Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Winds-AI icon
Sec3

Enables Large Language Models (LLMs) to interact with and query an MSSQL database using natural language.

Setup Requirements

  • ⚠️Requires an Azure Subscription/Account for MSSQL database access and Azure Active Directory authentication setup.
  • ⚠️Authentication requires either interactive browser login or pre-configured Azure CLI credentials.
  • ⚠️Requires Node.js 14 or higher.
Review RequiredView Analysis
The `ReadDataTool` implements strong SQL injection prevention for SELECT queries, including keyword blocking, pattern matching, and disallowing multiple statements. However, `CreateTableTool`, `CreateIndexTool`, `InsertDataTool`, and `UpdateDataTool` are highly vulnerable to SQL injection. These tools directly interpolate critical user-provided inputs (such as table names, column names, column types, and especially the WHERE clause) into SQL queries without proper validation or parameterization. This allows an attacker to execute arbitrary SQL commands if `READONLY` is set to `false`.
Updated: 2026-01-16GitHub
0
0
Medium Cost
NaetheraS icon

claude-skills-pack

by NaetheraS

Sec4

This pack provides a comprehensive set of AI skills and plugins for Claude Code, enabling developers to enhance productivity, automate tasks, and apply best practices across various software development domains.

Setup Requirements

  • ⚠️Requires downloading and running a binary installer (.exe, .dmg, .deb/.rpm) from a GitHub release, necessitating trust in the provided executable.
  • ⚠️The primary installation script (`install.sh`, summarized) is not fully visible, obscuring potential complexities or risks during the actual installation process.
  • ⚠️Heavy reliance on Python 3.x and Node.js ecosystems for many skills, implying these are prerequisites or are installed by the pack.
  • ⚠️The `webapp-testing/scripts/with_server.py` helper script uses `shell=True` in `subprocess.Popen`, which is dangerous if untrusted commands are fed to it by an AI skill or direct user input.
Review RequiredView Analysis
The `webapp-testing/scripts/with_server.py` script uses `subprocess.Popen(server['cmd'], shell=True)` with commands provided as user input. This `shell=True` argument introduces a significant security vulnerability, as it allows arbitrary shell command execution if a malicious command is provided by a 'skill' or directly by the user of the script. While the developer is responsible for the commands they input, the `shell=True` by default creates an elevated risk for the overall ecosystem. Other Python scripts primarily use safe file system and parsing operations. Hardcoded secrets were not found, with environment variables being the intended method for sensitive data. The primary installation involves downloading and running an untrusted binary, which is a critical trust consideration for the user.
Updated: 2026-01-19GitHub
0
0
High Cost
Lee-SiHyeon icon

mcp-server-3gpp

by Lee-SiHyeon

Sec8

Provides an MCP server for AI assistants to search and retrieve information from 3GPP specification documents.

Setup Requirements

  • ⚠️Requires Git LFS for downloading the pre-built 'chunks.json' data file, though a direct download fallback is attempted.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Python scripts for data regeneration (`scripts/download_pct_specs.py`, `scripts/create_chunks_simple.py`) contain hardcoded Windows file paths, which will cause issues on non-Windows systems or different directory structures if 'npm run setup' is used.
Verified SafeView Analysis
The core server logic in `src/index.js` does not use `eval` or execute arbitrary external commands. `eval` is present in `test_speckit_userstories.js` for dynamically loading constants from `index.js` for testing purposes, which is isolated from the server's runtime. Setup scripts (`scripts/postinstall.js`, `scripts/prepare-data.js`, and associated Python scripts) utilize `child_process.exec`/`spawn` and `urllib.request` to install Git LFS, download PDFs from trusted 3GPP/ETSI sources, and run local data processing, which is standard for setup automation. No hardcoded secrets or apparent malicious patterns are observed.
Updated: 2025-11-30GitHub
0
0
Medium Cost
dotsetlabs icon

bellwether

by dotsetlabs

Sec8

Interviews MCP servers using LLMs to generate behavioral documentation, test suites, and detect API drift.

