Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
seoninja13 icon
Sec1

This project likely functions as an external server endpoint that, upon receiving an event or data, processes it and then pushes it as a trigger into an n8n workflow, potentially within a specific 'MCP' (Multi-Cloud Platform) environment.

Setup Requirements

  • ⚠️Requires a running n8n instance to connect to and trigger workflows.
  • ⚠️Likely requires Node.js runtime environment to execute.
  • ⚠️Configuration needed to specify the n8n instance URL and potentially authentication credentials.
Review RequiredView Analysis
Cannot perform a security audit as no source code was provided for analysis. Without access to the code, it is impossible to check for malicious patterns, hardcoded secrets, dangerous functions like 'eval', or other common security vulnerabilities. Therefore, its safety cannot be assessed.
Updated: 2025-11-21GitHub
0
0
Medium Cost
chrisns icon
Sec9

Enables AI assistants to automatically check room availability and create bookings through natural language interactions with the Matrix Booking API.

Setup Requirements

  • ⚠️Requires a valid Matrix Booking account with credentials.
  • ⚠️Requires Node.js version 22.0.0 or higher.
  • ⚠️Requires specific environment variables (`MATRIX_USERNAME`, `MATRIX_PASSWORD`, `MATRIX_PREFERED_LOCATION`) to be configured.
Verified SafeView Analysis
The server demonstrates strong security practices including comprehensive input sanitization (preventing XSS, `javascript:` protocol), robust environment-based credential management (no hardcoded secrets), and careful redaction of sensitive information from error responses. Network requests use standard `fetch` API with timeouts and retries, reducing risk.
Updated: 2026-01-15GitHub
0
0
Medium Cost
samcorl icon
Sec8

The Dharma MCP Service provides Model Context Protocol (MCP) tools for fiber arts agents to help customers with product recommendations, compatibility checking, and project guidance.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for recommended deployment and development.
  • ⚠️Requires Ruby 3.2.2 for native local development.
  • ⚠️Requires MySQL 8.0 database.
Verified SafeView Analysis
The server follows standard Rails security practices, using environment variables for sensitive credentials (MYSQL_PASSWORD, RAILS_MASTER_KEY). SQL queries in the `McpController` use ActiveRecord's parameterized `where` clauses (e.g., `ILIKE ?`), which properly escapes input and mitigates SQL injection risks. No direct `eval` or blatant obfuscation was found. The `AgentGuidance` feature's condition matching is noted as 'simple' in a comment, suggesting it could be more robust, but this is a functional limitation rather than a direct security vulnerability. Overall, it appears safe for its intended purpose.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Monipoo0904 icon

octo-goggles

by Monipoo0904

Sec8

Exposing ChatGPT functionalities (chat, text analysis) via an HTTP API and an MCP (Model Context Protocol) interface.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid)
  • ⚠️Requires `openai` Python package
  • ⚠️Requires `mcp` Python package
Verified SafeView Analysis
API key loaded from environment variable, which is good practice. The API handler sets a wildcard Access-Control-Allow-Origin header, allowing requests from any domain. While common for public APIs, it's a consideration for client-side security, but not a direct server vulnerability. No 'eval', hardcoded secrets, or obvious malicious patterns were found.
Updated: 2025-12-05GitHub
0
0
High Cost
JSalas-RPA icon

mcp-server

by JSalas-RPA

Sec5

Automates the end-to-end processing of incoming invoices from document extraction using OCR and LLMs to validation and posting in SAP S/4HANA.

