Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
toshio999 icon
Sec3

Enables local LLM clients (like Claude Desktop) to query on-premise Symfoware databases using natural language.

Setup Requirements

  • ⚠️Requires pre-installed Fujitsu Symfoware Client with .NET Data Provider and its assemblies registered in the GAC.
  • ⚠️Requires Windows OS and .NET Framework 4.8 runtime environment.
  • ⚠️Requires manual configuration of Claude Desktop's `claude_desktop_config.json` to specify the server executable and connection details.
Review RequiredView Analysis
The primary security concern is the `query_database` function, which allows LLM-generated SQL queries to be executed directly against the Symfoware database. While a `SYMFOWARE_SELECT_ONLY` flag exists to restrict operations to `SELECT` statements, it does not prevent SQL injection attacks that could lead to data exfiltration or denial of service through complex queries. The provided documentation does not detail any robust SQL sanitization, parameterization, or allowlisting mechanisms to mitigate these risks. Without the actual C# source code for query execution, a significant risk of SQL injection must be assumed. No 'eval' or obfuscation is apparent, and hardcoded secrets are not visible as the connection string is expected to be an environment variable.
Updated: 2026-01-17GitHub
0
0
Low Cost
Traia-IO icon
Sec8

Interact with CoinmarketCap v106 API via an AI-friendly Model Context Protocol (MCP) server, supporting both authenticated access with client API keys and pay-per-use via a blockchain-based HTTP 402 payment protocol.

Setup Requirements

  • ⚠️Requires a CoinmarketCap API Key (`COINMARKET_V106_API_KEY`), which can be client-provided (free mode) or server-provided (paid mode).
  • ⚠️Docker (or Python 3.12+ with `uv` for manual installation) is required.
  • ⚠️Requires Ethereum wallet details (`SERVER_ADDRESS`, `MCP_OPERATOR_PRIVATE_KEY`, `MCP_OPERATOR_ADDRESS`) for the D402 payment protocol; a local script can auto-generate these for development but relies on the `web3` Python library.
Verified SafeView Analysis
The server uses `allow_origins=["*"]` with `allow_credentials=True` in its CORS configuration, which is broad but common for public APIs intended for various client integrations like LLMs. It heavily relies on the `traia_iatp.d402` library for HTTP 402 payment protocol and blockchain verification; the security posture is significantly dependent on the robustness and audit status of this external library. The `run_local_docker.sh` script dynamically generates Ethereum keys (`SERVER_ADDRESS`, `MCP_OPERATOR_PRIVATE_KEY`, `MCP_OPERATOR_ADDRESS`) for local development if not present, which is a convenient workaround but adds complexity to the local setup process. API calls to CoinmarketCap use hardcoded URLs and include timeouts, reducing risk from arbitrary external calls. No direct `eval`, code obfuscation, or overtly malicious patterns were identified in the provided source.
Updated: 2026-01-19GitHub
0
0
Medium Cost
emrgcl icon
Sec9

An AI-powered toolkit for making informed Azure region selection decisions by combining network latency testing and pricing analysis.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Azure CLI must be installed and authenticated (`az login`).
  • ⚠️Your Azure account needs permissions to create and delete Azure Resource Groups and Storage Accounts.
Verified SafeView Analysis
The server uses DefaultAzureCredential for secure Azure authentication, avoiding hardcoded secrets. It employs Pydantic for input validation, minimizing injection risks. Temporary Azure resources (resource groups and storage accounts) are created for latency testing and include automatic, robust cleanup mechanisms, even on cancellation. Requires Azure permissions to create/delete these resources.
Updated: 2026-01-19GitHub
0
0
Medium Cost
ashutoshkj icon

my-mcp-server

by ashutoshkj

Sec1

A server implementing the Minecraft Protocol, allowing clients to connect and interact within a game world.

Review RequiredView Analysis
CRITICAL: A comprehensive security audit cannot be performed as no source code was provided. The server's nature suggests it handles network connections and potentially game logic, making security a high priority. Without code review, it's impossible to check for vulnerabilities like 'eval' usage, hardcoded secrets, network attack vectors, or other malicious patterns. Running this server without reviewing its source code is highly risky.
Updated: 2025-11-30GitHub
0
0
Low Cost
dylanmarriner icon

KAIZA-MCP-server

by dylanmarriner

Sec9

Enterprise governance gateway for AI-driven development, transforming unconstrained AI agents into governed execution authorities.

Setup Requirements

  • ⚠️Requires Node.js 18+ and npm 9+.
  • ⚠️Mandatory environment variable `KAIZA_BOOTSTRAP_SECRET` must be set for initial plan creation.
  • ⚠️Requires an MCP-compatible client (e.g., Windsurf, Claude in Cline) for interaction, as it communicates over standard I/O.
  • ⚠️The `read_prompt` tool must be called first in any session before `write_file` operations are permitted.
Verified SafeView Analysis
The KAIZA MCP server is designed with a strong 'security-first' and 'fail-closed' philosophy. It implements a zero-trust execution model, plan-based authorization, cryptographic audit trails, and extensive write-time policy enforcement (stub detection, language-specific rules, intent co-requirement). Path traversal is strictly prevented, and all write operations are subject to preflight checks and atomic reverts upon failure. All secrets are expected via environment variables. Communication is primarily over stdio, reducing network attack surface. Comprehensive adversarial testing and remediations are documented.
Updated: 2026-01-19GitHub
0
0
Low Cost
nidajumail icon

mcp_server

by nidajumail

Sec1

Unable to determine the specific use case as no source code was provided for analysis.

