Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
Ashiq8 icon
Sec9

Provides a simple todo list management system accessible via the MCP protocol, allowing clients to add, delete, and list tasks.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Requires the 'mcp[cli]' library to be installed (e.g., via pip).
Verified SafeView Analysis
The server's code does not use 'eval' or similar dangerous functions. File I/O is restricted to a single 'todos.json' file. Input validation is performed for the 'delete_todo' index, preventing out-of-bounds access. Outputs are JSON serialized, mitigating injection risks. No hardcoded secrets or direct network risks (beyond the MCP stdio communication) are apparent from the provided source. The design is simple and appears secure for its intended purpose.
Updated: 2025-12-02GitHub
0
0
High Cost
Dhruv-Limbani icon

puddle-map

by Dhruv-Limbani

Sec3

Provides an AI assistant for a data marketplace, enabling semantic search, filtering, and detailed evaluation of datasets, as well as managing buyer-vendor inquiries and negotiations.

Setup Requirements

  • ⚠️Requires Google Gemini API Key (Paid)
  • ⚠️Requires PostgreSQL Database
  • ⚠️Requires Python 3.13 or newer
Review RequiredView Analysis
The server's `APIKeyMiddleware` for authentication is defined but commented out (`# app.add_middleware(APIKeyMiddleware)`) in `server.py`. This means the server is currently unprotected and accessible to anyone without an API key, despite the `README.md` explicitly stating `API_KEY` is for authentication. This represents a critical vulnerability where all API endpoints would be exposed.
Updated: 2025-12-09GitHub
0
0
High Cost
lmfor icon
Sec9

A data pipeline that downloads League of Legends esports data from Kaggle and trains a TensorFlow model to predict match outcomes.

Setup Requirements

  • ⚠️Python 3.13+ only (specified in pyproject.toml)
  • ⚠️Requires Kaggle API credentials for dataset download (e.g., KAGGLE_USERNAME, KAGGLE_KEY environment variables or ~/.kaggle/kaggle.json configuration file).
Verified SafeView Analysis
The code itself does not contain obvious security vulnerabilities like eval, hardcoded secrets, or malicious patterns. The primary security consideration is the reliance on external data downloaded from Kaggle, which is a common practice in ML but inherently carries a minor risk if the downloaded datasets themselves were compromised or maliciously crafted to exploit vulnerabilities in pandas or other processing libraries. However, Kaggle is a reputable source, and the code handles data loading in a standard manner.
Updated: 2026-01-19GitHub
0
0
Medium Cost
hamza-safwan icon

mcp-server

by hamza-safwan

Sec3

Facilitates multiplayer gaming or provides server-side logic for a game, likely Minecraft.

Review RequiredView Analysis
Cannot perform a detailed security audit as no source code content was provided for analysis. Defaulting to a low score due to unknown risks and lack of visibility.
Updated: 2025-12-07GitHub
0
0
Medium Cost
djslajs icon

mcp-server

by djslajs

Sec7

The server provides a Multi-Capability Platform (MCP) endpoint, exposing weather information, company/project documentation, and various prompt templates as AI tools and resources for Spring AI applications.

Setup Requirements

  • ⚠️Requires `OPEN_WEATHER_API_KEY` environment variable (or relies on the hardcoded default).
  • ⚠️Requires `DOCUMENT_BASE_PATH` environment variable pointing to a directory containing markdown/JSON files for company and project documentation.
  • ⚠️Requires a Java Development Kit (JDK) 17 or newer and Maven to build and run.
Verified SafeView Analysis
A default API key `FAVWlSB7Qa6FVpUgezGuHw` is hardcoded in `application.yml` for the external weather API. While it's a default value for an environment variable, its presence in the source code is a potential risk if it were a sensitive key. The server also reads local files based on the `company.docs.base-path` property; improper configuration of this path in a production environment could lead to the unintended exposure of files.
Updated: 2025-11-27GitHub
0
0
Medium Cost
consigcody94 icon

sql-whisperer

by consigcody94

Sec9

Provides a multi-database server for natural language to SQL translation, deep schema introspection, and query optimization via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js 16+ as a runtime environment.
  • ⚠️Needs a separate Claude Desktop or Claude Code installation to function as an MCP server.
  • ⚠️Requires configuration of database connection details via environment variables within Claude's mcpServers config.
Verified SafeView Analysis
The server employs robust query validation, explicitly checking for dangerous operations (e.g., DROP TABLE, TRUNCATE, DELETE without WHERE) and common SQL injection patterns. All database clients use parameterized queries, which is a critical defense against injection. The natural language query functionality is indicated as a placeholder, implying the LLM generates SQL that then goes through the server's validation. No 'eval' or direct arbitrary code execution is present. Configuration encourages the use of environment variables for secrets, reducing the risk of hardcoded credentials.
Updated: 2025-11-21GitHub
0
0
High Cost

memory-wiki

by Algiras

Sec8

Semantic knowledge base and MCP server for organizing, searching, and connecting information with AI-powered features, including semantic search, knowledge graph, and file ingestion.

