Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
yash-marathe icon

google-mcp-server

by yash-marathe

Sec8

Facilitates AI model interaction with Google Docs, Sheets, and Drive via the Model Context Protocol for automated content creation, data management, and file operations.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with enabled Google Docs, Google Sheets, and Google Drive APIs.
  • ⚠️Requires an OAuth2 Desktop App client ID and `credentials.json` file downloaded from Google Cloud Console.
  • ⚠️Needs initial local browser interaction for OAuth2 authentication to generate `token.json`.
  • ⚠️Requires Python 3.8+ and specific Python packages (mcp, google-auth, google-api-python-client, etc.).
Verified SafeView Analysis
The server manages sensitive OAuth2 credentials (credentials.json, token.json) which are critical for Google API access. While the code itself avoids hardcoded secrets and uses standard secure practices for OAuth, the security score assumes the user follows documented best practices for securing these files (e.g., .gitignore, environment variables/secrets for deployment). The server requires filesystem access to these credential files and for file uploads/downloads, which is inherent to its functionality. No 'eval' or other dynamic code execution is present, and all network communication relies on secure HTTPS via Google APIs.
Updated: 2026-01-18GitHub
0
0
Medium Cost
dshanklin-bv icon

my-mcps

by dshanklin-bv

Sec8

Provides natural language control over Google Workspace services like Gmail, Calendar, Drive, and Docs through AI assistants.

Setup Requirements

  • ⚠️Requires manual creation of a Google Cloud Project, enabling 10 specific Google APIs, and generating OAuth 2.0 Desktop Application credentials (Client ID, Client Secret).
  • ⚠️Requires setting `OAUTHLIB_INSECURE_TRANSPORT=1` as an environment variable for local development and initial authentication.
  • ⚠️First-time use involves an interactive browser-based OAuth authorization flow where the user needs to grant permissions and potentially paste an authorization code.
Verified SafeView Analysis
Secrets (Google OAuth Client ID/Secret) are handled via environment variables and `.env` files, which are `.gitignore`d, following good security practices. The `OAUTHLIB_INSECURE_TRANSPORT=1` environment variable is explicitly mentioned for local development and marked as 'Development only,' which is a known flag for OAuth libraries to facilitate local testing but poses a risk if mistakenly used in a production environment. The system relies on secure communication with Google APIs.
Updated: 2026-01-19GitHub
0
0
Low Cost
bughide010 icon
Sec7

Provides a backend server for a real-time collaborative canvas application, likely handling synchronization and persistence of drawing data for multiple users.

Setup Requirements

  • ⚠️Requires Node.js runtime environment.
  • ⚠️May require a database (e.g., Redis, PostgreSQL) for state persistence depending on specific implementation.
Verified SafeView Analysis
Due to the absence of provided source code, a comprehensive security audit is impossible. The score reflects a neutral stance, assuming standard server practices without visible malicious patterns like 'eval' or hardcoded secrets. Actual risks would depend entirely on the implementation details, input validation, authentication mechanisms, and network exposure.
Updated: 2025-11-28GitHub
0
0
Low Cost
Jevintlie icon

rag-mcp-server

by Jevintlie

Sec9

Provides a Retrieval-Augmented Generation (RAG) backend for semantic search and retrieval of Sunway University programme information, intended to be called by a larger language model as a tool.

Setup Requirements

  • ⚠️Requires local Sentence-Transformer embedding and reranker models (all-MiniLM-L6-v2 and ms-marco-MiniLM-L6-v2) to be downloaded to the 'models' directory or a path specified by EMBED_MODEL/RERANK_MODEL environment variables, using `python models/download_models.py`.
  • ⚠️A ChromaDB vector index must be built locally and populated with Sunway University program data using `python scripts/build_index.py` before the server can perform searches.
  • ⚠️Requires Python 3.10 or newer.
Verified SafeView Analysis
The server primarily operates via standard input/output (stdio) using JSON-RPC. It explicitly parses incoming requests and calls predefined internal functions (`rag_search`, `rag_get`). User inputs for search queries and document IDs are passed to the `chromadb` client and `sentence-transformers` models. There are no direct uses of `eval()` or unvalidated shell commands with user-controlled input. All models are loaded with `local_files_only=True`, preventing unauthorized external downloads during runtime. Configuration values for paths and models are managed via environment variables or sensible defaults, avoiding hardcoded secrets within the operational code. The `eval_baseline_non_rag_20q.py` script contains external LLM configuration (API_KEY, MODEL) but this is for an independent evaluation, not the RAG server itself.
Updated: 2025-12-19GitHub
0
0
Medium Cost
DimaPhil icon

telegram-mcp-api

by DimaPhil

Sec4

Telegram integration for AI agents (Claude, Cursor) via MCP and local scripts via HTTP API for automation.

