Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
Aadhavan-Pachauri icon

bubble-ai-backend

by Aadhavan-Pachauri

Sec7

Enterprise-grade Model Context Protocol (MCP) server for Bubble AI, providing intelligent web search, secured LLM proxy, deep research streaming, caching, and analytics.

Setup Requirements

  • ⚠️Requires Node.js 18.x
  • ⚠️Requires Docker and Docker Compose for local monorepo setup.
  • ⚠️Requires API keys for Tavily, Firecrawl, Gemini, and OpenRouter (though some have free tiers).
  • ⚠️Requires a JWT_SECRET environment variable for authentication/authorization.
Verified SafeView Analysis
The `child_process.exec` command is used in `api/mcp-orchestrator.js` to start dependent services. While the commands and working directories are derived from internal configurations (mitigating direct injection from user input), there's a potential supply chain risk if the `package.json` scripts of the forked services (`web-search-mcp`, `bubble-search`) were to become malicious. Additionally, CORS headers are set to `Access-Control-Allow-Origin: '*'`, which is broadly permissive; for production, it's generally more secure to restrict this to known origins.
Updated: 2025-12-13GitHub
0
0
Medium Cost
lightspeed-skhattane icon

lightspeed-xseries-mcp

by lightspeed-skhattane

Sec8

Enables AI assistants to interact with Lightspeed Retail (X-Series) data by providing a comprehensive API interface.

Setup Requirements

  • ⚠️Requires Lightspeed Retail (X-Series) account with API access and a Personal Access Token.
  • ⚠️The Lightspeed API Token must have appropriate scopes (e.g., customers:read/write, products:read/write, sales:read/write, inventory:read/write, outlets:read).
  • ⚠️Requires Node.js v18 or later.
Verified SafeView Analysis
The server correctly uses environment variables (LIGHTSPEED_DOMAIN_PREFIX, LIGHTSPEED_ACCESS_TOKEN) for API credentials, which is good practice. It also supports passing these as tool arguments, which is less secure as these might be logged by the AI client. However, this is a user responsibility rather than a code vulnerability. No 'eval', obfuscation, hardcoded secrets, or evident malicious patterns were found. Standard error handling is implemented for API calls.
Updated: 2026-01-18GitHub
0
0
Medium Cost
CARTE-Toronto icon

alliance-docs-mcp

by CARTE-Toronto

Sec9

Serves Digital Research Alliance of Canada's technical documentation via a Model Context Protocol (MCP) server, offering search, categorization, related page discovery, and LLM-optimized content access.

Setup Requirements

  • ⚠️Requires Python 3.11+.
  • ⚠️Requires downloading a ~90MB sentence-transformer model (`all-MiniLM-L6-v2`) on first run if related-page indexing is enabled.
  • ⚠️Requires a functioning MediaWiki API URL for content mirroring (default is `https://docs.alliancecan.ca/mediawiki/api.php`).
  • ⚠️Initial documentation sync can be time-consuming and consume significant disk space (~393MB uncompressed for full content).
Verified SafeView Analysis
The project demonstrates good security practices, including explicit path sanitization in `storage.py` (`_title_to_filename`, `_resolve_page_path`) and leveraging established libraries like `BeautifulSoup` for HTML stripping during conversion to prevent XSS. No `eval` or obvious hardcoded secrets are present in the provided code; sensitive configurations like API URLs use environment variables with sensible defaults. The use of `requests` with a retry strategy for external API calls and `FastMCP` for serving indicates robust network handling. Potential security considerations include the inherent supply chain risk of downloading external `sentence-transformer` models for related-page embeddings (though a default well-known model, `all-MiniLM-L6-v2`, is used), and potential for high resource consumption from complex search queries if not externally rate-limited, which would typically be handled at an infrastructure level.
Updated: 2026-01-18GitHub
0
0
Low Cost
HeathLoganCampbell icon

