Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
sethdf icon

codebootstrap

by sethdf

Sec5

A container-first development environment providing AI coding tools (Claude, Codex, Gemini) and pre-configured Model Context Protocol (MCP) servers for AI-assisted development, ensuring a consistent environment across local machines and cloud services like GitHub Codespaces.

Setup Requirements

  • ⚠️Docker (or Docker Desktop for macOS/Windows/WSL) is a mandatory prerequisite on the host machine.
  • ⚠️Requires separate API accounts/authentication for Claude (Anthropic), Codex (OpenAI), and Gemini (Google) for AI tool functionality.
  • ⚠️AI tools are explicitly configured to bypass permissions/sandbox prompts ('YOLO' mode), meaning they can execute potentially destructive commands without user confirmation.
  • ⚠️Initial setup via `curl -fsSL ... | bash` executes remote code directly, presenting a supply chain security risk.
Review RequiredView Analysis
AI tools (`claude`, `codex`, `gemini`) are configured to run in 'YOLO mode' (`--dangerously-skip-permissions`, `--dangerously-bypass-approvals-and-sandbox`, `--yolo`) by default. This grants them significant autonomy without explicit user approval for actions such as file system modifications, Git operations, and API calls. While guidelines are provided to the AI within project context files (`context-append.md`) to prevent destructive operations, the bypass of explicit human confirmation poses a significant risk for unintended or malicious actions if the AI hallucinates or is prompted incorrectly. The `host-setup.sh` script is designed for `curl | bash` execution, which introduces a supply chain security risk by running unreviewed remote code. The `filesystem`, `git`, and `github` MCP servers grant broad access to the workspace filesystem and GitHub API. `GITHUB_TOKEN` is exposed to the `github` MCP server for API access.
Updated: 2025-12-02GitHub
0
0
Medium Cost
VideoAmp icon

cli

by VideoAmp

Sec8

Enable AI assistants, agents, and chatbots to interact with VideoAmp's public API functionalities through the Model Context Protocol (MCP) or a command-line interface.

Setup Requirements

  • ⚠️Requires a paid Claude license (Pro, Max, Team, or Enterprise) for remote server usage with Claude products.
  • ⚠️Admin privileges may be needed to add the VideoAmp MCP server as a Custom Connector in Claude.
  • ⚠️Local CLI installation involves downloading and manually moving a binary to a system path (potentially requiring 'sudo').
Verified SafeView Analysis
The provided source code consists only of documentation (README.md, AGENTS.md), so direct analysis of executable code for malicious patterns like 'eval' or hardcoded secrets is not possible. The documentation itself appears benign. Local CLI installation involves downloading pre-compiled binaries from releases and moving them to a system path, often requiring 'sudo' on Linux/macOS. This is a common practice but introduces a supply chain risk if the binaries are compromised. Connectivity to the remote MCP server at `https://api.videoamp.dev/v1/mcp` relies on the security of that external endpoint.
Updated: 2026-01-16GitHub
0
0
Low Cost
derricksiawor icon
Sec9

Provides a Model Context Protocol (MCP) interface for programmatic access and management of PostgreSQL databases, including schema querying, data manipulation (optional), and database-specific features like JSONB and extensions.

Setup Requirements

  • ⚠️Requires a running PostgreSQL database instance to connect to.
  • ⚠️The `PG_DATABASE` environment variable is strictly required for connection.
  • ⚠️Write operations are disabled by default (`ALLOW_WRITE_OPERATIONS=false`) and must be explicitly enabled if CRUD tools are desired.
  • ⚠️For production use, setting up a dedicated read-only PostgreSQL user with minimal privileges (as described in the README) is highly recommended.
Verified SafeView Analysis
The server demonstrates strong security practices: - Comprehensive `validateQuery` function blocks dangerous SQL patterns (file system ops, permission changes, admin commands, external network ops, extension ops). - Crucially, all read-only queries are wrapped in `BEGIN TRANSACTION READ ONLY` to enforce read-only access at the database level, preventing accidental or malicious writes. - Identifiers (table, column, schema names) are validated and escaped using `safeIdentifier` to prevent SQL injection for these elements. - Sensitive system tables (e.g., `pg_authid`) are explicitly blocked. - Configurable rate limiting, query timeouts, and max results prevent resource exhaustion and data exfiltration. - Credentials are loaded from environment variables, avoiding hardcoded secrets. - Full SSL/TLS support with configurable modes and certificate paths is available. - Audit logging tracks all database operations, especially writes. The only minor point of improvement could be stronger blocking for 'sensitive patterns' rather than just warnings, depending on the operational context, but the overall approach is excellent.
Updated: 2025-12-13GitHub
0
0
Medium Cost
Fahim-Azwad icon

simple-obspy

by Fahim-Azwad

Sec9

An MCP server for Claude Desktop to query, download, and analyze seismic and earthquake data using ObsPy, interacting with FDSN data centers.

