Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
AlexMercedCoder icon

dremio-local-mcp

by AlexMercedCoder

Sec8

This Dremio MCP Server connects AI agents to a Dremio lakehouse to manage, analyze, optimize, and govern data, facilitating complex data workflows with natural language prompts.

Setup Requirements

  • ⚠️Requires a Dremio Cloud account with a Project ID and a Personal Access Token (PAT).
  • ⚠️Requires `dremio-cli` to be installed and configured with a profile (`~/.dremio/profiles.yaml`) containing Dremio API credentials.
  • ⚠️Documentation-aware features (e.g., `plan_semantic_layer`, `search_docs`) benefit from a local `~/dremiodocs` folder containing Dremio documentation markdown files.
Verified SafeView Analysis
The server primarily acts as a proxy, forwarding user-generated SQL and commands to the Dremio Cloud API via `dremio-cli`. It does not execute arbitrary code on the local machine from user input. Authentication details (PAT) are managed through `~/.dremio/profiles.yaml`, which is a standard, relatively secure method, rather than being hardcoded or exposed directly as environment variables in the application's runtime. The main security considerations would be the robustness of the Dremio Cloud API itself against SQL injection or other API-level exploits, and ensuring the `dremio-cli` configuration is secure.
Updated: 2026-01-16GitHub
0
0
Low Cost
patrickkarle icon

loda-mcp-server

by patrickkarle

Sec3

Provides token-efficient document search and navigation capabilities to LLMs (specifically Claude Desktop/Code) by returning relevant logical sections within a specified token budget.

Setup Requirements

  • ⚠️Requires Node.js 18+ runtime environment.
  • ⚠️Requires manual configuration in Claude Desktop/Code's JSON settings, including replacing a placeholder with the full path to the server script.
  • ⚠️Documents for search are expected to be in a local 'staging' directory or provided via absolute paths.
Review RequiredView Analysis
CRITICAL: The `search_content` tool directly uses the user-provided `query` to construct a regular expression (`new RegExp(query, 'gi')`), making it vulnerable to Regular Expression Denial of Service (ReDoS) attacks. CRITICAL: The `documentPath` parameter allows for absolute paths, meaning a malicious client could potentially instruct the server to read arbitrary files on the host system that the Node.js process has access to, bypassing the intended 'staging' directory.
Updated: 2025-11-28GitHub
0
0
Low Cost
crypticsaiyan icon

phosphor

by crypticsaiyan

Sec9

A terminal-based IRC client with modern UX, AI integration, and unique features, designed for efficiency.

Setup Requirements

  • ⚠️Python 3.11+ required.
  • ⚠️Docker must be installed, running, and user must have appropriate permissions for '/ai docker-...' commands to function.
  • ⚠️Azure SDK (`azure-identity`, `azure-mgmt-containerinstance`) and environment variables (`AZURE_SUBSCRIPTION_ID`, `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET`, `AZURE_TENANT_ID`, `AZURE_RESOURCE_GROUP`) are required for Azure integration.
  • ⚠️The `magic-wormhole` command-line tool must be installed for file transfers (`/send`, `/grab`).
  • ⚠️`simpleaudio` (and underlying system audio libraries like `libasound2-dev` on Linux) is required for audio feedback.
Verified SafeView Analysis
The application uses `subprocess` for various system commands (e.g., `docker`, `uname`, `wormhole`, audio players) and file system operations. These are generally implemented by passing arguments as lists to `subprocess.run` or `asyncio.create_subprocess_exec`, avoiding `shell=True` and direct user input interpolation into command strings, which significantly reduces command injection risks. File operations via `/ai list-files`, `/ai read-file`, `/ai search-files` use Python's `pathlib` for safer file system interaction. Hardcoded secrets are avoided in favor of environment variables for Azure integration. Overall, a good effort to minimize common security pitfalls related to external command execution.
Updated: 2025-12-05GitHub
0
0
Low Cost
ibraimacamara icon

PAP_mcp_server

by ibraimacamara

Sec2

This server provides a backend API with tools for managing school-related data, including students, guardians, and their relationships, likely for a school administration system.

Setup Requirements

  • ⚠️Requires a MySQL database named 'gestor_escola'.
  • ⚠️Hardcoded database credentials (root user, empty password) must be changed for any non-local/production environment.
  • ⚠️The PHP files in the 'dashmin' directory require a web server (e.g., Apache/Nginx with PHP) to function.
  • ⚠️The Python backend requires 'fastmcp' and 'mysql.connector' libraries.
Review RequiredView Analysis
CRITICAL: Database credentials (root user with empty password) are hardcoded in `backend/conexao.py` and `dashmin/conexao.php`. This is a severe security vulnerability. The MCP tools in `backend/server.py` appear to be directly exposed without any visible authentication or authorization mechanisms, which is also a critical risk for an administrative system. While SQL queries use parameter binding to prevent injection, the overall lack of access control makes the system highly insecure.
Updated: 2026-01-19GitHub
0
0
Medium Cost
mendez1212 icon
Sec8

Automates UI image optimization, README updates, and gallery generation across GitHub repositories using a Rust-powered GitHub Action or a Node.js Vercel serverless function.

