Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
john-walkoe icon

uspto_ptab_mcp

by john-walkoe

Sec9

Access USPTO Patent Trial and Appeal Board (PTAB) data via Open Data Portal API, enabling progressive disclosure, document processing, and AI-driven analysis.

Setup Requirements

  • ⚠️Requires a valid USPTO API Key (Paid access for some API endpoints, though data is generally free). Can be configured via environment variable (USPTO_API_KEY) or secure storage.
  • ⚠️Mistral API Key (MISTRAL_API_KEY) is optional for OCR functionality; without it, only basic PyPDF2 text extraction is available, which may not work for scanned documents. OCR incurs a cost (~$0.15 per 1M input tokens).
  • ⚠️Secure storage relies on Windows Data Protection API (DPAPI) for Windows, or file permissions (0o600) on Linux/macOS. Setting up these permissions correctly is crucial for non-Windows environments.
Verified SafeView Analysis
The server demonstrates robust security practices. API keys are handled securely via OS-specific (Windows DPAPI) or file permission-based secure storage with `secrets.token_bytes` for entropy. Extensive input validation (`src/ptab_mcp/validation/validators.py`) prevents common injection attacks (e.g., SQLi, XSS). All log messages are automatically sanitized to prevent sensitive data exposure and log injection (`src/ptab_mcp/shared/log_sanitizer.py`). Network communications use `httpx` with SSL verification, and include rate limiting, circuit breakers, and request body size limits. The FastAPI proxy server implements comprehensive security headers (X-Frame-Options, CSP, etc.) and strict CORS policies. File permissions for secure storage and log files are correctly enforced (0o600/0o700).
Updated: 2026-01-19GitHub
0
0
Medium Cost
ZBcheng icon

eth-trading-mcp

by ZBcheng

Sec8

An Ethereum trading service providing balance queries, token price queries, and token swap simulations via MCP protocol for AI Agents.

Setup Requirements

  • ⚠️Requires Rust 1.70+ environment.
  • ⚠️Access to an Ethereum RPC Node (public options are heavily rate-limited; a private/paid node is recommended for reliable performance).
  • ⚠️Blockchain interaction tests are ignored by default due to RPC rate limiting and require specific flags and delays to run (`cargo test -- --ignored --test-threads=1`).
Verified SafeView Analysis
The server correctly uses environment variables for sensitive data like `WALLET_PRIVATE_KEY`. By default, the server runs in a read-only/simulation-only mode, significantly reducing immediate risks. Even when a private key is provided, the exposed MCP tools (`swap_tokens`) only perform transaction *simulations* (using `eth_call` and `estimate_gas`), not actual on-chain executions. The server binds to `0.0.0.0` by default, which is standard but requires appropriate firewall configuration in production environments. Robust error handling is present for input validation and blockchain interactions. No 'eval' or obfuscation found.
Updated: 2025-11-30GitHub
0
0
Low Cost
meshula icon

LabMCP

by meshula

Sec9

A minimal, production-ready C++20 template for building an MCP (Model Context Protocol) server that implements a dice rolling tool, designed for integration with clients like Claude Desktop.

Setup Requirements

  • ⚠️Requires a C++20 compliant compiler (e.g., g++ or clang++ supporting C++20).
  • ⚠️Requires `make` to build the project.
  • ⚠️For Claude Desktop integration, manual configuration of the executable path (`/path/to/LabMCP/cpp20-mcp-template/build/cpp20-mcp-template`) is necessary in the client's configuration file.
Verified SafeView Analysis
The server communicates via standard I/O (stdio), limiting direct network exposure to external clients. Input validation is performed for the dice rolling tool to prevent excessive or malicious input (e.g., dice count between 1-100, sides between 1-1000). The project uses RapidJSON for robust JSON parsing and error handling, minimizing common JSON-related vulnerabilities. No dynamic code execution (like 'eval') or hardcoded secrets were identified in the provided source code. The C++20 features promote modern, safer coding practices (e.g., RAII, smart pointers).
Updated: 2026-01-17GitHub
0
0
Medium Cost
serginator icon

mcp-server

by serginator

Sec9

An integration server that provides AI clients with tools to interact with GitHub, Jira, and Notion for developer and project management tasks.

