Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
laomeifun icon

my-anki-mcp

by laomeifun

Sec8

Enables AI assistants to interact with Anki flashcards through a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Anki with AnkiConnect plugin installed and running locally.
  • ⚠️Requires Node.js 20+.
  • ⚠️Using HTTP mode with '--ngrok' requires a global ngrok installation and a configured ngrok authtoken.
Verified SafeView Analysis
The server uses standard security practices like input validation (Zod) and explicit confirmation for destructive actions (e.g., deleteNotes). Sensitive configurations like AnkiConnect API keys are expected via environment variables. Network exposure is primarily controlled by user configuration; for HTTP mode, it defaults to localhost, and the integrated ngrok feature explicitly warns users about the security implications of exposing a public URL. There are no obvious hardcoded secrets or malicious patterns.
Updated: 2026-01-17GitHub
0
0
Low Cost
jonghunpark7 icon

ServicePlexMcp

by jonghunpark7

Sec2

Exposes a set of custom 'tools' over a network protocol, acting as an intermediary for a larger AI-driven system to interact with external APIs (e.g., ServicePlex AI).

Setup Requirements

  • ⚠️Python 3.7+ is required due to `async/await` syntax.
  • ⚠️The `httpx` library must be installed for external API calls (`pip install httpx`).
  • ⚠️Relies on an external API defined by the `BASE_URL` environment variable (defaults to 'https://dev-api.serviceplex.ai').
Review RequiredView Analysis
CRITICAL: The 'Basic-Key' (serviceplexBasicKey) is hardcoded, making it a static, easily discoverable secret. CRITICAL: SSL verification is explicitly disabled (`VERIFY_SSL = False`) for all external API calls, making them vulnerable to man-in-the-middle attacks. The server also binds to `0.0.0.0` by default, which, when combined with the other vulnerabilities, could expose it to unauthorized access.
Updated: 2025-12-04GitHub
0
0
Low Cost
salahdardour77 icon

gihub-mcp

by salahdardour77

Sec10

This repository is intended for testing an MCP (Multiplayer Client Protocol or similar) server.

Verified SafeView Analysis
The provided 'SOURCE CODE' only includes a README.md file, which contains no executable code. Therefore, no security risks related to 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns can be identified from the given input. The safety score reflects the absence of code to audit.
Updated: 2025-12-02GitHub
0
0
Medium Cost
Skeyelab icon
Sec8

This server acts as a Model Context Protocol (MCP) interface for AI assistants and other MCP clients to programmatically manage Directus CMS schema, content, workflows, and dashboards.

Setup Requirements

  • ⚠️Requires a running Directus instance reachable at the configured DIRECTUS_URL.
  • ⚠️Requires Directus authentication via either a DIRECTUS_TOKEN or a DIRECTUS_EMAIL and DIRECTUS_PASSWORD pair.
  • ⚠️Requires Node.js version 18.0.0 or higher.
Verified SafeView Analysis
The server adheres to good security practices by loading sensitive Directus authentication credentials (URL, token, email, password) from environment variables, preventing hardcoding. It leverages Zod for input validation on incoming MCP requests, ensuring arguments conform to expected schemas. There are no direct uses of 'eval' or obvious obfuscation. Network communication relies on the standard `fetch` API to interact with the Directus instance. Some Zod schemas use `z.record(z.any())` or `z.array(z.any())` for complex Directus API parameters (e.g., filters, deep queries, options), which means the server passes these structures directly to the Directus API without deeper content-specific validation. This delegates the responsibility of sanitizing and securing these complex query objects entirely to the Directus API itself. While this is standard for a proxy, a hypothetical vulnerability in Directus's handling of complex, dynamic queries could be exposed through this mechanism. Overall, the server's own code is robust against common web vulnerabilities.
Updated: 2025-11-25GitHub
0
0
Low Cost
sceiler icon