Setup Requirements

  • ⚠️Requires a GitHub Personal Access Token (PAT) with 'repo' scope, or a configured GitHub App (for the Vercel processor), with associated secrets ('IMAGE_PROCESS_PAT', 'APP_ID', 'PRIVATE_KEY', 'GITHUB_WEBHOOK_SECRET').
  • ⚠️For local script execution (`create-repo.sh`, `readme-creation-date.sh`), the GitHub CLI (`gh`) must be installed and authenticated.
  • ⚠️The Node.js Vercel processor requires deployment to Vercel and Node.js >=20.0.0.
Verified SafeView Analysis
The GitHub Action workflow uses 'eval' to execute the Rust binary with dynamically constructed arguments. While the arguments are defined by workflow inputs and typically contain paths, 'eval' can be a security risk if malicious input were to bypass validation. However, the environment is controlled within GitHub Actions, mitigating immediate high risk. The Node.js Vercel processor includes robust webhook signature validation and relies on GitHub App authentication, which are secure practices. Secrets are correctly externalized as environment variables/workflow secrets.
Updated: 2026-01-19GitHub
0
0
Medium Cost
vromano-newel icon

hcore-mcp

by vromano-newel

Sec2

The HCore MCP Server exposes HCore APIs, organized into Postman collections, as tools for AI clients like Cursor to interact with backend services for healthcare data management.

Setup Requirements

  • ⚠️Requires `.env` file configuration (e.g., `POSTMAN_ENVIRONMENT_FILE`, `*_PATH` for collections) which is critical for functionality.
  • ⚠️Relies on external Postman collection JSON files and a Postman environment JSON file, which must be correctly structured and located.
  • ⚠️Designed for integration with the 'Cursor' IDE's Model Context Protocol, requiring specific client-side setup and configuration.
Review RequiredView Analysis
Multiple hardcoded sensitive values (API keys, client secrets, default admin password 'Admin1!') are present in 'nwl.obesity.stage.postman_environment.json'. The 'resolveTemplates' function performs direct variable substitution into request URLs, headers, and bodies, creating a significant risk of injection (e.g., Server-Side Request Forgery, header injection, or arbitrary data manipulation in downstream systems) if variable values originate from untrusted or unsanitized input provided by the MCP client. This allows an attacker to control parts of HTTP requests, potentially leading to unauthorized access or data breaches.
Updated: 2025-11-28GitHub
0
0
Low Cost
AdiScaleup968 icon

corello-mcp-server

by AdiScaleup968

Sec7

Provides AI agents with standardized access to manufacturing operations data for real-time analysis, monitoring, and data entry.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Designed to connect to Google's AI Studio (aistudio.google.com) via an SSE endpoint.
  • ⚠️Utilizes mock data; does not connect to a real database or external data source in its current default implementation.
Verified SafeView Analysis
The server uses highly permissive CORS settings (`Access-Control-Allow-Origin: *`) and 'Access-Control-Allow-Private-Network: true' headers to enable connection from AI Studio. While necessary for local development/demos interacting with web clients, stricter origin configuration would be required in a production environment. Tool argument validation relies on the AI client adhering to the schema, without explicit server-side runtime validation of input types/values within the `CallToolRequestSchema` handler. No hardcoded secrets or 'eval' usage detected. The data is currently mock data, which reduces immediate database injection risks.
Updated: 2025-12-11GitHub
0
0
Low Cost
NirjharDeb icon
Sec9

Provides a defense layer for agentic LLMs in IDEs by detecting and sanitizing hidden payloads and malicious instructions within tool responses.

Setup Requirements

  • ⚠️Requires FastMCP Cloud for hosting, deployment, and automatic builds (as per README).
  • ⚠️Needs specific JSON configuration within Cursor IDE's MCP settings to integrate.
  • ⚠️Operates as a proxy to 'https://ronin-mcp-v1.fastmcp.app/mcp', requiring outbound network access to this URL.
Verified SafeView Analysis
The server's code is explicitly designed for defensive purposes, primarily utilizing string manipulation, regex matching, and heuristic-based scoring. It does not contain 'eval' statements, hardcoded secrets, or direct external command execution vulnerabilities within its logic. The primary security consideration lies in the efficacy of its detection methods against novel or sophisticated attack vectors, rather than inherent vulnerabilities in the defense implementation itself. The proxy architecture means it mediates traffic to another service, relying on the security of both the proxy and the upstream service.
Updated: 2025-12-01GitHub
0
0
Low Cost
ivmarcos icon
Sec8

A Model Context Protocol (MCP) server providing file system and utility tools for AI models like Claude to interact with the local environment.

