verified SafeView Analysis
The server uses OAuth2 for authentication, with credentials and tokens loaded from files via environment variables or volume mounts, explicitly avoiding hardcoding. Input validation is performed for required parameters. Error handling is robust, returning formatted strings without exposing internal details. The approach to credentials management (volume-mounted, not in image, not in git) follows best practices.
Updated: 2025-11-26GitHub
0
0
Low Cost
vielhuber icon

charly

by vielhuber

Sec2

A comprehensive Model Context Protocol (MCP) server gateway that integrates multiple MCP servers with unified OAuth2 and bearer token authentication, including a web client for management.

Setup Requirements

  • ⚠️Requires Python (>= 3.0), PHP (>=8.1), and MySQL (>=8.0).
  • ⚠️Requires an Auth0 account setup and careful configuration of Auth0 client credentials in `config.json`.
  • ⚠️Requires separate installation and configuration of specific MCP servers (e.g., mcp-filesystem-server, Office-Word-MCP-Server, etc.) to function fully.
  • ⚠️Requires setting up a web server (Apache/Nginx with SSL) for the client application.
  • ⚠️Crucial sensitive information (`AUTH0_CLIENT_SECRET`) is exposed via the `/api/skills` endpoint.
Review RequiredView Analysis
Critical security flaw: The client-side API endpoint `/api/skills` (implemented in `client/_public/api/Skills.php`) reads and exposes the entire `../../../server/config.json` file. This file, as per `server/config.example.json`, contains sensitive credentials, most notably `AUTH0_CLIENT_SECRET` and potentially API keys for MCP providers. Exposing `AUTH0_CLIENT_SECRET` allows an attacker to impersonate the application in the OAuth2 flow, leading to significant security breaches. Additionally, the Python server's `StdioTransport` is configured to execute commands with arguments directly from `config.json`; while the `config.example.json` uses static commands, this structure could allow remote code execution if the `config.json` is compromised or modified without strict validation. Broad CORS `Access-Control-Allow-Origin: *` is enabled, which might not be ideal for all deployment scenarios.
Updated: 2025-12-12GitHub
0
0
Medium Cost
jas88 icon

MCPsharp

by jas88

Sec9

Intelligent C# project analysis and semantic code editing for AI agents.

Setup Requirements

  • ⚠️Requires .NET 10.0 SDK (specifically version 10.0.102) or later.
  • ⚠️Requires Git installed.
  • ⚠️If using local AI, requires Ollama installed and 'qwen2.5-coder:3b' model pulled.
  • ⚠️If using cloud AI via OpenRouter, requires OPENROUTER_API_KEY environment variable. Internal AI calls may also require ANTHROPIC_API_KEY.
Verified SafeView Analysis
The server integrates AI models internally (Ollama/OpenRouter). Cloud AI (OpenRouter) requires an API key (OPENROUTER_API_KEY) which is expected to be managed via environment variables. The analyzer integration system includes a 'Security Framework' for validating analyzer assemblies, managing permissions, and sandboxing execution to mitigate risks from third-party code. ReDoS prevention is implemented for regex search. Overall, a strong security posture for an AI-integrated code analysis tool.
Updated: 2026-01-18GitHub
0
0
Low Cost
fabianbartsch icon

mcp-docs

by fabianbartsch

Sec9

Automatically generates documentation pages for Laravel Model Context Protocol (MCP) servers by extracting metadata from server classes.

Setup Requirements

  • ⚠️Requires PHP >= 8.1
  • ⚠️Requires Laravel >= 10.0
  • ⚠️Requires laravel/mcp >= 0.1.0
  • ⚠️Requires `MCP_DOCS_SERVER_CLASS` to be configured in `.env` or `config/mcp-docs.php` to define the MCP server being documented.
Verified SafeView Analysis
The package utilizes PHP reflection to extract metadata from trusted, user-configured classes, which is generally safe. Input values (like server instructions) are properly escaped with `htmlspecialchars` and `nl2br` before rendering to prevent XSS. Copy-to-clipboard functionality uses `navigator.clipboard.writeText` or a secure `execCommand` fallback, parsing configuration-derived data via `JSON.parse`. There are no clear indications of 'eval', obfuscation, hardcoded secrets (beyond standard Laravel `APP_KEY`), or direct malicious patterns. Configuration options for `installation_commands` could theoretically suggest malicious commands if the application's configuration itself is compromised, but this falls outside the direct scope of the package's code vulnerabilities.
Updated: 2025-11-19GitHub
0
0
Low Cost
giantswarm icon

mcp-kubernetes

by giantswarm

Sec8

A Model Context Protocol (MCP) server that provides Kubernetes cluster management capabilities, particularly for AI agents.

Setup Requirements

  • ⚠️Requires Kubernetes 1.19+ and Helm 3.0+ for deployment via Helm chart.
  • ⚠️OAuth 2.1 authentication requires external setup (e.g., Google Cloud Console credentials or a Dex OIDC server) and proper registration of clients and redirect URIs. For production, a secret management solution (like HashiCorp Vault or Kubernetes External Secrets Operator) is mandated for OAuth credentials.
  • ⚠️Multi-cluster federation (CAPI mode) requires deployment on a Cluster API Management Cluster, and users need specific RBAC permissions for CAPI cluster discovery and kubeconfig secret access.
  • ⚠️CiliumNetworkPolicy is enabled by default and requires Cilium CNI to be installed in the Kubernetes cluster.
Verified SafeView Analysis
The server demonstrates a high level of security awareness with comprehensive documentation on best practices and explicit controls. Key strengths include: robust OAuth 2.1 implementation with PKCE, client registration security, and strong URL validation (HTTPS required, SSRF protection against private IPs/localhost by default). It offers 'Non-Destructive Mode' (enabled by default) and 'Dry-Run Mode' to prevent unintended changes, which is critical for AI agent interactions. Downstream OAuth mode enables per-user Kubernetes RBAC enforcement with a 'fail-closed' principle, preventing privilege escalation. ServiceAccount tokens are projected with short expiration and auto-rotated. Detailed RBAC profiles (minimal, readonly, standard, admin) are provided, with explicit warnings and required confirmations for dangerous 'admin' access. Structured audit logging with PII sanitization and OpenTelemetry instrumentation enhance observability and security monitoring. While it allows configuring less secure options (e.g., public client registration, private OAuth URLs) via explicit flags, these are clearly documented with strong warnings against production use.
Updated: 2026-01-18GitHub
PreviousPage 296 of 713Next