FirstMCP

by HeathLoganCampbell

Sec7

To enable LLMs (like Copilot/VS Code client) to interact with local applications and data sources (e.g., WinForms, SQL Server) through a locally hosted C# Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires a custom C# application to be developed, compiled, and run separately.
  • ⚠️Requires the .NET SDK and a C# development environment.
  • ⚠️The C# server must be running and accessible on `http://localhost:3001`.
Verified SafeView Analysis
The provided source code consists of a README and an mcp.json configuration. The mcp.json points to a local HTTP endpoint (`http://localhost:3001`). No malicious patterns, 'eval' usage, or hardcoded secrets are visible in the provided text. However, the actual C# server application's source code is not provided, which means its implementation (e.g., handling requests, data access, input validation) cannot be audited for security vulnerabilities. The security score reflects the safety of the provided configuration and the concept of local hosting, not the unknown C# server code.
Updated: 2025-11-30GitHub
0
0
Medium Cost
Mustapha5298 icon

snippy

by Mustapha5298

Sec7

A Python-based web scraper designed to collect book-related data from online sources like OpenLibrary and Barnes & Noble.

Setup Requirements

  • ⚠️Python environment required (likely 3.7+)
  • ⚠️Playwright browsers required (install via `playwright install`)
  • ⚠️Can consume significant RAM and CPU, especially for extensive scraping.
Verified SafeView Analysis
The application performs web scraping, which may violate the Terms of Service of target websites (e.g., OpenLibrary, Barnes & Noble) and could result in the user's IP address being banned or other legal repercussions. The code uses `playwright-stealth` to mimic human behavior, which is a common technique to evade bot detection. Custom identifying headers (`X-Snippy-Bot`, `X-Snippy-Purpose`) are used. No direct internal vulnerabilities like `eval` or hardcoded sensitive secrets were found.
Updated: 2026-01-19GitHub
0
0
Low Cost

model-forge-3d

by consigcody94

Sec10

Unable to identify use case as no files or README were provided for analysis.

Setup Requirements

  • ⚠️No files or README were provided, making it impossible to determine any specific requirements or friction points.
Verified SafeView Analysis
No files or README were provided for analysis. Therefore, no code could be audited for 'eval', obfuscation, or network risks. The security score of 10 reflects the absence of executable code from this specific repository, meaning there is no inherent risk from running *its* non-existent code. It does not reflect an audit of a functional server.
Updated: 2025-11-23GitHub
0
0
Low Cost
sobia523 icon

mcp-server

by sobia523

Sec5

Provides server functionality likely related to the Minecraft Protocol (MCP), enabling multiplayer interaction or specific game services.

Review RequiredView Analysis
A detailed security audit cannot be performed as the source code was not provided. The score of 5 reflects an unknown state; general server applications inherently carry network and configuration risks. Without code, it's impossible to check for specific vulnerabilities like 'eval' misuse, hardcoded secrets, or malicious patterns.
Updated: 2025-12-05GitHub
0
0
High Cost
schwabenschulle icon

imap-email-mcp

by schwabenschulle

Sec6

Enables AI assistants to fetch, read, summarize, and send emails via IMAP/SMTP, primarily for extracting structured information like payment details.

Setup Requirements

  • ⚠️Requires a paid ngrok account with a custom domain for public access.
  • ⚠️Requires an OpenAI API Key (paid service) for summarization and `gpt-5.1` model, which is not a publicly available OpenAI model and will likely cause API errors for summarization.
  • ⚠️Email operations require IMAP/SMTP account credentials, which must be securely configured in `.env`.
  • ⚠️The server configuration variables `FLASK_PORT` and `FLASK_HOST` are mentioned in the `.env` example, but the server uses FastAPI/Uvicorn, not Flask, and the port is hardcoded as 5001 in the `uvicorn.run` command.
Verified SafeView Analysis
The server processes highly sensitive financial data (payer name, transaction ID, amount) from emails and sends it to an external OpenAI API for summarization. This inherently increases the risk surface for data exposure. While credentials are handled via environment variables (good practice), the `MCP_API_KEY` authentication can be optionally disabled, which is a significant security risk in production. Users must securely manage their `.env` file and be aware of the implications of sending sensitive email content to a third-party AI service. There is no `eval` or obvious command injection vulnerability, and `BeautifulSoup` is used for HTML parsing.
Updated: 2025-12-07GitHub
0
0
Medium Cost
Ferreyrajp icon
Sec9

Provides secure, tool-based access to the local filesystem for AI models via the Model Context Protocol (MCP), enabling AI agents to read, write, edit, and search files.

