Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
Akungapaul icon

wp-advanced-mcp

by Akungapaul

Sec1

Manages WordPress installations by providing an MCP interface for WP-CLI commands, database operations, and WordPress REST API interactions.

Setup Requirements

  • ⚠️Requires a running WordPress installation.
  • ⚠️WP-CLI must be installed and accessible, with `WP_CLI_PATH` and `WORDPRESS_PATH` configured.
  • ⚠️Requires WordPress REST API credentials (username and app password) for REST client operations.
  • ⚠️SSH access details (`SSH_HOST`, `SSH_PORT`, `SSH_USER`, `SSH_KEY_PATH`) are required if WP-CLI is to be executed remotely via SSH.
Review RequiredView Analysis
The server exposes highly privileged operations like `execute_wp_cli` and `database_query` which allow execution of arbitrary WP-CLI commands and SQL queries (including destructive ones if `read_only` is not strictly enforced). There is no explicit authentication or authorization layer visible in the provided code, meaning any party with access to this MCP server endpoint could potentially execute these commands. This poses critical risks including system compromise, data loss, privilege escalation, and command/SQL injection if input sanitization by the underlying clients is not robust enough for all possible inputs.
Updated: 2025-11-28GitHub
0
0
Low Cost
ConnorH2582 icon
Sec8

A full-stack geospatial similarity search application allowing natural-language queries to find visually similar imagery chips on an interactive map with live weather.

Setup Requirements

  • ⚠️Requires `embeddings.db` file to be downloaded separately and placed in the project root, without which the backend will not run.
Verified SafeView Analysis
The server demonstrates good security practices for a demo application: parameterized queries are used for DuckDB to prevent SQL injection, CORS is correctly configured with `allow_credentials=False` when `allow_origins=["*"]`, and external API calls (OSM Nominatim, Open-Meteo) do not rely on hardcoded secrets (Open-Meteo is keyless, OSM is public). No 'eval' or obvious malicious code patterns were found. Minor areas for further hardening in a production environment could include explicit input validation for all API parameters, rate limiting, and robust authentication/authorization mechanisms.
Updated: 2025-12-05GitHub
0
0
High Cost
roberto-delfiore icon

claude-code-best-practices

by roberto-delfiore

Sec9

This repository provides a comprehensive guide and configuration examples for leveraging Claude Code's advanced features, including Model Context Protocol (MCP) servers, sub-agents, hooks, and CI/CD integration, specifically tailored for professional use in enterprise environments.

Setup Requirements

  • ⚠️Requires an Anthropic account with a paid tier (Pro, Max, Teams, or Enterprise).
  • ⚠️Requires Node.js and npm/npx installed for setting up and running various MCP servers and hooks.
  • ⚠️Specific environment variables (e.g., API keys, database URLs) must be configured depending on the integrated services.
Verified SafeView Analysis
The provided source code is primarily documentation for Claude Code best practices, which heavily emphasizes a layered security model including user approval, sandboxing (filesystem and network isolation), and a robust permission system (allow/deny lists). It explicitly warns against hardcoded secrets, dangerous shell commands (e.g., `rm -rf`, `curl | bash`), and unauthorized file access, and suggests strict containerization for maximum security. There is no `eval`, obfuscation, or direct malicious code in the provided documentation snippets; rather, the documentation outlines how to configure for secure operation. The strong emphasis on security in the documentation is a significant positive.
Updated: 2026-01-17GitHub
0
0
Medium Cost
marshally icon

mcp-refactoring

by marshally

Sec8

An MCP server that exposes Martin Fowler's refactoring catalog to LLMs through a pluggable, language-agnostic architecture for code transformation.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires 'molting-cli' (or another language-specific backend) to be installed and available in PATH for Python refactorings. This is an external dependency.
  • ⚠️Code analysis and structure inspection for Python are currently stubbed or return limited information, relying on future enhancements to the 'molting-cli' backend.
Verified SafeView Analysis
The server executes external language-specific CLI tools (e.g., 'molting-cli'). It uses safe subprocess execution (`asyncio.create_subprocess_exec` with `*args`) to prevent typical shell injection from the MCP server's side. The primary security consideration lies in the robustness of these external CLI tools to handle potentially malicious or malformed 'target' and 'params' inputs without introducing vulnerabilities themselves. No direct 'eval', 'exec', or hardcoded secrets were found, and it communicates via stdio, not network ports.
Updated: 2025-11-29GitHub
0
0
Medium Cost
masseater icon

n8n-mcp-server

by masseater

Sec9

Enables AI models to manage and interact with n8n workflow automation platform through a standardized Model Context Protocol (MCP) interface.

