Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
HiteshKumarMeghwar icon

expense-tracker-mcp

by HiteshKumarMeghwar

Sec9

A local MCP server for tracking and managing personal or business expenses, designed for integration with client applications like Claude Desktop.

Setup Requirements

  • ⚠️Requires 'uv' package manager for setup and running.
  • ⚠️Requires Python 3.11 or newer.
  • ⚠️Intended for use with Claude Desktop for full intended functionality (implied by README).
Verified SafeView Analysis
SQL injection is prevented by using parameterized queries. No 'eval' or similar dangerous functions are used. No hardcoded secrets or significant network risks identified within the provided source code. The database is a local SQLite file.
Updated: 2025-11-27GitHub
0
0
High Cost
pchavez2029 icon

cailculator-mcp

by pchavez2029

Sec6

Provides AI agents with high-dimensional mathematical analysis and financial trading tools using 'pathological' Cayley-Dickson and Clifford algebras.

Setup Requirements

  • ⚠️Requires a paid API key from the CAILculator portal (https://cailculator-mcp-production.up.railway.app/).
  • ⚠️Depends on an external authentication server for API key validation.
  • ⚠️Python 3.10+ is required.
  • ⚠️Aiohttp is needed for HTTP transport mode (`pip install cailculator-mcp[http]`).
Verified SafeView Analysis
The companion `auth_server` (part of the same repository) uses a broad `allow_origins=["*"]` for CORS, which is a significant security risk for an authentication service if deployed without restriction in production. Additionally, the Stripe webhook handler has a development fallback that bypasses signature verification if `STRIPE_WEBHOOK_SECRET` is not set. The core MCP server itself avoids direct execution of user-supplied code (e.g., `eval`, `exec`) and relies on `os.getenv` for sensitive configurations, but the external authentication dependency introduces a potential single point of failure.
Updated: 2025-12-05GitHub
0
0
Medium Cost
CeeArEx icon
Sec9

An autonomous Model Context Protocol (MCP) server designed for LLMs to build, debug, and maintain Rust projects, specifically architected to help LLMs create other MCP servers.

Setup Requirements

  • ⚠️Requires Rust and Cargo to be installed on the host system.
  • ⚠️Requires the 'rust-docs' component to be added via `rustup component add rust-docs` for full documentation search functionality.
  • ⚠️Requires an initialized Git repository in the working directory for `git_operations` to function.
  • ⚠️Client configuration needs an absolute path to the compiled `mcp-rust-builder` executable.
Verified SafeView Analysis
The server uses `std::process::Command` extensively to run `cargo` and `git` commands. Inputs to these commands are generally validated and constrained (e.g., specific project paths, crate names, predefined git operations, regex-validated error codes), limiting arbitrary command injection. Path arguments are explicitly converted to `PathBuf` and checked for existence. The `patch_file` tool operates with a first-match replacement and provides diagnostics for whitespace errors rather than full file overwrites, enhancing safety. 'cargo add' and 'cargo test' inherently involve network requests to crate registries, which is expected behavior for a Rust development agent. No direct use of 'eval' or hardcoded secrets found. The overall design prioritizes controlled execution within a development context.
Updated: 2025-11-25GitHub
0
0
High Cost
mindfulent icon

slashAI

by mindfulent

Sec9

A privacy-aware Discord AI assistant and MCP server that provides persistent memory, scheduled reminders, Minecraft build recognition, and agentic tools.

Setup Requirements

  • ⚠️Requires an Anthropic API Key (paid service for Claude models).
  • ⚠️Requires a Voyage AI API Key (paid service for embeddings).
  • ⚠️Requires a PostgreSQL database with the pgvector extension.
  • ⚠️Requires DigitalOcean Spaces API Keys and Bucket for image storage (paid service).
  • ⚠️Requires configuring a Discord Bot application and retrieving its token and the owner's Discord ID.
Verified SafeView Analysis
The project demonstrates strong security practices: API keys and sensitive configurations are managed via environment variables. Webhook endpoints are protected with an API key. SQL interactions use parameterized queries to prevent injection. GitHub documentation access is restricted to a hardcoded repository and validated paths to prevent traversal. A robust privacy model segregates memories by channel type and user ownership, with explicit validation for 'global safe' facts. Agentic tools for Discord actions are restricted to a configurable owner ID. Image processing limits (size, dimensions) mitigate some risks. Regular updates of external dependencies are crucial for maintaining security.
Updated: 2026-01-18GitHub
0
0
Medium Cost
arunselvarajdb icon

ynab-mcp-server

by arunselvarajdb

Sec9

A read-only Model Context Protocol (MCP) server for interacting with YNAB budgets, providing tools and resources for querying financial data and generating spending insights.