Setup Requirements

  • ⚠️Requires Telegram API credentials (API ID, API Hash) from my.telegram.org.
  • ⚠️Requires an interactive step to generate a Telegram session string (`python session_string_generator.py`).
  • ⚠️The HTTP API, by default, binds to all network interfaces (`0.0.0.0:8080`) and lacks authentication, posing a significant security risk if not properly firewalled or secured on the host machine.
Review RequiredView Analysis
The HTTP API (`api.py`) binds to `0.0.0.0:8080` by default and lacks any explicit authentication or authorization mechanisms. This means anyone on the network with access to the host machine can potentially send requests to the API and control the Telegram account (send messages, delete chats, ban users, etc.) with full permissions. While the `docker-compose.yml` configuration may imply local usage, binding to `0.0.0.0` is a significant risk if deployed without strict network isolation (e.g., firewall rules). The MCP server, operating over stdio, has less network exposure, but its capabilities are equally broad. Sensitive Telegram API credentials are correctly handled via environment variables (`.env`). Input validation for chat/user IDs is present, which mitigates some basic injection risks. However, the lack of API-level access control is a critical vulnerability for the HTTP API component.
Updated: 2026-01-18GitHub
0
0
Low Cost
jageenshukla icon
Sec9

Automated expense management agent with policy enforcement and PII redaction for Claude AI.

Setup Requirements

  • ⚠️Requires Node.js 16+
  • ⚠️Requires Python 3.8+
  • ⚠️Requires Claude Code CLI to be installed separately
  • ⚠️Requires manual copying of the skill directory (`.claude/skills/expense-policy`) to `~/.claude/skills/`
  • ⚠️MCP server configuration in `~/.claude.json` or `.claude/.mcp.json` requires an absolute path for `cwd`.
Verified SafeView Analysis
The server's design inherently enhances security by offloading PII redaction and policy validation to local scripts/skills before data reaches the MCP server, ensuring sensitive information does not hit external APIs or the LLM. No 'eval' or direct command injection vulnerabilities are apparent in the provided server code. The MCP server explicitly validates the tool name ('expense-policy_submitExpense') before execution, preventing arbitrary tool calls. The HTTP mode, designed for testing, uses a permissive CORS policy (allowing all origins), which would be a security risk if exposed publicly in a production environment, but is acceptable for its stated local testing purpose. No hardcoded secrets were found.
Updated: 2025-11-29GitHub
0
0
Medium Cost
MeeraChothe259 icon

mcp-server

by MeeraChothe259

Sec1

Acts as a backend server, potentially related to a specific protocol or application, but its exact functionality cannot be determined without source code.

Review RequiredView Analysis
Source code not provided, unable to perform any security audit. Cannot confirm safety or identify potential risks like 'eval', obfuscation, or hardcoded secrets.
Updated: 2025-11-24GitHub
0
0
Medium Cost
DerenC icon
Sec9

This server provides an AI agent with tools to fetch detailed Pokemon information and construct tournament squads by interacting with the PokeAPI.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer
Verified SafeView Analysis
The code makes external HTTP requests to pokeapi.co, a well-known public API. There are no 'eval' or other high-risk functions, hardcoded secrets, or obvious malicious patterns found. The use of 'httpx' is standard for async HTTP requests.
Updated: 2025-11-27GitHub
0
0
Low Cost
StreamlineDevelopers icon

mcp-boilerplate

by StreamlineDevelopers

Sec9

A FastMCP boilerplate server designed for building and exposing custom AI tools, exemplified by a simple greeting service.

