Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
No-Smoke icon
Sec8

Provides a Model Context Protocol (MCP) server for semantic search, leveraging Qdrant and various embedding providers to index and search codebases and documents. It enables AI-assisted development, knowledge base creation, and general semantic information retrieval.

Setup Requirements

  • ⚠️Requires Node.js 20+ to be installed.
  • ⚠️Requires Docker and Docker Compose for easy setup of Qdrant and Ollama services.
  • ⚠️Requires Qdrant vector database to be running (e.g., via Docker Compose).
  • ⚠️Requires Ollama to be running and the specific embedding model (e.g., 'nomic-embed-text') pulled, if Ollama is chosen as the embedding provider. If not running, the server will exit with an error.
  • ⚠️Requires a valid API key (OPENAI_API_KEY, COHERE_API_KEY, or VOYAGE_API_KEY) if using a cloud embedding provider instead of Ollama.
Verified SafeView Analysis
The server implements good security practices like using environment variables for API keys (e.g., OPENAI_API_KEY), validating input schemas for tool calls and prompts with Zod, and preventing path traversal for codebase indexing via `fs.realpath`. However, when deployed in 'http' transport mode, the README explicitly warns that it must be run behind a reverse proxy with HTTPS, authentication/authorization, and firewalls. Without these external protections, the HTTP endpoint is inherently vulnerable, shifting significant security responsibility to the user's deployment strategy. The server does include per-IP rate limiting as a basic defense mechanism.
Updated: 2026-01-16GitHub
0
0
High Cost
raghujayan icon

openvds-mcp-server

by raghujayan

Sec6

AI-powered natural language interaction and exploration of seismic data, including visualization, advanced analytics, and data validation.

Setup Requirements

  • ⚠️Requires ANTHROPIC_API_KEY for Claude AI (paid service).
  • ⚠️Requires VDS_DATA_PATH environment variable to be configured and accessible to locate seismic data files.
  • ⚠️Docker and Docker Compose are highly recommended for environment setup and running the full stack, including Elasticsearch.
  • ⚠️Elasticsearch (optional but recommended for performance with large numbers of surveys).
Verified SafeView Analysis
The server's core functionality involves dynamically launching subprocesses (MCP servers for different VDS profiles) based on a `vds-profiles.json` configuration file. While this design enables profile switching, it introduces a critical dependency on the integrity of this configuration file. If a local attacker can modify `vds-profiles.json` to specify arbitrary commands or arguments, they could achieve code execution. For remote attackers, the risk is mitigated as the API endpoint for profile switching only allows selecting from pre-defined profiles, not creating new ones with arbitrary commands. No direct `eval` or `os.system` calls with unsanitized user input were observed. Sensitive credentials like `ANTHROPIC_API_KEY` are managed via environment variables, which is a good practice. Network communication with Elasticsearch and Anthropic API uses standard libraries.
Updated: 2026-01-16GitHub
0
0
Low Cost
sundar-nallalagappan icon

Weather_MCP_Server

by sundar-nallalagappan

Sec5

The project appears to be a server designed to handle or provide weather-related information, indicated by its name.

Review RequiredView Analysis
No source code beyond the README title was provided for security analysis. Therefore, no specific security risks, vulnerabilities, or patterns (e.g., eval, hardcoded secrets, network risks) could be identified. A comprehensive security audit would require access to the full codebase.
Updated: 2026-01-19GitHub
0
0
High Cost
credentum icon
Sec9

This server exposes Veris Memory's context storage and retrieval capabilities to Claude CLI and other Model Context Protocol-compatible hosts, acting as a bridge to manage and provide contextual data to AI agents.

Setup Requirements

  • ⚠️Requires `VERIS_MEMORY_API_KEY` environment variable (for backend authentication)
  • ⚠️Requires `VERIS_MEMORY_USER_ID` environment variable (for scoped operations)
  • ⚠️Requires Python 3.10+ and specific setup for Claude CLI integration
Verified SafeView Analysis
The server demonstrates strong security practices including retrieving API keys and user IDs from environment variables, truncating API keys in logs, and performing input validation for tool arguments (e.g., content size, empty queries). The `query_graph` tool includes default `read_only=True` mode with checks against dangerous Cypher keywords, mitigating a significant risk. The reliance on an external `VERIS_MEMORY_API_KEY` makes the overall security dependent on the management of this key and the backend Veris Memory API's security, but the server handles its part responsibly.
Updated: 2025-11-26GitHub
0
0
Medium Cost
Priyanka32-gif icon

MCP_Server_Implementation

by Priyanka32-gif

Sec9

An AI agent interacts with a weather information service to fetch active weather alerts for US states and can echo messages as a resource.