Setup Requirements

  • ⚠️Requires Python 3.9+
  • ⚠️Requires manual installation of `obspy` and `fastmcp` Python libraries via `pip install -r requirements.txt`
  • ⚠️Requires manual configuration in Claude Desktop settings, including replacing `/FULL/PATH/TO/simple-obspy` with the absolute path to the project directory for the `command` and `args`.
Verified SafeView Analysis
The server utilizes standard and well-regarded libraries (ObsPy, FastMCP). File I/O operations are confined to a user-specified or default local directory ('obspy_downloads/'), with checks for writability and sanitized folder names. There are no 'eval' calls, hardcoded secrets, or malicious patterns observed. Network interactions are for legitimate data retrieval from public FDSN services.
Updated: 2026-01-16GitHub
0
0
Medium Cost
huegli icon

win-ctrl-mcp

by huegli

Sec8

Provides an MCP server to enable LLMs to control the AeroSpace window manager on macOS for window organization, smart focus, and GUI debugging.

Setup Requirements

  • ⚠️Requires macOS with AeroSpace window manager installed and running.
  • ⚠️Requires screen recording permission to be granted in macOS System Settings > Privacy & Security for capture tools.
  • ⚠️Requires Python >= 3.10 and the `uv` package manager.
Verified SafeView Analysis
The server executes external macOS commands (`aerospace`, `screencapture`) via subprocesses. While arguments passed to these commands are mostly controlled (e.g., numerical IDs are cast to strings), string arguments like `output_path` for capture tools could potentially allow an instructed LLM to specify malicious file paths for overwriting. However, `subprocess.run` and `asyncio.create_subprocess_exec` are used without `shell=True`, mitigating shell injection for direct arguments. It is primarily designed for a local, single-user desktop environment, reducing external attack vectors. No `eval` or obvious hardcoded secrets were found.
Updated: 2025-11-29GitHub
0
0
Medium Cost
Nabeelshar icon

fastapi-mcp-server

by Nabeelshar

Sec8

Enables AI assistants to introspect and analyze FastAPI applications for API discovery, documentation, and debugging.

Setup Requirements

  • ⚠️Python 3.10+ required
  • ⚠️FastAPI 0.100.0+ and Pydantic 2.0.0+ required
  • ⚠️The `cwd` for the MCP server must be the root of the FastAPI project being analyzed to correctly load the application module.
Verified SafeView Analysis
The server's `load_app` function dynamically imports Python modules using `__import__` based on a provided `app_path`. While this is fundamental to its introspection purpose, it means the server's execution environment (`cwd` and `app_path`) must be trusted. If an attacker could control these inputs or the current working directory contains malicious code, arbitrary code execution could occur. However, given its intended use as a local developer tool, run by the user within their own project, this is an acceptable risk for its functionality. No hardcoded secrets, `eval`, `exec`, or direct network listener vulnerabilities were found in the provided code.
Updated: 2025-12-13GitHub
0
0
Medium Cost
lukaszraczylo icon

filepuff-mcp

by lukaszraczylo

Sec8

A Go-based MCP server enhancing Claude Code's file operations with fast, AST-aware search, LSP integration, and safe editing.

Setup Requirements

  • ⚠️Requires 'ripgrep' (rg) to be installed and in your system PATH.
  • ⚠️LSP features (go-to-definition, find-references, symbol-at) require specific language servers (e.g., gopls, typescript-language-server, pylsp, clangd) to be installed and in PATH.
  • ⚠️Building from source requires a Go development environment.
Verified SafeView Analysis
The server rigorously validates file paths via `IsPathAllowed` to prevent path traversal and symlink attacks, a critical control. It delegates execution to external `ripgrep` and LSP server binaries, whose security is assumed; `exec.LookPath` is used to find them. No obvious hardcoded secrets or direct network exposure beyond its intended functionality as an intermediary tool are present in the provided source.
Updated: 2026-01-18GitHub
0
0
Low Cost
sun-bo-1 icon

wms-mcp-server

by sun-bo-1

Sec3

Acts as a Master Control Program (MCP) server, likely managing or orchestrating components within a Warehouse Management System (WMS) context.