Setup Requirements

  • ⚠️Requires an active n8n instance (local or remote) and a valid n8n API key for functionality.
  • ⚠️Requires Node.js 22.10.0 or higher.
  • ⚠️Tools like 'create_workflow_from_file' and 'replace_workflow_from_file' expect the AI agent to provide valid local file paths to workflow JSON definitions on the server where the MCP server is running.
Verified SafeView Analysis
The server correctly uses environment variables for sensitive API keys and implements basic retry logic for API calls. Logging masks API keys in output. File operations (creating/replacing workflows from local JSON files) assume the AI agent provides trusted paths; `path.resolve` is used but a malicious AI could potentially craft paths if not properly sandboxed. Overall, it is well-structured for its intended use case as a developer tool with a trusted AI agent.
Updated: 2025-12-04GitHub
0
0
Medium Cost
Anishshah2-gmail icon

candidate-sourcing-mcp

by Anishshah2-gmail

Sec8

Provides an AI agent (like Claude Desktop) with tools for LinkedIn-based candidate sourcing, including searching, detailed profile fetching, bookmarking, and exporting.

Setup Requirements

  • ⚠️Requires LinkedIn Talent Solutions API access, which typically involves a corporate partnership/agreement and is not a simple API key purchase.
  • ⚠️Requires Node.js version 18 or higher to run.
  • ⚠️The Proxycurl data provider, while coded, has been shut down due to a LinkedIn lawsuit, making it non-viable for use.
Verified SafeView Analysis
The server uses `zod` for robust input validation. Sensitive API credentials are correctly handled via environment variables, reducing the risk of hardcoded secrets. Local bookmark storage is confined to the user's home directory. The primary security considerations stem from reliance on external APIs (LinkedIn Talent Solutions or deprecated Proxycurl) and the handling of potentially sensitive candidate data, which is an inherent risk of the application's purpose, not a flaw in the server's code itself.
Updated: 2025-12-03GitHub
0
0
Medium Cost
danngalann icon

zoho-sprints-mcp

by danngalann

Sec9

Provides programmatic access to Zoho Sprints project management functionality, enabling automation via integration tools like Claude.

Setup Requirements

  • ⚠️Requires Python 3.12+.
  • ⚠️Requires a Zoho Sprints account with API access and Zoho OAuth credentials.
  • ⚠️Initial Zoho OAuth refresh token setup is a multi-step manual process involving a browser interaction and copying/pasting URLs.
  • ⚠️The `ZOHO_TEAM_ID` environment variable is practically required for most API operations, despite being listed as optional in documentation.
Verified SafeView Analysis
The project uses Pydantic for environment variable management, ensuring credentials are loaded from a .env file and not hardcoded. OAuth 2.0 with automatic token refresh is implemented securely. The `get_refresh_token.py` script guides a manual but standard OAuth flow. No 'eval', 'exec', or direct `subprocess` calls were found. The server binds to '0.0.0.0' which is standard but requires proper firewalling if exposed externally.
Updated: 2025-12-02GitHub
0
0
Low Cost
areeba-awan icon

mcp-server-prac

by areeba-awan

Sec1

A practice server designed for learning or developing applications that interact with the Minecraft Protocol.

Setup Requirements

  • ⚠️Requires Java Runtime Environment (JRE)
  • ⚠️May require specific Minecraft client version to connect
Review RequiredView Analysis
No source code was provided for analysis. Therefore, a comprehensive security audit is impossible. Without visibility into the codebase, potential risks such as 'eval' usage, obfuscation, network vulnerabilities, hardcoded secrets, or malicious patterns cannot be identified. Defaulting to the lowest score due to critical lack of information.
Updated: 2025-12-03GitHub
0
0
Medium Cost
pjordan icon

claude-toolkit

by pjordan

Sec6

Enables AI agents to interact with and query various databases by exposing database operations as tools.

