Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
chintakjoshi icon

mcp-context-ai-agent

by chintakjoshi

Sec6

A privacy-first AI agent that maintains persistent awareness of a user's digital life to proactively provide insights, warnings, and assistance without being asked.

Setup Requirements

  • ⚠️Requires an OpenAI API Key (which can incur costs) for potentially full functionality, despite the README's emphasis on local LLMs.
  • ⚠️Requires Docker and Docker Compose for deployment and orchestration of all services (core agent, ChromaDB, MCP servers).
  • ⚠️Requires manual acquisition and placement of API credentials (e.g., Google OAuth JSON files, Notion tokens) into the `config` directory.
  • ⚠️Requires Python 3.10+.
Verified SafeView Analysis
The project states a 'privacy-first design' with 'no data sent to external AI providers (use local LLMs via Ollama)', but the `docker-compose.yml` explicitly configures an `OPENAI_API_KEY`. If this key is utilized by the core agent's ML models or context engine for advanced processing, sensitive user data will be sent to OpenAI, directly contradicting the privacy claim. OAuth credentials (e.g., Google Calendar `credentials.json`, `token.json`) are stored locally in a `config` directory mounted into Docker containers. While this avoids hardcoding, proper user permissions are critical to secure these sensitive files. The MCP (Model Context Protocol) servers are designed with scoped access, which is a positive security design principle, but the overall system's reliance on external LLMs when privacy is a core tenet presents a notable concern.
Updated: 2025-11-26GitHub
0
0
Medium Cost
Tetsukiba icon

MCP-demo-CSCI-435

by Tetsukiba

Sec8

Automates the end-to-end workflow from Figma design extraction and code generation, through SonarQube code quality analysis (with automated patching), to creating a GitHub Pull Request.

Setup Requirements

  • ⚠️Requires manual installation and PATH configuration for the `sonar-scanner` CLI.
  • ⚠️Requires setting up `GITHUB_TOKEN`, `SONAR_BASE_URL`, `SONAR_TOKEN`, `SONAR_ORGANIZATION`, and `SONAR_PROJECT` in a `.env` file.
  • ⚠️Requires manual configuration of Figma and GitHub MCP server URLs and authentication in `~/.vscode-server/data/User/mcp.json`.
  • ⚠️Users on the Figma Starter plan are limited to up to 6 tool calls per month for Figma MCP server interactions.
Verified SafeView Analysis
The project correctly utilizes environment variables for sensitive tokens and implements secret redaction for logging. However, `sonar.py` executes `sonar-scanner` via `subprocess.Popen`, which, while necessary for its functionality, introduces an inherent risk if inputs (like `project_key` or `files` content) were not adequately sanitized or could be manipulated for shell injection. The current implementation appears to construct arguments safely, mitigating immediate shell injection concerns.
Updated: 2025-12-06GitHub
0
0
Medium Cost
fellnerd icon
Sec3

Integrates Dimetrics, Werkportal, and PPMC APIs, enabling natural language management of data, resources, and administrative entities through GitHub Copilot.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for multi-service deployment.
  • ⚠️Requires Python 3 dependencies (installable via `pip install -r requirements.txt`).
  • ⚠️Requires valid API keys for Dimetrics, Werkportal, and PPMC platforms; some are hardcoded in `docker-compose.yml` which must be changed before use.
  • ⚠️Designed for GitHub Copilot integration, necessitating an MCP client configuration.
Review RequiredView Analysis
Critical security risk: The `docker-compose.yml` file explicitly hardcodes API keys (`DIMETRICS_API_KEY`) for the `werkportal-mcp-server` and `ppmc-mcp-server` containers. This directly exposes sensitive credentials in the configuration. While the `dimetrics-mcp-server` references an `.env` file, the hardcoded keys for the other services are a major vulnerability. The server does implement transport security features like DNS rebinding protection and allowed hosts/origins, but their effectiveness depends on proper configuration, with a fallback to disabling protection if settings are incomplete.
Updated: 2025-12-23GitHub
0
0
Low Cost
Helmi97 icon

MCP-JS-Server

by Helmi97

Sec9

Provides a boilerplate for building Model Context Protocol (MCP) servers, enabling easy registration of tools via HTTP transport with Zod-based schema generation.