toolcall

by sceiler

Sec5

Creating and serving custom tools for AI models (LLMs) via the Model Context Protocol (MCP) using a minimal and type-safe API.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Requires `toolcall` and `zod` npm packages to be installed.
  • ⚠️Direct execution of TypeScript files requires `tsx` (e.g., `npx tsx`).
Review RequiredView Analysis
The `McpClient.connect` method in `src/client.ts` uses `child_process.spawn` with an unsanitized `target` string. If this `target` is derived from untrusted user input, it creates a severe command injection vulnerability. The server-side (using `serve`), while robustly validating tool parameters with Zod, does not implement specific mitigations against denial-of-service (DoS) attacks from excessively large or malformed JSON inputs. Furthermore, the overall security highly depends on the safety of the user-provided `execute` functions within the tools, as the framework cannot prevent arbitrary or malicious code within these user-defined functions.
Updated: 2026-01-16GitHub
0
0
Medium Cost
arapodcho icon
Sec9

Exposes the NEIS (National Education Information System) API as a Model Context Protocol (MCP) server, allowing client applications (e.g., LLMs) to retrieve educational information and school schedules via Server-Sent Events (SSE).

Setup Requirements

  • ⚠️Requires NEIS_SERVICE_KEY (or SERVICE_KEY) environment variable for full functionality; otherwise, operates in a degraded mode (results limited to 5 items).
  • ⚠️Assumes Python 3 and required packages (likely including 'fastmcp', 'requests', 'python-dotenv') are installed via pip.
  • ⚠️The server explicitly starts on port 8051 in `src/server.py`, contradicting the `README.md` which states a default of 8000. Clients should connect to 8051.
Verified SafeView Analysis
The server primarily acts as a wrapper around the NEIS public API, retrieving data and re-packaging it. It securely handles the NEIS_SERVICE_KEY via environment variables, which is good practice. There are no obvious code injection points, use of 'eval', direct shell execution, or suspicious network activities beyond calling the legitimate NEIS API. The 'requests' library is used for external HTTP calls, which is standard and secure. The degradation mode for a missing API key is a thoughtful fallback.
Updated: 2025-11-27GitHub
0
0
Medium Cost
bklamheem icon
Sec1

A server designed to log IP addresses and user information by abusing Discord's 'Open Original' feature via an image logger.

Setup Requirements

  • ⚠️The Discord webhook URL is hardcoded and must be changed by the user to prevent data from being sent to an unintended recipient.
  • ⚠️Requires `requests` and `httpagentparser` Python libraries to be installed.
  • ⚠️The provided code is a `BaseHTTPRequestHandler` class and requires a separate Python HTTP server setup to run it as a functional server.
Review RequiredView Analysis
The provided source code (api/image.py) is explicitly designed for malicious activities: stealing IP addresses, user agents, operating system, browser, ISP, and precise geographical location (if enabled by the client). It then exfiltrates this data to a hardcoded Discord webhook URL. A significant security risk is the inclusion of code to 'crash/freeze the user's browser' if enabled, which constitutes a denial-of-service attack. The Discord webhook URL is hardcoded in the `config` dictionary, meaning that if a user runs this code without changing the webhook, all collected data will be sent to the original author's specified webhook. There is a severe discrepancy between the repository's README, which describes a Chrome DevTools debugging tool, and the actual provided source code, which is a malicious image logger. This project, based on the source code, is inherently a privacy violation and potentially illegal, and should not be run.
Updated: 2026-01-19GitHub
0
0
High Cost
maholick icon