Setup Requirements

  • ⚠️Incomplete `pyproject.toml` dependencies: Key libraries like `requests`, `openai`, `google-cloud-vision`, `pdf2image`, and `llama_parse` are essential but missing from `pyproject.toml`.
  • ⚠️Python 3.13+ Requirement: The `pyproject.toml` specifies `requires-python = ">=3.13"`.
  • ⚠️SAP S/4HANA Account and Permissions: Requires a configured SAP S/4HANA user with necessary permissions for supplier, purchase order, material document, and invoice APIs.
  • ⚠️Google Cloud Platform Setup: Requires a GCP project with the Cloud Vision API enabled, and a Service Account key (`datecKeyCredentials`) with permissions for GCS and Cloud Vision.
  • ⚠️OpenAI API Key (Paid): Requires an OpenAI API key (`API_OPENAI_KEY`).
  • ⚠️LLaMA Parse API Key (Potentially Optional): `LLAMAPARSE_API_KEY` is referenced, though `google.cloud.vision_v1` is primarily used for OCR in the current flow.
Review RequiredView Analysis
The code uses `os.getenv` for secrets, which is good practice. However, `image_storage.py` disables SSL certificate verification (`verify=False`) for `requests.get` calls under specific `ENVIRONMENT` conditions, creating a critical Man-in-the-Middle (MITM) vulnerability for network communications. Additionally, GCP credentials (`datecKeyCredentials`) are written to a temporary local file, posing a transient risk of exposure. LLM outputs are parsed as JSON, and while `clean_openai_json` attempts sanitization, complex malicious JSON from the LLM could theoretically be an issue, though less likely with a trusted model.
Updated: 2026-01-15GitHub
0
0
Low Cost
jxcks48 icon

mcp-server-ch5

by jxcks48

Sec9

This server demonstrates a basic Model Context Protocol (MCP) server exposing simple utility tools (greeting, arithmetic, server info) over standard I/O (stdio).

Setup Requirements

  • ⚠️Requires the 'mcp' Python library to be installed (e.g., via pip).
  • ⚠️Requires Node.js and npm to install the MCP Inspector (`npm install -g @modelcontextprotocol/inspector`) to view in the inspector.
Verified SafeView Analysis
The provided source code is simple and defines pure functions as tools. It does not contain direct security vulnerabilities like 'eval', 'exec', hardcoded credentials, or direct shell command execution. The communication via stdio inherently relies on the security of the parent process and overall system environment. No external network connections are initiated by the server itself beyond the stdio interface.
Updated: 2025-11-28GitHub
0
0
Low Cost
Vishal150494 icon
Sec8

The server demonstrates Model Context Protocol (MCP) implementations, providing tools for arithmetic calculations and searching FreeCodeCamp news and YouTube feeds via STDIO and HTTP transports.

Setup Requirements

  • ⚠️Requires Python 3.13 or higher.
  • ⚠️Poetry is recommended for dependency management, or manual pip installation.
  • ⚠️Requires specific environment variables (.env file) for RSS and YouTube feed URLs.
Verified SafeView Analysis
Input validation is present for numerical operations (e.g., handling division by zero) and parameter types. Environment variables are used for external URLs, preventing hardcoded secrets. RSS feed parsing inherently involves external content, but the feedparser library is standard and generally robust. No 'eval' or other directly dangerous system commands were identified. Servers bind to localhost for most examples, limiting direct external exposure in development.
Updated: 2025-12-02GitHub
0
0
Medium Cost
kira-id icon
Sec7

A Model Context Protocol (MCP) server designed to assist AI coding agents in managing Next.js projects by providing curated dependency categories, convention sets, and tools to interact with `package.json` files and run lint checks.

Setup Requirements

  • ⚠️Requires pnpm for package management.
  • ⚠️Requires git for lint checks on changed/untracked files.
  • ⚠️Requires Node.js >= 18.
Verified SafeView Analysis
The server uses `execSync` and `spawnSync` for operations like `git diff`, `pnpm install`, `pnpm build`, and lint checks (`eslint`, `prettier`, `stylelint`, `tsc`). While these are common development operations, running external commands always carries an inherent risk. The `run_lint_checks` tool executes commands defined in `lint-changed.json` against changed files. If `lint-changed.json` were to contain malicious commands or if `projectPath` could be manipulated to inject commands, it could pose a security risk. However, the `projectPath` is resolved using `path.resolve` which mitigates directory traversal, and the commands themselves are typically well-defined development tools. There are no obvious signs of `eval`, obfuscation, or direct hardcoded secrets for external services.
Updated: 2025-12-12GitHub
0
0
Low Cost
Kimchiigu icon

aave-lending-mcp

by Kimchiigu

Sec9

Manages Aave V3 lending positions and executes transactions for users via natural language commands.