Setup Requirements

  • ⚠️Requires Node.js 18+ runtime environment.
  • ⚠️Connecting to Claude requires specifying an absolute path to the `src/index.ts` file in the Claude configuration.
Verified SafeView Analysis
The server uses `execSync` within the `run_command` tool, which is inherently risky. However, it's mitigated by a strict whitelist of allowed commands (pwd, whoami, date, uptime, hostname), preventing arbitrary command execution. File system operations are limited by the process's permissions. There is a debug `fs.writeFile` to a hardcoded absolute path in `get_time` which should be removed in production, but it's not a direct vulnerability. No `eval` or obfuscation found.
Updated: 2025-11-22GitHub
0
0
Low Cost
pect0ral icon
Sec8

Token-optimized codebase exploration and analysis for Claude Code, significantly reducing API token usage.

Setup Requirements

  • ⚠️Requires Python 3.8+.
  • ⚠️Windows is not currently supported; designed for macOS and Linux.
  • ⚠️Requires the `watchdog` library for file watching (automatically installed during setup).
Verified SafeView Analysis
The project extensively uses regular expressions and Python's AST module to parse and analyze source code files, including identifying security-relevant patterns (e.g., `eval`, `system`, SQL queries, XSS sinks) within the *target codebase*. These identified patterns are for static analysis and are not executed by the tool itself. The `bootstrap.py` installer and the `cli.py` module use `subprocess.run` for standard operations like virtual environment management, package installation (`pip`), and executing the `claude-map` binary itself. Inputs to these subprocess calls are derived from resolved file paths or hardcoded commands, mitigating direct shell injection risks. The Claude Code hooks queue file paths via `echo` to a text file, which is then processed by the `claude-map update` command, further limiting direct command injection from file paths.
Updated: 2026-01-18GitHub
0
0
Medium Cost
vimalprakashts icon

openapi-spec-mcp-server

by vimalprakashts

Sec8

Serves OpenAPI specifications as an MCP server for dynamic API interaction, exploration, code generation, and validation by AI clients like Claude, without loading the entire spec into context.

Setup Requirements

  • ⚠️Requires an OpenAPI/Swagger URL to be provided via CLI argument, environment variable, or configuration file.
  • ⚠️Requires Node.js and npm (or npx) for installation and execution.
  • ⚠️Designed to be used with a Model Context Protocol (MCP) client (e.g., Claude Code/Desktop), not as a standalone application with a direct user interface.
Verified SafeView Analysis
The server fetches and processes OpenAPI specifications from user-provided URLs. While it uses standard libraries (axios, json-schema-ref-parser) with built-in retry, timeout, and basic spec validation, the inherent risk of processing untrusted external data exists. No direct 'eval' or obvious malicious patterns were found. Authentication tokens are generated as placeholders, not hardcoded.
Updated: 2025-11-28GitHub
0
0
Medium Cost
MOODMNKY-LLC icon

MSW-REPO

by MOODMNKY-LLC

Sec9

This project provides a comprehensive academic management system for MSW students, integrating file storage in a repository with Notion as a programmatic frontend for organization, metadata management, and automation of academic content.

Setup Requirements

  • ⚠️Requires Notion API Key and manual sharing of Notion workspace/databases/pages (e.g., 'HUB' page) with the integration.
  • ⚠️Requires Node.js v18+ and pnpm v9+ for core repository functionality and script execution.
  • ⚠️Many scripts (e.g., update-hub-page.js, create-academic-databases.js) expect a Notion page titled 'HUB' to exist and be accessible to the integration.
Verified SafeView Analysis
No 'eval' or obfuscation detected. Notion API Key is correctly externalized via environment variables. File system operations are primarily for internal project files (config, markdown, course content) and repository structure, not arbitrary user input, reducing direct execution risks. The main network interactions are with the Notion API and GitHub raw content (for file access). Scripts include mechanisms for backing up Notion content before potentially destructive operations. Hardcoded Notion page/database IDs are identifiers, not sensitive data. The primary risk is misconfiguration or misuse of Notion API commands by the user.
Updated: 2025-12-03GitHub
PreviousPage 306 of 713Next