efecte-mcp

by maholick

Sec9

Integrates AI assistants with Efecte/Matrix42 Service Management systems, enabling natural language interactions for managing incidents, requests, problems, and other service desk entities through its Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Node.js 22 or higher.
  • ⚠️Requires access to a configured Efecte/Matrix42 instance with REST API enabled and valid API credentials.
  • ⚠️If using the HTTP transport in a production environment, `EFECTE_TRANSPORT_HTTP_ALLOWED_ORIGINS` should be explicitly configured to restrict access, as its default behavior allows all origins if left unconfigured.
Verified SafeView Analysis
The server demonstrates strong security practices including explicit origin validation (configurable via EFECTE_TRANSPORT_HTTP_ALLOWED_ORIGINS), rate limiting via express-rate-limit, automatic JWT token management with refresh, and comprehensive runtime input validation across all tools. Credentials are correctly loaded from environment variables and not hardcoded. Session management for HTTP transport includes UUID generation and periodic cleanup of idle sessions. No direct 'eval' or arbitrary command execution is present in the core server logic. A minor point is deducted because the default for allowed origins, if not explicitly configured, allows all, which could be a risk if not tightened in production environments.
Updated: 2025-12-14GitHub
0
0
Medium Cost
lsfusion icon

mcp

by lsfusion

Sec9

An extensible Micro-Copilot (MCP) server providing RAG-powered search, syntax validation, and guidance for lsFusion development.

Setup Requirements

  • ⚠️Requires OpenAI API Key (paid service)
  • ⚠️Requires Pinecone API Key (paid service, specific index name 'lsfusion' by default)
  • ⚠️Requires Python 3.x and pip for local development, or Docker for containerized deployment
Verified SafeView Analysis
The server demonstrates good security practices by explicitly advising against hardcoding secrets and relying on environment variables for sensitive API keys (OpenAI, Pinecone). The `docker-compose.yml` and `settings.py` correctly implement this. The `validate_dsl_statements_tool` uses `getattr()` for dynamic parser rule selection, which is a controlled internal dynamic call for parsing a defined DSL, not arbitrary code execution. The README provides a hardening checklist and guidance on secure secret management in various deployment environments. Network security relies on standard Uvicorn practices and external measures like reverse proxies.
Updated: 2026-01-19GitHub
0
0
Medium Cost
sumo-mcp icon

.github

by sumo-mcp

Sec6

A free MCP server to power AI chatbots with historical and live sumo data.

Setup Requirements

  • ⚠️Requires external `sumo-api.com` API to be operational.
  • ⚠️Requires external documentation (https://sumo-mcp.com) for usage instructions, as no setup or server code is provided.
Review RequiredView Analysis
Only README files are provided, offering no executable source code to audit for security risks like 'eval', obfuscation, hardcoded secrets, or malicious patterns. The project states a core dependency on an external API (sumo-api.com) which introduces external security considerations not auditable from the provided information.
Updated: 2025-11-27GitHub
0
0
Medium Cost
udittripathi icon

MCPServer

by udittripathi

Sec9

Provides LLMs with safe, read-only access to a local codebase, enabling them to answer questions about functionality, file locations, and code usages.

Setup Requirements

  • ⚠️Requires Node.js 18+ and npm 9+.
  • ⚠️Manual configuration of 'PROJECT_ROOT' in `src/config.ts` with an absolute path to the target codebase is required before running.
Verified SafeView Analysis
The server's security model emphasizes read-only access, explicit project root allowlisting, and path traversal protection, which is implemented in `src/utils/fileUtils.ts` via `resolveSafePath`. It uses a stdio transport, meaning no network access, which eliminates a class of network-based vulnerabilities. No `eval` or other obvious malicious patterns were found. `PROJECT_ROOT` requires manual user configuration, preventing arbitrary file access.
Updated: 2026-01-19GitHub
0
0
Low Cost
justinglittle icon

mcpservertest

by justinglittle

Sec9

This server acts as a Model Context Protocol (MCP) agent, providing basic utility tools like a health check and a dice roller, designed to be integrated with larger AI models or agent systems.

Setup Requirements

  • ⚠️Docker required for containerized setup.
Verified SafeView Analysis
The server primarily uses standard I/O (StdioServerTransport) for communication, minimizing direct network exposure. Tools are loaded dynamically from a fixed, internal directory ('./tools'), which is generally safe as long as the Docker image build process is secure and not susceptible to arbitrary file injection. No 'eval' or other highly dangerous dynamic code execution methods were found. Configuration relies on environment variables, preventing hardcoded secrets.
Updated: 2026-01-16GitHub
PreviousPage 335 of 713Next