Setup Requirements

  • ⚠️Requires a YNAB Personal Access Token (Free, but requires YNAB account and setup)
  • ⚠️Requires 'uv' package manager for dependency management and running (not pip)
  • ⚠️Requires Python 3.11 or higher
Verified SafeView Analysis
The server demonstrates strong security practices, including Pydantic-based environment variable validation (specifically checking for placeholder YNAB_API_TOKEN), a read-only design, and comprehensive security documentation detailing API token handling, dependency auditing (Bandit, pip-audit), pre-commit hooks (detect-secrets), and a vulnerability reporting policy. CORS is set to allow all origins in debug mode for HTTP, which is noted to be restricted in production. No 'eval' or other highly dangerous patterns were found.
Updated: 2025-11-23GitHub
0
0
Low Cost
cloudaeon-pvt-ltd icon

mcp-servers

by cloudaeon-pvt-ltd

Sec5

This server enables sending emails through Microsoft Outlook/Office 365 using the Microsoft Graph API, triggered by an MCP-compatible client.

Setup Requirements

  • ⚠️Requires an existing Microsoft 365/Azure AD tenant.
  • ⚠️Requires Azure App Registration with specific 'Mail.Send' application permissions and administrative consent.
  • ⚠️Requires Python 3.12+.
  • ⚠️Sensitive credentials (SENDER_EMAIL_ID, TENANT_ID, CLIENT_ID, CLIENT_SECRET) must be securely managed as environment variables.
Review RequiredView Analysis
The server retrieves sensitive credentials (CLIENT_ID, CLIENT_SECRET, TENANT_ID) from environment variables, which is good practice. However, the `send_email` function allows an MCP client to specify an `attachment_file_path`. While `os.path.normpath` is used for cleanup, the server attempts to open and base64 encode *any* path provided by the client if it has read access. This poses a significant Local File Inclusion (LFI) risk, allowing a malicious MCP client to potentially read and email arbitrary files from the server's filesystem. Additionally, the `Mail.Send` application permission, as highlighted in the README, allows sending emails as *any* user in the tenant, which is a powerful capability that could be misused by an untrusted client. There are no obvious `eval` or obfuscation patterns.
Updated: 2025-12-10GitHub
0
0
Medium Cost
amiralamox icon

mcp-servers

by amiralamox

Sec8

Enables an AI agent (Claude) to interact with Jira, retrieving and analyzing project management data via JQL queries.

Setup Requirements

  • ⚠️Python 3.12+ required
  • ⚠️Jira account with API access (username/API token) required
  • ⚠️Claude Desktop configuration required to connect the MCP server
  • ⚠️Environment variables (.env file) must be set for Jira credentials and may need adjustment for custom field IDs specific to your Jira instance
Verified SafeView Analysis
The server loads Jira credentials and custom field IDs from environment variables using `python-dotenv`, which is good practice. It runs locally (127.0.0.1:5000), limiting network exposure. JQL queries are passed directly to the Jira API via `requests`. While direct JQL passing is the core functionality, it relies on the Jira API's sanitization; the server itself does not appear to execute arbitrary system commands or `eval` client-provided strings.
Updated: 2025-12-04GitHub
0
0
Medium Cost
ArshavirH icon

k_base

by ArshavirH

Sec8

A persistent, semantic memory layer for AI agents and human teams to store, retrieve, and evolve project context over time.