Setup Requirements

  • ⚠️Requires Python 3.12+.
  • ⚠️Requires 'GROQ_API_KEY' environment variable for the client to function.
  • ⚠️The server's configured launch command in 'server/weather.json' uses a Windows-specific absolute path ('D:\VS code project\MCP_Implementation\fastmcp\mcp_project\server\weather.py') which must be adjusted for other operating systems or different project clone locations.
  • ⚠️The 'uv' tool must be installed for the MCP client to launch the server as configured in 'server/weather.json'.
Verified SafeView Analysis
The project uses httpx for network requests to a known API (weather.gov) and handles exceptions. API keys (GROQ_API_KEY) are loaded from environment variables using dotenv, which is a good security practice. No 'eval' or other directly dangerous functions are used. The server launch command in server/weather.json points to a local Python script, reducing the risk of executing arbitrary external code. User agent is hardcoded but not a secret.
Updated: 2025-11-20GitHub
0
0
Low Cost
ronzimer icon

mcp-proxy

by ronzimer

Sec3

Acts as a smart proxy for Model Context Protocol (MCP) servers, offering caching, latency measurement, and request auditing for LLM clients.

Setup Requirements

  • ⚠️Requires Node.js and npx to run example upstream servers (e.g., wikipedia-mcp-server).
  • ⚠️Requires SQLite (typically built-in with Python) for data storage.
  • ⚠️Upstream MCP servers must be available and compatible with the Model Context Protocol.
Review RequiredView Analysis
The `cmd` arguments for upstream servers in `proxy_core_config.json` are directly executed via `subprocess.Popen` without input sanitization. If an attacker can modify the configuration file, they can achieve arbitrary code execution on the server hosting `proxy_core.py`. Additionally, `proxy_core.py` listens on `0.0.0.0` by default, which may expose it to external networks if not properly firewalled.
Updated: 2026-01-04GitHub
0
0
Low Cost
arani87 icon
Sec9

A Spring Boot server exposing a calculator tool via the Message Communication Protocol (MCP) for AI agent integration.

Setup Requirements

  • ⚠️Requires Java 21 or higher
  • ⚠️Requires Gradle 8.x or higher
  • ⚠️Requires manual configuration within Claude desktop application to connect
Verified SafeView Analysis
The provided code implements a simple calculator service with basic input validation (division by zero, invalid operation). No malicious patterns, 'eval' equivalents, or hardcoded secrets are present. Security relies on standard Spring Boot practices and secure deployment if exposed beyond localhost.
Updated: 2026-01-10GitHub
0
0
Low Cost
alk231 icon
Sec7

Automates Gmail interactions for AI assistants, allowing them to fetch, summarize, classify, and reply to emails using the Model Context Protocol.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with the Gmail API enabled.
  • ⚠️Requires OAuth 2.0 Desktop App credentials setup; the JSON content must be provided via the `GMAIL_CREDENTIALS` environment variable (not a file path).
  • ⚠️Requires the OAuth token (generated on first run) to be saved as a JSON string in the `GMAIL_TOKEN` environment variable.
  • ⚠️Requires a Groq API Key for the `ChatGroq` LLM (`GROQ_API_KEY` environment variable).
  • ⚠️The hardcoded Python executable path and `server.py` path within `main.py`'s MCP client configuration (`servers` dictionary) will need to be updated to match the user's local environment.
Verified SafeView Analysis
The system uses standard OAuth 2.0 for Gmail authentication. Sensitive credentials and tokens are loaded from environment variables (`GMAIL_CREDENTIALS`, `GMAIL_TOKEN`), which is better than hardcoding but requires the user to securely store these full JSON strings in their environment. The `gmail.modify` OAuth scope requested in `gmail_auth.py` grants extensive control over the user's Gmail account (read, send, modify messages, and manage labels), which is a powerful permission. No 'eval' or obvious malicious patterns were found in the provided code. The hardcoded local paths for the Python executable and `server.py` within `main.py`'s MCP client configuration would need user modification, which is a minor usability concern but not a direct security flaw.
Updated: 2025-12-17GitHub
0
0
Medium Cost
mayronjr icon
Sec9

Manages Kanban tasks using local Excel or CSV files as a backend, allowing integration with MCP (Model Context Protocol) clients for task creation, reading, updating, filtering, and sprint analytics.