Setup Requirements

  • ⚠️Requires Node.js 18+
  • ⚠️Authentication requires setting the MCP_API_KEY environment variable (optional)
  • ⚠️Debug logging requires setting the DEBUG environment variable (optional)
Verified SafeView Analysis
The server uses environment variables for API keys and debug mode, which is good practice. Input validation is handled using Zod schemas for tool arguments, mitigating common injection risks. Standard Express.js practices are followed for routing and middleware. No 'eval' or obvious obfuscation is present. The `@modelcontextprotocol/sdk` itself is assumed to be secure. Default error handling prevents detailed error leaks. Rate limiting is present in the SDK dependencies but not explicitly configured in this boilerplate.
Updated: 2025-11-26GitHub
0
0
Low Cost
Activi-AI icon

The-Brain

by Activi-AI

Sec4

A server providing a memory store and audit log for AI agents like Claude Desktop and Claude Code, designed to store and search company decisions, notes, and code snippets.

Setup Requirements

  • ⚠️Requires Python 3.12+ for `better-sqlite3` native module compilation during `npm install`.
  • ⚠️The SQLite database path (`SQLITE_PATH`) must be writable; defaults to `./data/brain.sqlite`.
  • ⚠️For multi-tenant usage with the HTTP API, an external authentication and authorization layer (e.g., JWT validation, API Gateway) is CRITICAL to enforce `x-org-id`, `x-user-id`, `x-user-role`, and `x-project-id` header integrity and prevent spoofing. Without it, the system is fundamentally insecure for shared environments.
Review RequiredView Analysis
The HTTP API relies on `x-org-id`, `x-user-id`, `x-user-role`, and `x-project-id` headers for multi-tenancy context. If these headers are missing, hardcoded default values (`org-001`, `user-admin-001`, `admin`, `proj-001`) are used. This header-based authentication/authorization is highly susceptible to spoofing if the API is exposed to untrusted networks, allowing unauthorized access to data across different tenants or users. The `requireAdmin` function similarly relies solely on a header value. While prepared statements prevent SQL injection, the lack of robust authentication/authorization for multi-tenancy makes it unsafe for public deployment without an external security layer. The STDIO server uses fixed default context, acceptable for local desktop use but not for exposed scenarios. CORS is enabled globally without specific origin restrictions, posing a risk if deployed publicly. Error messages could potentially leak internal details.
Updated: 2026-01-18GitHub
0
0
Low Cost
siddhant-ew icon

mcp-server-expenses

by siddhant-ew

Sec9

Manages and tracks personal expenses, storing them in a SQLite database via a FastMCP server.

Setup Requirements

  • ⚠️DB_PATH hardcoded to a Windows-specific path (C:\Projects\Personal\mcp-server-expenses), requiring modification for other environments.
  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires 'fastmcp' library to be installed.
Verified SafeView Analysis
SQL queries are parameterized, mitigating SQL injection risks. No obvious hardcoded secrets or malicious patterns were found. The 'get_square' function in 'remote-mcp.py' calculates 'a**a', which could lead to very large numbers, potentially causing performance issues for extremely large inputs, but is not a direct security vulnerability like RCE. The DB_PATH is hardcoded to a Windows-specific path in 'main.py' and 'expense_tracker.py', which is a portability issue but not a security risk.
Updated: 2025-11-29GitHub
0
0
Low Cost

mcp-demo-server

by MomentaryChen

Sec9

A demo server demonstrating basic real-time communication using the @mcp-socket/server library, sending welcome and 'Ping!' messages to connected clients.

Setup Requirements

  • ⚠️Requires Node.js and npm/yarn
  • ⚠️TypeScript project requires compilation (npm run build) before running the start command.
Verified SafeView Analysis
The code is simple and demonstrates basic server functionality without complex user input processing, 'eval' usage, or hardcoded secrets. It listens on port 8080 as expected for a server and primarily logs messages and sends fixed strings.
Updated: 2025-11-27GitHub
0
0
Low Cost
dkasaj icon
Sec8

Enable AI assistants to play YouTube videos in the Tubist macOS app using natural language.