Setup Requirements

  • ⚠️Requires Python 3.12+.
  • ⚠️Requires an external Introspection Server for authentication (INTROSPECTION_URL, MCP_SERVER_CLIENT_ID, MCP_SERVER_CLIENT_SECRET must be configured).
  • ⚠️Requires public exposure (e.g., via ngrok or port forwarding) for AI models to access the server.
Verified SafeView Analysis
The server relies on environment variables for sensitive authentication details (INTROSPECTION_URL, CLIENT_ID, CLIENT_SECRET), which is a good practice. There are no hardcoded secrets in the source code. No dangerous functions like 'eval' are used. The server binds to '0.0.0.0' by default, meaning it listens on all network interfaces; if exposed publicly (e.g., via ngrok as suggested), proper network security and firewall configuration are essential. Authentication is delegated to an external introspection server, making its security critical.
Updated: 2025-11-26GitHub
0
0
Low Cost
sonns icon
Sec8

Provides a Model Context Protocol (MCP) server template with tools for integrating National Weather Service API and Garoon groupware schedules.

Setup Requirements

  • ⚠️Requires Node.js v18.0.0 or higher.
  • ⚠️Requires pnpm v8.0.0 or higher for installation and build.
  • ⚠️Garoon API integration requires configuring `GAROON_BASE_URL`, `GAROON_USERNAME`, and `GAROON_PASSWORD` environment variables in the MCP client configuration. Default Garoon credentials (`Administrator`/`cybozu`) are hardcoded and should be overridden.
  • ⚠️The MCP client configuration requires an absolute path to the `dist/index.js` file.
Verified SafeView Analysis
The server uses `dotenv` to load environment variables for API credentials. However, `src/utils/config.ts` contains hardcoded default values for `GAROON_USERNAME` ('Administrator') and `GAROON_PASSWORD` ('cybozu'). If the environment variables are not explicitly overridden, the server will run with these known default credentials, posing a significant security risk. Input validation is performed within handlers, mitigating direct injection, but reliance on `input as any` at the tool call site means type safety isn't enforced by TypeScript there.
Updated: 2025-12-04GitHub
0
0
Medium Cost
liratanak icon

openproject-mcp

by liratanak

Sec8

Connects AI assistants to OpenProject's API v3 for project management operations.

Setup Requirements

  • ⚠️Requires an active OpenProject instance URL.
  • ⚠️Requires an OpenProject API Key with appropriate permissions.
  • ⚠️Requires the Bun runtime environment to be installed.
Verified SafeView Analysis
The server uses environment variables for sensitive API keys, ensuring they are not hardcoded. It communicates with OpenProject via HTTPS. Input validation is performed using Zod schemas for tool parameters. The HTTP server enables broad CORS (Access-Control-Allow-Origin: *), which might be overly permissive if exposed publicly without further access controls, but is common for internal tools or for specific client integrations. Optimistic locking is used for updates to prevent data conflicts. No 'eval' or obvious malicious patterns were found in the provided code.
Updated: 2025-12-13GitHub
0
0
Low Cost
mamaamacrivi icon

docker-mcp-tutorial

by mamaamacrivi

Sec9

Provides comprehensive dice rolling functionality for AI assistants in tabletop games, RPGs, and general randomization tasks.

Setup Requirements

  • ⚠️Requires Docker Desktop with the 'Docker MCP Toolkit' beta feature enabled.
  • ⚠️Requires the Docker MCP CLI plugin (`docker mcp` command) for server management.
  • ⚠️Requires manual editing of the Claude Desktop configuration JSON file, including platform-specific path formatting (e.g., double backslashes for Windows).
Verified SafeView Analysis
The server's core logic is self-contained, performing only random number generation and basic arithmetic. The Dockerfile correctly establishes a non-root user (`mcpuser`) for the server process, a critical security best practice. There are no external API calls, direct file system interactions (outside of server startup), or database connections within the `dice_server.py` code. Input validation limits dice counts and sides to reasonable ranges, mitigating potential resource exhaustion attacks. No 'eval' or direct 'subprocess.run' commands are present in the server's implementation, preventing arbitrary code execution. Logging is directed to stderr, which is standard for Docker containers.
Updated: 2026-01-19GitHub
PreviousPage 324 of 713Next