Setup Requirements

  • ⚠️Requires Python 3.13.5 or higher.
  • ⚠️Relies on 'uv' for dependency management and execution, or 'pip'.
  • ⚠️The `KANBAN_FILE_PATH` environment variable must point to an accessible directory; the file itself will be created if it doesn't exist.
  • ⚠️The Kanban file (Excel or CSV) must strictly adhere to an 11-column structure (e.g., 'Projeto', 'Task ID', 'Status', etc.).
Verified SafeView Analysis
The server communicates via STDIO, minimizing external network attack surfaces. It processes local Excel/CSV files, and the file path is configurable via an environment variable (`KANBAN_FILE_PATH`). Proper securing of the specified file path and its directory is important. No 'eval' or obvious malicious patterns found. There is a discrepancy between some documentation (README, docs) mentioning Google Sheets integration (`KANBAN_SHEET_ID`, `credentials.json`) and the actual provided source code (`main.py`, `utils/local_file_connector.py`, `pyproject.toml`) which implements a local Excel/CSV file backend without Google API client dependencies. Based on the provided code, it does not connect to Google Sheets, thus avoiding associated network/credential risks.
Updated: 2025-11-29GitHub
0
0
Low Cost
chestnutforty icon

mcp-todo

by chestnutforty

Sec9

Manages a stateful todo list throughout an agent session, allowing atomic replacement of the entire list.

Setup Requirements

  • ⚠️Requires Python 3.12.x
Verified SafeView Analysis
The server maintains an in-memory, per-session todo list. Input validation is present for todo item content and status, mitigating basic injection risks. No external dependencies beyond the FastMCP framework are directly used in the tool logic that would introduce new attack surfaces. No hardcoded credentials or 'eval' usage are present in the provided source code. The 'cutoff_date' parameter is excluded from the tool's public schema, meaning agents cannot influence it directly.
Updated: 2025-12-14GitHub
0
0
Medium Cost
AuraFriday icon

user_mcp

by AuraFriday

Sec9

Enables AI agents to create and manage dynamic, cross-platform HTML/CSS/JavaScript interfaces for rich user interaction, including data collection, notifications, and multi-step workflows.

Setup Requirements

  • ⚠️Requires the MCP-Link server (specifically 'friday.py') to be running as this tool cannot run stand-alone.
  • ⚠️The MCP-Link server environment must have Qt WebEngine support installed/enabled for UI rendering functionality.
Verified SafeView Analysis
The tool exhibits a strong focus on security for its intended use case. It employs an HMAC token system to validate AI calls, ensuring proper usage and understanding of parameters. Communication between the tool's worker thread and the Qt main thread is queue-based, preventing race conditions. The 'collect_api_key' feature, while handling sensitive information, uses secure internal API calls to the local server (via an ephemeral API key) for persistence, rather than sending data externally. There are no 'eval' or other directly dangerous dynamic code execution patterns. Input validation is performed before processing requests. Network risks are minimal as external API calls are not initiated by the tool itself; it leverages the underlying MCP-Link server for communication.
Updated: 2025-12-02GitHub
0
0
Medium Cost
sidlihe icon

Hotel_AI_Agent

by sidlihe

Sec9

An interactive AI-powered assistant for hotel room service, managing menu inquiries and order creation with dialogue context.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid service)
  • ⚠️Requires MongoDB instance running locally (defaults to localhost:27017)
  • ⚠️Requires Python 3.11+
Verified SafeView Analysis
The server uses environment variables for sensitive API keys and database connection strings, which is good practice. Pydantic models and explicit validation are used for data structures and order items, reducing common injection risks. MongoDB queries use specific methods rather than raw string concatenation. OpenAI tool arguments are JSON parsed, which is generally safe when coming from a trusted model that adheres to its defined schema. No 'eval' or obvious malicious patterns were found. The primary attack surface would likely be the OpenAI API key if compromised, or insecure MongoDB deployment.
Updated: 2025-11-19GitHub
PreviousPage 320 of 713Next