Setup Requirements

  • ⚠️Requires generating and configuring API tokens for GitHub, Jira, and Notion.
  • ⚠️Jira API authentication specifically requires a username/email in addition to the API token.
  • ⚠️Requires Docker or a Go development environment for local execution.
Verified SafeView Analysis
The server implements a standard JSON-RPC protocol over stdin/stdout. It uses official Go SDKs for GitHub and Notion, and a standard HTTP client with basic authentication for Jira. Configuration loads sensitive API tokens from environment variables or local files, advising against committing them. There is no usage of 'eval' or other dynamic code execution from user input, reducing code injection risks. The `run-docker-mcp-debug.sh` script logs stdin to `/tmp/mcp-debug.log` for debugging purposes, which could expose sensitive command arguments if the log file were publicly accessible, though in its intended context (local debugging) this is typically not a vulnerability. Overall, the architecture and implementation demonstrate reasonable security awareness for an integration server.
Updated: 2025-11-27GitHub
0
0
High Cost
Heiko888 icon
Sec5

Acts as a central tool-server and orchestration layer for AI agents, providing capabilities for Human Design chart calculations, generating readings, performing partner matching, and interacting with n8n workflows for automation and user data management. It serves as a 'Single Source of Truth' for chart data and encapsulates complex business logic.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for all AI agent interactions.
  • ⚠️Requires Docker and Docker Compose for full system deployment across multiple services (e.g., n8n, frontend, ChatGPT-Agent).
  • ⚠️Requires a configured n8n instance, including importing and activating specific workflows, and setting up Mattermost webhooks if notifications are desired.
  • ⚠️Inconsistent states and duplicated chart calculation logic exist across different server instances (Hetzner MCP vs. CK-App), potentially leading to discrepancies and requiring careful synchronization or refactoring.
  • ⚠️The 'Chart-Truth-Service' is noted as 'NOT FERTIG' (not finished) and using demo data, indicating a critical dependency is not fully operational.
Review RequiredView Analysis
The system presents several critical security concerns for a production environment. The extensive use of 'SUPABASE_SERVICE_ROLE_KEY' across server-side API routes (`SUPABASE_JS_TS_AUDIT.md`) completely bypasses Row Level Security (RLS) policies, granting superuser privileges to all authenticated requests and posing a significant data exposure risk. The `CORS_ORIGINS=*` setting in some configurations (`MCP Server - Detaillierte Code-Analyse`) allows requests from any domain, making it vulnerable to Cross-Site Request Forgery (CSRF) and other attacks. The presence of 'eval' or similar dangerous patterns was not explicitly found in the truncated code provided, but the widespread use of powerful API keys and broad access controls lowers the score. Environment variables are used, which is good, but their widespread use as `process.env` without clear separation of privileges (e.g., dedicated read-only keys for certain operations) and the RLS bypass are major weaknesses.
Updated: 2026-01-10GitHub
0
0
Medium Cost
seanshin0214 icon

gpt-mcp-server

by seanshin0214

Sec9

Enables ChatGPT Desktop to securely access and interact with the local filesystem for reading, searching, and optionally writing files.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires a GPT Pro subscription to enable Developer Mode in ChatGPT Desktop.
  • ⚠️Requires ngrok for public tunneling to ChatGPT, which may require a free ngrok account.
  • ⚠️Mandates explicit configuration of 'allowed_directories' in config.yaml for desired local filesystem access, otherwise defaults to the user's Documents folder.
Verified SafeView Analysis
The server implements robust security measures including path normalization to prevent traversal, a whitelist-based approach for allowed directories, blacklisting of sensitive file and directory patterns (e.g., .env, .git, .ssh), and file size limits to prevent Denial of Service. It defaults to read-only access, requiring explicit configuration for write operations. Sensitive content masking is also available for output. While `rate_limit` is configured in `config.yaml` and `SecurityConfig`, its explicit enforcement within the provided `SecurityLayer` code is not directly visible.
Updated: 2025-11-28GitHub
0
0
Low Cost
Mayimbipharel icon

bigmind-mcp

by Mayimbipharel

Sec4

Automates network device management and analysis, primarily for Cisco infrastructure, by enabling Claude AI to interact with network devices via SSH using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️Requires Claude Desktop (latest version) for AI integration.
  • ⚠️Requires SSH access to target network equipment and manual configuration of device credentials in JSON files (e.g., `config/devices-cisco.json`).
Verified SafeView Analysis
The server's configuration files (e.g., `config/devices-cisco.json`) contain hardcoded credentials (e.g., `username: "admin", password: "cisco"`). While the README advises editing these, using default or weak hardcoded credentials in configuration examples is a critical security vulnerability if not changed by the user. The `ssh2` library is used for SSH connections, which is standard, and there are no direct `eval` or obvious malicious patterns in the provided source. However, exposure to the network with weak authentication in config is a significant risk.
Updated: 2025-11-19GitHub
0
0
High Cost
wolfdancer icon

rockfish-mcp

by wolfdancer

Sec9

This server enables AI assistants to interact with the Rockfish machine learning platform for managing data, creating ML workflows, handling models, and generating synthetic data with incident injection capabilities.