Setup Requirements

  • ⚠️Requires OpenAI, Anthropic, or OpenRouter API key for advanced LLM features (e.g., entity extraction, summarization), or a local Ollama instance for local LLM usage if those features are desired.
  • ⚠️PDF and DOCX file ingestion requires external tools `pdftotext` (from poppler-utils) and `pandoc` respectively to be installed on the system.
Verified SafeView Analysis
The server uses `bollard` for Docker integration, specifically to manage a Qdrant container, which implies interaction with the Docker daemon. It executes external commands (`pdftotext`, `pandoc`) for document ingestion; however, argument handling via Rust's `Command` API generally sanitizes inputs, mitigating command injection risks. The web UI listens on a network port, requiring appropriate firewalling if not intended for public access. LLM integrations rely on environment variables for API keys, avoiding hardcoded secrets. Data is stored locally in JSON files, reducing remote database attack surface. Overall, security practices appear reasonable for its intended use case.
Updated: 2025-11-27GitHub
0
0
Medium Cost
Puneeth0106 icon
Sec7

This server provides a set of tools to track and manage personal expenses, allowing users to add, list, summarize, update, and delete expenses through an API.

Setup Requirements

  • ⚠️Requires Python 3.11+ as specified in `pyproject.toml`.
  • ⚠️For PostgreSQL-based servers (`local-expense-mcp-server.py`, `remote-expense-mcp-server.py`, `remote-mcp-authentication-server.py`, `server.py`), the `DATABASE_URL` environment variable is required.
  • ⚠️For the GitHub OAuth-enabled server (`remote-mcp-authentication-server.py`), `FASTMCP_SERVER_AUTH_GITHUB_CLIENT_ID` and `FASTMCP_SERVER_AUTH_GITHUB_CLIENT_SECRET` environment variables are required.
  • ⚠️Most server implementations (`local-expense-mcp-server.py`, `remote-expense-mcp-server.py`, `server.py`) are not suitable for multi-user public deployment without an additional, external authentication/authorization layer due to their reliance on an unverified `user_id` parameter.
Review RequiredView Analysis
The database interactions use parameterized queries (both psycopg2 and sqlite3), which effectively prevents SQL injection vulnerabilities. Environment variables are correctly utilized for sensitive information such as database connection URLs and API keys (e.g., GitHub OAuth credentials). CRITICAL CONCERN: Several server implementations (`local-expense-mcp-server.py`, `remote-expense-mcp-server.py`, and `server.py`) rely on a `user_id` parameter passed by the client. While they contain an `ensure_user_identity` helper to prompt for a user's name if `guest` is provided, these servers *do not perform any authentication or authorization on the `user_id` itself*. If these servers are deployed to a publicly accessible network without an external, robust authentication layer, any individual could potentially access or manipulate expense data for any `user_id` by simply specifying it in their API requests. This poses a significant security risk for multi-user or public deployments. MINOR CONCERN: In `remote-mcp-authentication-server.py`, the `JWT_KEY` environment variable and its use as a `jwt_signing_key` for the GitHubProvider are commented out. If `FastMCP` does not automatically provide a strong default or if tokens are used without proper signing, this could compromise the integrity and authenticity of authentication tokens. Network Exposure: The servers are configured to run on `0.0.0.0`, meaning they listen on all available network interfaces. This requires proper network security (e.g., firewalling) if deployed in a production or publicly exposed environment.
Updated: 2026-01-18GitHub
0
0
Low Cost
ericskiff icon

mbta-mcp

by ericskiff

Sec9

Provides real-time MBTA Worcester Line train schedules as a Model Context Protocol (MCP) server for AI assistants.