Setup Requirements

  • ⚠️Requires Java 21
  • ⚠️Requires Docker and Docker Compose for local PostgreSQL with pgvector
  • ⚠️Requires OpenAI API Key (Paid service for embeddings)
  • ⚠️Requires Node.js for MCP Inspector if testing via 'npx'
Verified SafeView Analysis
The application uses Spring Boot's `@Valid` for input validation. Database credentials for local setup are hardcoded in `application.yaml` and `docker-compose.yaml` (username: postgres, password: user123), which are expected for development but should be externalized for production. CORS is wide open by default (`allowedOriginPatterns("*")`) which is generally not recommended for production. Filter expressions in `KnowledgeQueryService` use string escaping (`s.replace("'", "''")`) for project codes and tags, which is an effort to prevent injection but relies on the underlying `PgVectorStore` to correctly parameterize queries.
Updated: 2025-11-29GitHub
0
0
Medium Cost
kiket-dev icon

kiket-mcp-server

by kiket-dev

Sec2

Provides AI tools to interact with Kiket issues, comments, projects, and users, enabling AI assistants to manage Kiket programmatically via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires `KIKET_API_URL` and `KIKET_API_KEY` to be set as environment variables.
  • ⚠️Requires a running Kiket instance for API interactions.
  • ⚠️Setting `KIKET_VERIFY_SSL=false` can pose a security risk in production by disabling SSL certificate validation.
Review RequiredView Analysis
The `start-server.sh` script, part of the provided source, contains a hardcoded `KIKET_API_KEY`. This is a critical security vulnerability as it directly exposes sensitive credentials within the repository. Additionally, the `KIKET_VERIFY_SSL` environment variable can be set to `false`, which disables TLS/SSL certificate verification and can make the server vulnerable to man-in-the-middle attacks if used in a production environment.
Updated: 2025-12-13GitHub
0
0
Low Cost
AyushSingh7404 icon

test-remote-server-mcp

by AyushSingh7404

Sec9

An HTTP server for tracking personal expenses, allowing users to add, list, and summarize financial transactions through an API.

Setup Requirements

  • ⚠️Requires Python 3.13+ as specified in pyproject.toml.
  • ⚠️Expense data stored in expenses.db within a temporary directory (tempfile.gettempdir()) may not persist across server or system restarts.
  • ⚠️Requires 'fastmcp' and 'aiosqlite' libraries to be installed, typically handled by 'uv' or 'pip'.
Verified SafeView Analysis
The code uses parameterized queries, effectively preventing SQL injection. No hardcoded secrets or dangerous functions like 'eval' are present. Error messages could be more generalized to prevent potential information leakage in a high-security context, but for a simple expense tracker, this is a minor concern. The use of tempfile.gettempdir() for the database path means data persistence might be an issue across server/system restarts, which is a functional rather than a direct security vulnerability.
Updated: 2025-11-19GitHub
0
0
High Cost
wstone0011 icon

my_gdb_mcp_server

by wstone0011

Sec1

Enables AI models to interact with GDB for automated debugging and code analysis by exposing GDB operations and system shell commands via an MCP server.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️Requires fastmcp library
  • ⚠️Requires pexpect library
Review RequiredView Analysis
CRITICAL VULNERABILITY: The `run_shell_command` tool allows arbitrary system shell commands to be executed with `subprocess.run(command, shell=True)` without sanitization. Additionally, the `start_debugging` tool allows arbitrary commands to be passed to `pexpect.spawn`. Since the server binds to `0.0.0.0:8000`, any entity with network access to the server can execute arbitrary code on the host system. This poses an extreme risk of remote code execution (RCE) if exposed. The `command` parameters for these tools are directly sourced from user/model input without proper validation or sanitization.
Updated: 2025-11-26GitHub
0
0
Low Cost
Xioto-ytb icon
Sec8

An MCP server acting as an adapter for a Minesweeper game, enabling an agent to interact with the game via defined tools.

Setup Requirements

  • ⚠️Requires a separate Minesweeper game server to be running on `http://localhost:5000`.
Verified SafeView Analysis
The server itself uses numeric inputs for coordinates ('row', 'col') and constructs URLs to a local game server safely. There is no direct 'eval' or obvious malicious patterns found in the provided code. However, the server relies on an external, unprovided HTTP server running on `http://localhost:5000` to handle game logic and image generation. The security of the overall system is dependent on this external component, which is outside the scope of this repository's code.
Updated: 2026-01-19GitHub
PreviousPage 300 of 713Next