Setup Requirements

  • ⚠️Requires Rockfish API Key (Paid service likely)
  • ⚠️Requires Python 3.12 or below
  • ⚠️Rockfish SDK package hosted on a custom PyPI index (`packages.rockfish.ai`), which is handled by provided `requirements.txt` but worth noting for custom setups.
Verified SafeView Analysis
The server uses environment variables for API keys and sensitive configurations, preventing hardcoding. It employs `httpx` for secure asynchronous HTTP requests with status checks. Input validation is performed through defined JSON schemas for each tool. There is no usage of `eval` or other dangerous dynamic code execution methods. A minor point is deducted for an in-memory cache of training configurations in `sdk_client` which, while likely safe in this single-tenant MCP context, could theoretically be a concern in a multi-user environment without proper isolation.
Updated: 2026-01-12GitHub
0
0
Medium Cost
raisedadead icon

outline-wiki-mcp

by raisedadead

Sec9

Connects Claude (or any MCP-compatible client) to an Outline wiki for document search, creation, management, and browsing.

Setup Requirements

  • ⚠️Requires an Outline instance URL (`OUTLINE_BASE_URL`).
  • ⚠️Requires an Outline API Key (`OUTLINE_API_KEY`), which needs to be generated from Outline settings.
Verified SafeView Analysis
Input validation is enforced using `zod` for all tool arguments, significantly reducing injection risks. API keys and base URLs are loaded securely from environment variables or a configuration file, not hardcoded. Network requests are made to the configured Outline API base URL with robust retry logic for transient errors (429, 5xx). No `eval` or obvious code obfuscation is present. The implementation follows good security practices for an integration of this type.
Updated: 2026-01-19GitHub
0
0
Medium Cost
jonnadul icon

newsapi-mcp

by jonnadul

Sec9

Integrates with NewsAPI to provide access to global news articles, headlines, and sources for MCP-compatible applications.

Setup Requirements

  • ⚠️Requires a free NewsAPI API key (registration needed)
  • ⚠️Node.js 16 or higher is required
  • ⚠️The NewsAPI key must be set as a NEWS_API_KEY environment variable
Verified SafeView Analysis
The server correctly retrieves the NewsAPI key from environment variables, preventing hardcoding. It uses axios for HTTP requests, which handles parameter encoding to prevent injection. No 'eval' or other dynamic code execution patterns were found. Error handling is present, preventing raw stack trace exposure. The primary security consideration is the secure management of the user's NEWS_API_KEY.
Updated: 2026-01-18GitHub
0
0
Low Cost
mfiordel icon
Sec4

A remote Model Context Protocol (MCP) server providing custom tools (like a calculator) to AI agents, deployed on Cloudflare Workers without authentication for demonstration purposes.

Setup Requirements

  • ⚠️Requires deployment on Cloudflare Workers.
  • ⚠️No authentication: The server is openly accessible to anyone with the endpoint URL, as per its 'authless' design.
  • ⚠️Customizing or extending tools requires TypeScript knowledge and familiarity with Zod for schema definitions.
Verified SafeView Analysis
The server is explicitly designed 'without authentication' as stated in the README and title. This means any client with the deployed URL can access and use the exposed tools (e.g., calculator functions). While the internal tool logic uses Zod for input validation, preventing basic injection for arguments, the lack of authentication makes it highly insecure for any production use case beyond a public demo. No direct 'eval' or malicious patterns were found in the provided source code.
Updated: 2025-12-03GitHub
0
0
High Cost
adner icon
Sec8

Develop AI agents leveraging Microsoft Agent Framework and CopilotKit, featuring generative UI, shared state, and human-in-the-loop capabilities.

Setup Requirements

  • ⚠️Requires GitHub Personal Access Token for GitHub Models API.
  • ⚠️Requires .NET 9.0 SDK for the C# agent backend.
  • ⚠️Requires Node.js 20+ for the Next.js frontend.
  • ⚠️Implicitly requires an OpenAI API key (or similar LLM provider) for the C# agent's functionality, as indicated by `appsettings.json`.
Verified SafeView Analysis
The application employs `dotnet user-secrets` for managing sensitive API keys like `GitHubToken`, which is a good practice to prevent hardcoding credentials in source control. Configuration files (`appsettings.json`) also use placeholders for other API keys (e.g., `OpenAI.ApiKey`) and credentials (e.g., Dataverse), indicating they should be securely configured outside the repository. Communication between the Next.js UI and the C# agent defaults to `http://localhost:5119/`, which is local-only during development, minimizing external network exposure. However, a full security audit of the C# agent's business logic (`Program.cs`) is not possible with the provided truncated source. The large number of transitive dependencies in `pnpm-lock.yaml` could introduce supply chain risks, common in modern web development.
Updated: 2025-12-05GitHub
PreviousPage 345 of 713Next