Review RequiredView Analysis
No source code was provided for analysis. Therefore, a comprehensive security audit cannot be performed. It is impossible to identify 'eval' usage, obfuscation, network risks, hardcoded secrets, or any malicious patterns without access to the code. Running software without code review is inherently risky.
Updated: 2025-11-25GitHub
0
0
Medium Cost
kalivemularajendra icon

BigQuery-Assistant

by kalivemularajendra

Sec9

A FastMCP-powered BigQuery server that provides intelligent data discovery and analytics capabilities through specialized AI agents.

Setup Requirements

  • ⚠️Requires a Google Cloud BigQuery project ID.
  • ⚠️Requires Google Cloud authentication (service account, ADC, or gcloud login).
  • ⚠️Requires installation of Python dependencies: fastmcp, google-cloud-bigquery, python-dotenv, google-adk.
Verified SafeView Analysis
The server uses environment variables for sensitive BigQuery project ID, location, and service account key file, which is good practice. It leverages Google Cloud's official `google-cloud-bigquery` and `google.auth` libraries for authentication, supporting service account key files and Application Default Credentials. There are no obvious hardcoded secrets, `eval` calls, or obfuscation. Logging of the key file path is intentionally avoided. Network communication uses standard HTTP/SSE.
Updated: 2025-12-01GitHub
0
0
Low Cost
ViperJuice icon

pmcp

by ViperJuice

Sec8

Acts as a single MCP server for Claude Code to reduce context bloat by providing on-demand tool discovery and dynamic server provisioning.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Node.js (with npm/npx) and/or a Python package manager (like `uv` or `pip`) must be available on the system to install and run many downstream MCP servers.
  • ⚠️For LLM-enhanced capability matching and summarization (optional `pmcp[llm]` feature), a `GROQ_API_KEY` is required.
  • ⚠️Many downstream MCP servers (e.g., GitHub, Brave Search, Notion, Postgres) require their own specific API keys, which must be set as environment variables.
Verified SafeView Analysis
The server's core function involves spawning and managing external processes (other MCP servers or CLIs) via `asyncio.create_subprocess_exec`. While this is necessary for its design, it inherently relies on the trustworthiness of the manifest (`manifest.yaml`) and the integrity of installed downstream packages (npm/PyPI). The `PolicyManager` is implemented to mitigate risks through allow/deny lists for servers, tools, resources, and prompts, as well as output size caps and secret redaction. Crucially, a singleton lock and self-reference filtering are in place to prevent recursive spawning. No obvious `eval` or obfuscation was found, and hardcoded secrets are avoided by relying on environment variables. The primary security consideration is the vigilance required in managing and auditing the list of allowed external tools.
Updated: 2026-01-17GitHub
0
0
Low Cost
carlosGalisteo icon

mcp_server_example

by carlosGalisteo

Sec9

This server exposes simple Python functions as API endpoints using the FastMCP framework, providing a demonstration of a microservice.

Setup Requirements

  • ⚠️Requires Python version 3.12 or higher.
  • ⚠️Relies on the 'mcp[cli]' library, which needs to be installed.
Verified SafeView Analysis
The provided source code is minimal and implements a simple addition function, which presents no inherent security risks like 'eval', obfuscation, hardcoded secrets, or malicious patterns. The overall security profile would heavily depend on the underlying 'mcp' framework and its implementation, which is not fully detailed here.
Updated: 2025-12-03GitHub
0
0
Low Cost
sudo-tildo icon

Minimal-MCP-Server

by sudo-tildo

Sec1

A minimalist server likely implementing or interacting with a Minecraft-like protocol, possibly for testing custom game functions or providing a lightweight backend.

Review RequiredView Analysis
Cannot perform a security audit as the source code was not provided. Without code inspection, it is impossible to verify the absence of 'eval', hardcoded secrets, network vulnerabilities, or malicious patterns. Therefore, it is considered unsafe to run.
Updated: 2025-11-30GitHub
0
0
Medium Cost
redblac icon
Sec8

Summarizes YouTube videos and website content using Large Language Models (LLMs) via LangChain and Groq.

Setup Requirements

  • ⚠️Requires a Groq API Key (which may incur costs depending on usage).
  • ⚠️Requires Python 3.7+ and specific Python libraries (e.g., Streamlit, LangChain, validators) to be installed.
  • ⚠️The application runs as a Streamlit web interface locally.
Verified SafeView Analysis
The application handles external URLs, which inherently carries some risk. It uses `UnstructuredURLLoader` to fetch content, and `ssl_verify=False` is set for this loader, which could theoretically expose it to man-in-the-middle attacks when fetching website content, though it's common in development for convenience. User-provided Groq API keys are handled via Streamlit's password input, preventing hardcoding. Input URLs are validated. There are no obvious 'eval' or similar dangerous functions that could lead to arbitrary code execution within the provided source.
Updated: 2026-01-19GitHub
0
0
Low Cost
bernardpacis icon

create-mcp-server-kit

by bernardpacis

Sec9

Scaffold a production-ready Model Context Protocol (MCP) server quickly.

Setup Requirements

  • ⚠️Node.js 18 or later is required.
  • ⚠️A package manager (npm, pnpm, yarn, or bun) must be installed.
Verified SafeView Analysis
The project is a CLI scaffolding tool. It uses `spawnSync` to execute `git` and package manager commands (`npm install`, etc.). While `spawnSync` can be a vector for abuse if commands are constructed from untrusted input, here it's used for standard development operations with predefined commands and arguments. Input validation for directory names and template options is handled, reducing risk. No `eval` or obvious malicious patterns were found. The generated server template uses the official MCP SDK and Zod for input validation, which is a good security practice for API inputs. The server uses stdio transport, reducing network exposure by default.
Updated: 2026-01-19GitHub
PreviousPage 313 of 713Next