Review RequiredView Analysis
Insufficient source code was provided to perform a thorough security audit. Cannot verify the absence of 'eval', hardcoded secrets, network vulnerabilities, or malicious patterns. Due to the lack of visibility into the code, its safety cannot be confirmed.
Updated: 2025-11-26GitHub
0
0
High Cost
rayss868 icon
Sec7

Automating interaction with and manipulation of common office documents (Excel, PDF, DOCX) through an MCP server for AI agents.

Setup Requirements

  • ⚠️Requires Node.js (v16.x or higher) and npm to install and run.
  • ⚠️Requires manual configuration in `mcp_settings.json` with the correct absolute path to the compiled server binary, followed by an AI environment restart.
  • ⚠️PDF text extraction/metadata retrieval tools (`pdf-parse`) are incompatible with PDFs previously created or modified by ODE's own modification tools (`pdf-lib`), potentially leading to unexpected errors or incomplete results when chaining operations.
Verified SafeView Analysis
The server performs file system operations (read, write, delete, create) based on `fileAbsolutePath` arguments. While input validation with Zod helps ensure argument structure, it does not inherently prevent an untrusted or compromised AI agent from specifying malicious file paths (e.g., using '..' for directory traversal) leading to arbitrary file system access. This risk is inherent to tools designed for file manipulation and is typically managed by the AI agent's sandbox or trust model. No 'eval' or direct RCE vectors were found in the provided code, and communication is restricted to stdio, limiting network attack surface.
Updated: 2025-11-26GitHub
0
0
Medium Cost
gilbitron icon

lunch-money-mcp

by gilbitron

Sec9

Provides a Micro-Context Protocol (MCP) server for AI assistants to interact with Lunch Money financial data through a standardized HTTP interface, enabling full CRUD operations on financial entities.

Setup Requirements

  • ⚠️Requires Node.js 18+ for native fetch support.
  • ⚠️A Lunch Money API access token is mandatory and must be obtained from their developer portal (`my.lunchmoney.app/developers`).
  • ⚠️An optional `SERVER_API_KEY` should be set for server authentication to secure HTTP requests to the MCP endpoint.
Verified SafeView Analysis
Handles API tokens and server authentication using environment variables (`LUNCH_MONEY_API_TOKEN`, `SERVER_API_KEY`), which is a good practice. Input validation for tool parameters is robustly implemented via Zod schemas. The Lunch Money API base URL is hardcoded to `https://dev.lunchmoney.app/v1`; users should ensure their `LUNCH_MONEY_API_TOKEN` is compatible with this specific development endpoint. No 'eval' or obvious malicious patterns are present in the provided source code.
Updated: 2025-12-01GitHub
0
0
Medium Cost
jpdutoit icon

mcp-gen

by jpdutoit

Sec8

Generates Model Context Protocol (MCP) servers from TypeScript functions annotated with JSDoc comments.

Setup Requirements

  • ⚠️Requires Node.js and pnpm for installation and development of the generator.
  • ⚠️Input TypeScript functions must be exported and include specific JSDoc tags (@tool, @prompt, @resource) for mcp-gen to recognize them.
  • ⚠️The generated MCP server in the output directory will have its own dependencies (@modelcontextprotocol/sdk, zod) that need to be installed before running the server.
Verified SafeView Analysis
The mcp-gen tool itself appears reasonably secure for its intended purpose. It uses `child_process.spawn` to run the generated server, inheriting `stdio` and `process.env`, which could potentially expose sensitive environment variables if the generated server or its dependencies were compromised. It also uses `execSync` for running `npx tsc` during type declaration generation; while `tsc` is a trusted tool, synchronous external command execution generally carries inherent risks. The primary security risk lies with the user-provided TypeScript code that the tool processes, as this code will be executed as part of the generated MCP server. The tool does not appear to contain malicious patterns, obfuscation, or hardcoded secrets.
Updated: 2026-01-18GitHub
0
0
Low Cost
080bct12alex icon

remote-mcp-server

by 080bct12alex

Sec9

A server for tracking and managing personal or business expenses, allowing users to add, list, and summarize financial transactions.

Setup Requirements

  • ⚠️Expense data is stored in a temporary directory and will be lost on system restarts or temporary file cleanup.
  • ⚠️Requires Python 3.11 or newer.
Verified SafeView Analysis
The code uses parameterized SQL queries to prevent SQL injection. No hardcoded secrets or 'eval' statements were found. The server binds to '0.0.0.0', making it accessible externally, which requires appropriate network security measures if deployed publicly. The database is stored in a temporary directory, which is safe from hardcoded paths but means data is ephemeral and will be lost on system restarts or cleanup.
Updated: 2025-11-28GitHub
PreviousPage 319 of 713Next