Setup Requirements

  • ⚠️Requires an Alchemy API Key (or equivalent RPC endpoint for the chosen network, potentially a paid service).
  • ⚠️Requires Python 3.12+ (if running without Docker).
  • ⚠️Requires Docker and Docker Compose (recommended setup) or manual npm/pip dependency management.
Verified SafeView Analysis
The project adheres to a non-custodial model, generating unsigned transactions for client-side signing. Input validation for user addresses is implemented. No direct handling of user private keys for user funds is observed. The presence of an `EXECUTOR_PRIVATE_KEY` environment variable is noted, which could introduce a risk if misused for internal operations, but is not part of the standard user transaction flow.
Updated: 2025-12-02GitHub
0
0
Low Cost
ebhawana icon

basic-mcp-server

by ebhawana

Sec9

This server provides a set of simple utility tools (dice roll, arithmetic) exposed via an HTTP API using FastMCP for potential agent interaction.

Setup Requirements

  • ⚠️Python 3.12+ only
  • ⚠️Requires 'uv' or 'fastmcp' installed
Verified SafeView Analysis
No 'eval', obfuscation, or hardcoded secrets found. Tools are simple and perform basic arithmetic/random operations. The server binds to localhost (127.0.0.1:8000) by default, limiting direct external exposure. It uses HTTP transport which is unencrypted unless a reverse proxy is used.
Updated: 2025-12-02GitHub
0
0
Medium Cost
stacklet icon

mcp-server

by stacklet

Sec6

The Stacklet MCP Server integrates LLMs with cloud governance and analytics by exposing tools for AssetDB SQL queries, Platform GraphQL operations, and comprehensive documentation access.

Setup Requirements

  • ⚠️Requires `STACKLET_ENDPOINT`, `STACKLET_ACCESS_TOKEN`, `STACKLET_IDENTITY_TOKEN` environment variables or ~/.stacklet configuration files for authentication.
  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Authentication tokens obtained via `stacklet-admin login` expire after 12 hours, necessitating re-authentication.
Review RequiredView Analysis
The server can access confidential data. It directly executes LLM-generated SQL queries via `assetdb_sql_query`, which poses a high risk of SQL injection, especially with 'text' parameters that use template substitution rather than prepared statements. By default, write operations (saving queries, archiving queries, executing GraphQL mutations) are disabled, significantly reducing risk. However, enabling `_ALLOW_` environment variables grants the LLM the same powers as the authenticated user, allowing potentially destructive or data-modifying actions. Full query results are saved locally, potentially exposing sensitive data. There are no hardcoded secrets or 'eval' usage observed. Proper authentication via `stacklet-admin login` is required, and permissions are inherited from the authenticated user. The `json_guard` decorator is used to prevent accidental JSON encoding issues from LLMs, but does not prevent malicious input.
Updated: 2026-01-14GitHub
0
0
Medium Cost
mozhaa icon

mcp-sbt-shell

by mozhaa

Sec4

Execute sbt commands in a persistent shell session to interact with Scala projects and their build processes.

Setup Requirements

  • ⚠️Requires sbt to be installed and accessible in the system PATH.
  • ⚠️Requires a Scala project with a 'build.sbt' file in the specified working directory.
  • ⚠️The sbt prompt detection logic is 'tested on Windows with sbt.bat' and uses a specific byte sequence, which might behave differently or fail on non-Windows operating systems (e.g., macOS, Linux).
Review RequiredView Analysis
The server executes arbitrary sbt commands provided by the client without input sanitization for the 'command' parameter. If exposed to untrusted networks or users, this poses a significant command injection risk, allowing execution of potentially malicious sbt commands or underlying system commands. Requires careful deployment to ensure only trusted clients can access it, preferably within a sandboxed environment.
Updated: 2025-11-30GitHub
PreviousPage 339 of 713Next