Setup Requirements

  • ⚠️Requires database connection details (e.g., `DB_HOST`, `DB_PORT`, `DB_USER`, `DB_PASSWORD`, `DB_NAME`), typically provided via environment variables.
  • ⚠️A functional database server (e.g., PostgreSQL, MySQL) must be accessible from the server's environment.
  • ⚠️Requires Python 3.10+ and specific Python libraries for database connectivity (e.g., `psycopg2`, `SQLAlchemy`), which need to be installed via `pip install -r requirements.txt`.
Review RequiredView Analysis
The database-connector MCP server inherently carries significant security risks due to its direct interaction with a critical resource. Without access to the specific `list_tools` and `call_tool` implementations, a full security audit is impossible. Primary concerns include SQL injection vulnerabilities if AI-provided input is not rigorously validated and sanitized, unauthorized data access or modification if permissions are not strictly enforced, and potential for data exfiltration. While the project's validation scripts check for dangerous patterns like `eval` and hardcoded secrets, the robustness of runtime input validation and least-privilege enforcement in the actual tool functions is unknown. Therefore, robust implementation of database interaction logic and strong access controls are critical.
Updated: 2026-01-19GitHub
0
0
Medium Cost
mobatusi icon
Sec3

This server facilitates agentic workflows using CrewAI and GitHub tools, likely for automating tasks or interactions within a GitHub repository.

Setup Requirements

  • ⚠️Requires an LLM API Key (e.g., OPENAI_API_KEY) which may incur costs.
  • ⚠️Requires a GitHub Personal Access Token (GITHUB_TOKEN) with appropriate permissions.
  • ⚠️Python environment setup and dependency management (e.g., using pip or poetry) will be necessary.
Review RequiredView Analysis
A comprehensive security audit cannot be performed as no source code was provided. However, any server interacting with GitHub and potentially LLM APIs requires careful attention to secure API key management, input validation to prevent injection attacks (especially in agentic contexts), and robust authentication/authorization. Without source code, it's impossible to verify the absence of 'eval', hardcoded secrets, or malicious patterns. General risks for a server application include network vulnerabilities, unhandled exceptions, and dependency vulnerabilities.
Updated: 2026-01-16GitHub
0
0
Low Cost
az9713 icon

ACI

by az9713

Sec6

A headless MCP (Model Context Protocol) server that enables AI agents like Claude to read, write, and reason over a knowledge graph of scientific propositions.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires 'uv' (Python package manager).
  • ⚠️Requires an OpenAI API Key (Paid service, usage costs apply).
  • ⚠️Requires Claude Code or Claude Desktop for interaction.
Verified SafeView Analysis
The system explicitly states 'No authentication - Designed for local/personal use'. This means anyone with local access can perform all operations, including deletion. There is a potential for injection vulnerabilities in LanceDB's `where` and `delete` clauses (e.g., `table.search().where(f"id = '{unit_id}'")`) if `unit_id` can be controlled by a malicious input and is not strictly validated (e.g., as a UUID format). While `unit_id` is often internally generated, the `get_unit` and `delete_unit` tools accept arbitrary strings as `unit_id` without explicit UUID format validation before constructing the f-string query. This could be exploited by a sophisticated or compromised agent. The `delete_unit` tool has a `confirm` flag, but a malicious agent could bypass this by providing `confirm=True`.
Updated: 2026-01-17GitHub
0
0
Medium Cost
nohuiam icon

tenets-server

by nohuiam

Sec8

Ethical decision evaluation and remediation guidance against 25 Gospel tenets for cognitive systems.

Setup Requirements

  • ⚠️The `TENETS_API_KEY` environment variable MUST be set in production to enable HTTP API authentication, otherwise, it is disabled.
  • ⚠️For persistent storage, the `TENETS_DB_PATH` environment variable needs to be set to a file path, as it defaults to an in-memory SQLite database.
  • ⚠️`better-sqlite3` is a native Node.js module that might require system-level build tools (e.g., node-gyp, C++ compiler, Python) to compile if prebuilt binaries are unavailable or incompatible with the deployment environment.
Verified SafeView Analysis
HTTP API (Port 8027) uses `Access-Control-Allow-Origin: '*'`, which is a security risk in production; it should be restricted. HTTP API authentication is optional by default if `TENETS_API_KEY` is not set, creating a vulnerability if deployed without configuration. However, `zod` schemas are used for robust input validation, and `better-sqlite3` uses prepared statements to prevent SQL injection. Sensitive information like file paths and stack traces are redacted from error messages before network transmission. The UDP InterLock mesh includes a robust `Tumbler` with a whitelist and circuit breaker features (hop count, TTL, deduplication) for enhanced network security and stability.
Updated: 2026-01-17GitHub
PreviousPage 316 of 713Next