Setup Requirements

  • ⚠️Requires macOS 13 (Ventura) or above.
  • ⚠️Requires Tubist v1.3+ app to be installed.
  • ⚠️Requires manual configuration of Claude Desktop (or other MCP client) JSON file with correct absolute paths for Node.js and the server's `index.js`.
Verified SafeView Analysis
The server uses `child_process.spawn('open', [tubistURL])` to open URLs. The `tubistURL` is constructed using a YouTube URL provided by the AI assistant. While `open` is a trusted macOS command for delegating URL handling, the overall security relies on the Tubist application's robust handling of its custom URL scheme (`tubist://play?`). The server itself does not contain direct `eval` calls, unsanitized shell interpolations for arbitrary commands, or hardcoded secrets.
Updated: 2026-01-19GitHub
0
0
Medium Cost
yummysuperapp icon

bi-cloud-run-mcp-servers

by yummysuperapp

Sec9

Provides AI assistants (like Claude) with access to dbt models, metrics, and BigQuery data via an MCP server deployed on Google Cloud Run.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with billing enabled.
  • ⚠️Requires a dbt Cloud account and API token.
  • ⚠️Manual update of Dockerfile to specify your dbt repository URL is required.
Verified SafeView Analysis
The project demonstrates strong security practices, emphasizing avoiding hardcoded credentials by using environment variables, GitHub Secrets, and Cloud Run Secret Manager. It provides clear documentation and setup guides for secure configuration, including proper `.gitignore` usage and separate service accounts for least privilege. The default `--allow-unauthenticated` for Cloud Run requires user attention for production hardening, but instructions to disable it are provided.
Updated: 2025-12-14GitHub
0
0
Low Cost
tushargandhi77 icon
Sec9

Manages personal expenses by allowing users to add, list, and summarize expense entries through an API.

Setup Requirements

  • ⚠️Data is not persistent: The SQLite database is created in a temporary directory and will be lost if the server or environment restarts or the temporary directory is cleaned.
  • ⚠️Requires Python 3.11 or higher.
Verified SafeView Analysis
The code uses parameterized SQL queries, preventing SQL injection. No `eval` or similar dangerous functions are present, and no hardcoded secrets are identified. The database is initialized in a temporary directory, which isolates data but implies non-persistence across restarts if not explicitly handled.
Updated: 2025-12-03GitHub
0
0
Medium Cost
zaevlad icon

HornetMCP

by zaevlad

Sec9

Provides a standalone Model Context Protocol (MCP) client to integrate smart contract vulnerability search directly into AI chat platforms like Claude Desktop.

Setup Requirements

  • ⚠️Requires an API key from hornetmcp.com, which may involve usage quotas and different tiers (free/paid).
  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires an MCP-compatible AI client (e.g., Claude Desktop, Claude CLI, VS Code with Claude extension) for integration.
Verified SafeView Analysis
The client's source code does not contain 'eval', obfuscation, hardcoded secrets, or obvious malicious patterns. API keys are managed through `.env` files or environment variables, which is a secure practice, and `.gitignore` prevents accidental commits. The primary security consideration for users is that the client sends user-provided Solidity code snippets or natural language descriptions to a remote third-party API (`https://hornetmcp.com`) for analysis. Users should be aware of this data sharing and ensure they trust the remote service with their code.
Updated: 2026-01-12GitHub
0
0
Medium Cost
abiheiri icon
Sec9

Provides tools for interacting with the pCloud API for cloud storage management, including listing, downloading, uploading, renaming, moving, deleting files and folders, and managing trash.

Setup Requirements

  • ⚠️Requires a pCloud account with valid `PCLOUD_USERNAME` and `PCLOUD_PASSWORD` set as environment variables.
  • ⚠️Dependencies must be installed using `uv` (recommended in README) or `pip` within a Python 3.11+ environment.
  • ⚠️Docker deployment requires building the `pcloud-mcp:1.0` Docker image first.
Verified SafeView Analysis
The server uses environment variables for sensitive credentials (`PCLOUD_USERNAME`, `PCLOUD_PASSWORD`), which is a good practice. It utilizes `httpx` for network communication and `pathlib` for robust file path handling, mitigating common injection and path traversal risks. Asynchronous tasks are managed with `asyncio`, and logging is directed to `stderr` to avoid interfering with MCP's `stdout` JSON-RPC communication. No direct use of dangerous functions like `eval` or `os.system` was observed. The authentication mechanism handles token generation and refresh, and API regions are configurable. Overall, the security posture appears robust for its intended function.
Updated: 2025-12-08GitHub
PreviousPage 330 of 713Next