Setup Requirements

  • ⚠️Requires an LLM service (e.g., OpenAI, Anthropic, or a local Ollama server) configured with appropriate API keys or local endpoints.
  • ⚠️Requires an MCP-compliant server (Micro-Context Protocol) to be running and accessible for testing.
Verified SafeView Analysis
The application uses `child_process` to execute external MCP servers and user-defined scripts (e.g., `--on-change` hook); users are responsible for ensuring these commands are safe. JSON and YAML parsing includes security limits to prevent parsing vulnerabilities. API keys are handled via environment variables or a secure keychain service. No direct `eval` of untrusted input is observed. The dynamic generation of test cases for tool inputs is confined to schema-compatible values, not arbitrary code execution.
Updated: 2026-01-19GitHub
0
0
Low Cost
gautamdikshit icon
Sec9

This server provides an API for tracking and summarizing personal or small-scale expenses.

Setup Requirements

  • ⚠️Python 3.12+ required
  • ⚠️Requires 'fastmcp' Python package
Verified SafeView Analysis
The code uses parameterized SQL queries, effectively preventing SQL injection vulnerabilities. No 'eval' or direct shell command executions were found. File paths are handled using os.path.join. No hardcoded credentials or obvious malicious patterns are present. The FastMCP framework is used for exposing the API securely.
Updated: 2025-11-26GitHub
0
0
Low Cost
bioanywhere icon
Sec9

Provides Docker deployment configuration for a gitlab-mcp-server instance.

Setup Requirements

  • ⚠️Requires Docker installed and running.
  • ⚠️Potential need for specific environment variables depending on the MCP server's requirements (none explicitly defined as required in the provided snippets).
Verified SafeView Analysis
The source code primarily consists of Docker configuration (Dockerfile, docker-compose.yml) and a simple shell script for deployment. No 'eval' or malicious patterns were found. Hardcoded secrets are not present in the provided snippets. The server exposes port 3000, which is standard for web services. Health checks are also configured.
Updated: 2025-12-01GitHub
0
0
Medium Cost
mooreal3 icon

win-mcp-server

by mooreal3

Sec9

Provides secure, validated tools for Windows automation and system queries, enabling AI assistants like Claude to manage applications, windows, and system information locally.

Setup Requirements

  • ⚠️Requires Node.js 20+ and pnpm 9+
  • ⚠️Designed for Windows 10/11 operating systems, as it relies heavily on PowerShell for automation.
  • ⚠️Default CORS origin '*' for SSE/HTTP transports should be restricted in remote/production deployments.
Verified SafeView Analysis
The server demonstrates a strong 'security-first design' with multiple layers of protection: path validation, drive restrictions (C: and E: by default), argument sanitization for PowerShell commands, and detection of sensitive file extensions. It explicitly avoids remote execution of arbitrary code, focusing on local PowerShell commands. While PowerShell execution policy is set to 'Bypass', the extensive input validation mitigates the risk for its intended use case. CORS origin defaults to '*' for HTTP/SSE, which should be restricted in production environments for remote access.
Updated: 2025-12-02GitHub
0
0
Low Cost
win10ogod icon

ScreenMonitorMCP

by win10ogod

Sec9

Provides real-time screen vision capabilities to AI assistants for tasks such as gaming, UI analysis, monitoring, and automation, focusing on high performance and low latency.

Setup Requirements

  • ⚠️Requires Python 3.10+ for execution.
  • ⚠️The provided `claude_desktop_config.json` example still includes `OPENAI_API_KEY` despite the recommended client-side analysis mode not requiring it, which can cause confusion regarding AI service setup.
  • ⚠️Achieving optimal (3-5ms) screen capture performance on Windows requires installing optional packages like `dxcam` or `winsdk` (e.g., `pip install screenmonitormcp-v2[windows-all]`); without them, it defaults to a slower (20-50ms) cross-platform method.
Verified SafeView Analysis
The recommended MCP-only mode (v2.2+) delegates AI analysis to the client, eliminating the need for server-side AI API keys and preventing image data from being sent to external AI services by default. This significantly enhances privacy and reduces the server's attack surface. HTTP mode supports authentication via an optional API key. Database queries (SQLite) are parameterized, guarding against SQL injection. No obvious RCE or XSS vulnerabilities were found.
Updated: 2025-11-20GitHub
0
0
Low Cost
dwpdkp icon

MCP-Servers

by dwpdkp

Sec3

Provides AI assistants with tools to download YouTube videos and audio using the yt-dlp utility.