Setup Requirements

  • ⚠️Requires a free MBTA API Key obtained from api-v3.mbta.com.
  • ⚠️The MCP server authentication (`MCP_API_KEY`) is optional; if not configured, the server will allow anonymous access, which may pose a security risk if deployed publicly without additional access controls.
  • ⚠️The project is built with Next.js and primarily designed for deployment on Vercel, requiring familiarity with Vercel's environment variable and serverless function management.
Verified SafeView Analysis
The server correctly utilizes environment variables for both the MBTA API Key and an optional MCP authentication key. Input validation for the 'get_worcester_departures' tool is robustly implemented using Zod schemas, mitigating common injection and data validation risks. Network requests to the external MBTA API are performed using `fetch` with controlled, parameterized inputs, preventing arbitrary code execution. The authentication mechanism for the MCP server itself (`MCP_API_KEY`) relies on a bearer token via the Authorization header; while optional, its implementation is standard when enabled. If the `MCP_API_KEY` is not set, the server allows anonymous access, which is a deployment configuration risk if not intended, but not a code vulnerability. No 'eval', direct command execution via user input, or obvious malicious patterns were found in the provided source code.
Updated: 2026-01-19GitHub
0
0
Medium Cost
vaibhavdashoraIU icon

Trilix-Atlassian-MCP-Server

by vaibhavdashoraIU

Sec9

The Trilix Atlassian MCP Server enables AI assistants (like ChatGPT or Claude) to interact with multiple Atlassian workspaces (Confluence, Jira) simultaneously through a standardized Model Context Protocol (MCP). It acts as a trusted intermediary, providing normalized, validated, and secure data access.

Setup Requirements

  • ⚠️Requires Go 1.22+ to build and run.
  • ⚠️Requires Docker and Docker Compose for local infrastructure setup (PostgreSQL and RabbitMQ).
  • ⚠️The `TwistyGo` library must be manually cloned locally and referenced via a `replace` directive in `go.mod`, instead of standard `go get` dependency management.
  • ⚠️A 32-character `API_KEY_ENCRYPTION_KEY` must be securely generated and set in the environment for API token encryption.
  • ⚠️For user authentication, a Clerk.dev account and its `CLERK_SECRET_KEY` and `CLERK_PUBLISHABLE_KEY` are required, or the server will run in an unauthenticated development mode.
Verified SafeView Analysis
The system employs AES-256-GCM encryption for API tokens at rest in PostgreSQL, preventing sensitive data exposure. User authentication is handled via Clerk JWT, and a service token allows secure bot integration with user impersonation. The architecture explicitly avoids direct HTTP communication between microservices, opting for RabbitMQ, which enhances security. Documentation clearly outlines the necessity of replacing example secrets with strong, unique values. There are no indications of code injection vulnerabilities like 'eval' or other malicious patterns. The overall design prioritizes secure handling of credentials and user data.
Updated: 2026-01-13GitHub
0
0
Low Cost
priyankawadle icon

Python_MCP

by priyankawadle

Sec9

Serves as a local backend for an AI agent (Claude) to manage employee leave requests, allowing the AI to check balances, apply for leave, and view history.

Setup Requirements

  • ⚠️Requires the Claude Desktop application to be installed to interact with the server.
  • ⚠️Relies on `uv` (Ultrafast Python package installer and resolver) for dependency management and execution, which might require an additional installation step if not already present.
  • ⚠️The `mcp` CLI tool is specifically used for installing and running the server, indicating a framework-specific setup process.
Verified SafeView Analysis
The source code uses standard Python operations (dictionary lookups, string formatting) and does not contain `eval`, `exec`, or direct shell command executions. Inputs are used as data (dictionary keys/values) and are not treated as executable code. There are no hardcoded secrets or sensitive credentials visible. The server's data is in-memory and non-persistent, reducing long-term data breach risks within the server itself.
Updated: 2025-12-16GitHub
0
0
Low Cost
BridgerB icon
Sec8

Manages Minecraft servers remotely using the Minecraft Server Management Protocol (MCP) via an MCP server.

Setup Requirements

  • ⚠️Requires Deno 2.0 or higher.
  • ⚠️Requires a Minecraft Server 1.21.9+ with its management server enabled and configured in 'server.properties'.
  • ⚠️Uses Deno's unstable WebSocketStream API, requiring the '--unstable-net' flag, which may be subject to future breaking changes.
  • ⚠️Requires manual creation and editing of 'config.json' from 'config.json.example' with server details and secrets.
Verified SafeView Analysis
No 'eval' or obfuscation was found in the provided source code. The server communicates with its client (e.g., Claude Code) over stdio, which is secure. Connections to Minecraft servers use WebSockets with a bearer token from 'config.json'. Users must ensure 'config.json' containing these secrets is properly secured on their system. The use of the Deno '--unstable-net' flag is noted but not a direct security vulnerability.
Updated: 2025-11-22GitHub
PreviousPage 314 of 713Next