Setup Requirements

  • ⚠️Requires explicit configuration of 'allowed directories' via command-line arguments or client (LM Studio/Claude Desktop) configuration; no filesystem access is permitted otherwise.
  • ⚠️Python must be installed and accessible via PATH, or its full path must be specified in the client configuration.
  • ⚠️A full restart of the MCP client (e.g., Claude Desktop) is typically required after modifying the server configuration.
Verified SafeView Analysis
The server implements robust security measures including explicit allowed directory lists, path normalization, symlink resolution (using `Path().resolve()`), null byte rejection, and atomic file writes. All tool functions utilize a central `validate_path` mechanism to ensure operations are confined to the permitted directories, significantly mitigating path traversal and unauthorized access risks. No `eval` or other dangerous dynamic code execution patterns were found.
Updated: 2025-11-29GitHub
0
0
Low Cost
bioanywhere icon
Sec8

Deploys and manages an MCP (Managed Container Platform) server using Docker and Docker Compose.

Setup Requirements

  • ⚠️Docker required for local development and deployment.
  • ⚠️GCP Service Account credentials and Project ID required for CI/CD and image pull from Google Artifact Registry.
  • ⚠️gcloud CLI required to configure Docker for GCP Artifact Registry.
Verified SafeView Analysis
The provided source code for Docker deployment configuration itself does not contain 'eval', hardcoded secrets, or obvious malicious patterns. GCP credentials are correctly identified as secrets to be managed externally. The primary security risk would lie within the undisclosed application code running inside the Docker container, especially concerning potential vulnerabilities exploiting the mounted data volume.
Updated: 2025-12-02GitHub
0
0
Low Cost
VADIVEL-T icon

mcp-server-demo

by VADIVEL-T

Sec9

This server demonstrates a basic implementation of the Multi-Modal Compute Protocol (MCP) using the FastMCP framework, exposing a simple 'hello' tool over HTTP or standard I/O for agent interaction.

Setup Requirements

  • ⚠️Requires the `fastmcp` Python library to be installed.
  • ⚠️The `server_http.py` binding `host="127.0.0.1"` might prevent external access on cloud deployments like Render, which typically require `0.0.0.0`.
Verified SafeView Analysis
The code itself is very simple and does not contain obvious security vulnerabilities like `eval` or `exec`. The `hello` function uses safe f-string interpolation. In `server_http.py`, the `host="127.0.0.1"` setting, if strictly applied, would bind the server only to localhost, making it inaccessible externally. This contradicts the comment 'listen on all interfaces (required on Render)', where `0.0.0.0` is typically needed. This is a configuration inconsistency rather than a direct security flaw, but could lead to deployment issues or unintended internal-only access.
Updated: 2025-12-02GitHub
0
0
Medium Cost
Divakar-2005-02-02 icon

divakar-2005-02-02.github.io

by Divakar-2005-02-02

Sec7

Demonstrates how to build an MCP server and client in .NET for tool exposure, integrating results into an Ollama LLM for enhanced responses.

Setup Requirements

  • ⚠️Requires Windows 10 or later
  • ⚠️Requires .NET Framework 5.0 or higher installed
  • ⚠️Requires a local Ollama instance running with a downloaded LLM model
Review RequiredView Analysis
The provided `index.md` file itself is safe and does not contain malicious patterns. However, the project's instructions involve downloading and running a compiled executable (`.exe`) from GitHub releases. Running unverified executables from the internet carries inherent security risks, as the actual source code of the executable is not available for review in this context.
Updated: 2026-01-19GitHub
PreviousPage 348 of 713Next