Setup Requirements

  • ⚠️Requires Python 3.13 or higher.
  • ⚠️Requires yt-dlp to be installed on the system.
  • ⚠️Installation instructions use `uv` package manager.
Review RequiredView Analysis
CRITICAL: The tools 'download_youtube_video' and 'download_youtube_audio' accept a 'url' parameter which is likely passed directly to a `subprocess.run` command that executes `yt-dlp`. Without explicit sanitization of the 'url' and if `shell=True` is used (a common but dangerous pattern), this creates a severe command injection vulnerability. An attacker could craft a malicious URL to execute arbitrary commands on the host system. Additionally, there is no mention of authentication or authorization, implying unauthenticated access to system resources for executing downloads. This lack of access control combined with potential command injection poses a high risk.
Updated: 2025-11-22GitHub
0
0
Medium Cost
karolkaczmarek1 icon

openscad-mcp-server

by karolkaczmarek1

Sec9

An OpenSCAD agent allowing LLMs to design, render, and inspect 3D models and libraries.

Setup Requirements

  • ⚠️OpenSCAD must be installed locally on the system.
  • ⚠️Linux users need `xvfb` installed for headless rendering (`apt install xvfb`).
  • ⚠️Requires Python 3.10+.
Verified SafeView Analysis
Robust path traversal checks are implemented using `os.path.commonpath` and `os.path.abspath` for both writing (ensuring files are within CWD) and reading library files (ensuring files are within configured library paths). Subprocess calls use a list of arguments, mitigating shell injection risks. No `eval` or `exec` found. Configuration through `.env` prevents hardcoded secrets.
Updated: 2025-11-28GitHub
0
0
Low Cost
AllenOnAzure icon

MCP-Server

by AllenOnAzure

Sec9

Provides Claude AI with real-time access to Microsoft Learn documentation via the Model Context Protocol (MCP) by running a server in a Docker container.

Setup Requirements

  • ⚠️Docker required
  • ⚠️Node.js and npm required
  • ⚠️Claude Desktop required
Verified SafeView Analysis
The provided code snippets (configuration and README) do not contain any direct security vulnerabilities like 'eval', hardcoded secrets, or malicious patterns. The server itself is launched via 'npx' using a Docker container, so the security largely depends on the integrity of the '@modelcontextprotocol/server-docker' package and the Docker image it utilizes, which are external to the given code.
Updated: 2026-01-18GitHub
0
0
Low Cost
silvabyte icon

OpenCodeMCP

by silvabyte

Sec1

An MCP (Model Context Protocol) server that enables conversational coding via ChatGPT or any MCP-enabled LLM.

Setup Requirements

  • ⚠️Requires Bun runtime
  • ⚠️Requires OpenCode (`opencode-ai`) to be installed globally
  • ⚠️Requires `MCP_API_KEY` environment variable, even though authentication is currently disabled in the source code.
  • ⚠️Requires Cloudflare Tunnel (or similar) to expose the local server for use with ChatGPT.
Review RequiredView Analysis
CRITICAL: The `src/auth.ts` file explicitly disables authentication by always returning `true` in `validateAuth`, despite requiring `MCP_API_KEY` in environment variables. This means any client can interact with the server and subsequently control the OpenCode agent to read, modify, or execute code on the connected codebase without any authentication. This is a severe vulnerability. Additionally, direct path usage in tools like `list_files`, `read_file`, `find_text`, `find_files`, and `add_alias` (via `sessionManager.resolveProjectPath`) could expose the system to directory traversal or other file system manipulation if not rigorously sanitized by the underlying OpenCode SDK, especially given the lack of authentication. While the `opencode-ai/sdk` might handle some sanitization, the server's own authentication being disabled is a paramount risk.
Updated: 2025-12-11GitHub
PreviousPage 323 of 713Next