Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
luthfiarsd icon

AI-SOC-Agent

by luthfiarsd

Sec9

Performs cyber threat intelligence and security analysis by integrating with the HoneyDB API to provide insights on CVEs, IP reputation, payload analysis, and active threats.

Setup Requirements

  • ⚠️Requires a HoneyDB API Key (https://honeydb.io/docs/api), which may involve cost or usage limits.
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires manual configuration in Claude Desktop's `claude_desktop_config.json`.
Verified SafeView Analysis
The server correctly loads API keys from environment variables, avoiding hardcoded secrets. It makes external API calls to HoneyDB, which is its intended function. No 'eval' or other directly exploitable patterns were found in the provided code. The `safe_api_request` function includes basic error handling for API calls. As with any system interacting with external APIs, network request failures or unexpected API responses are potential, but handled, risks.
Updated: 2025-12-10GitHub
0
0
Low Cost
hbuddenberg icon

TTS-Notify

by hbuddenberg

Sec8

A modular Text-to-Speech notification system for macOS, offering CLI, MCP, and REST API interfaces powered by the native 'say' command.

Setup Requirements

  • ⚠️Primarily designed for macOS as it relies on the native 'say' command; while adaptable, the current core implementation is macOS-centric.
  • ⚠️Requires Python 3.10+.
  • ⚠️For MCP server integration, requires Claude Code (or Claude Desktop for legacy configuration) for seamless operation and tool exposure.
Verified SafeView Analysis
The project uses `subprocess.run` and `asyncio.create_subprocess_exec` to invoke the native 'say' command, passing arguments as a list, which is generally safer than using `shell=True` with user input. File outputs use `TextNormalizer.sanitize_filename` to prevent path traversal. However, the FastAPI server (`api/server.py`) uses `allow_origins=["*"]` for CORS, which is a security risk in a production environment if not properly restricted. The documentation mentions this should be configured appropriately for production. No hardcoded secrets or 'eval' usage found.
Updated: 2025-11-27GitHub
0
0
Low Cost
Abhishek3689 icon

WeatherApi_MCP_server

by Abhishek3689

Sec9

This server provides current weather, multi-day forecasts, and weather comparison for specified cities using the WeatherAPI.

Setup Requirements

  • ⚠️Requires a WEATHER_API_KEY from WeatherAPI.com (potential costs/usage limits apply)
  • ⚠️Requires Python 3.12 or higher
  • ⚠️Requires an active internet connection to reach WeatherAPI.com
Verified SafeView Analysis
The WEATHER_API_KEY is correctly loaded from environment variables, preventing hardcoding. Input is handled as parameters, and no 'eval' or similar dangerous functions are used. Network requests use httpx with timeouts and status error handling. The primary external dependency is WeatherAPI.com, and security relies on its proper functioning.
Updated: 2025-12-13GitHub
0
0
Low Cost
sumulige icon
Sec9

Connects AI agents to Google NotebookLM for zero-hallucination, document-grounded answers and conversational research, particularly useful for coding with up-to-date API knowledge.

Setup Requirements

  • ⚠️Requires Node.js 18+ installed locally.
  • ⚠️Requires a Google account for NotebookLM access.
  • ⚠️Initial Google login requires manual interaction in a browser window.
  • ⚠️NotebookLM has a rate limit (e.g., 50 queries/day for free accounts), necessitating account switching or waiting if exceeded.
  • ⚠️Running multiple instances or if another Chrome instance is using the same profile can lead to 'ProcessSingleton' errors, requiring specific configuration or closing other browser instances.
Verified SafeView Analysis
The server handles Google authentication locally by opening a browser for manual login and persisting session state in a local Chrome profile. Credentials are not exposed or sent over the network by the server itself, adhering to a client-side authentication model. It utilizes `Patchright` (a Playwright fork) for browser automation, which runs locally. The `cleanup_data` tool provides robust options for removing sensitive data. No direct use of `eval` or blatant obfuscation was found. The main risk involves the inherent nature of browser automation: if a malicious NotebookLM URL were used or if the underlying Google service itself were compromised, the local browser could potentially be exploited. However, the server itself minimizes risks by keeping authentication local and clearly documenting cleanup procedures. The use of 'stealth mode' for human-like interaction is to avoid bot detection, not for malicious purposes.
Updated: 2026-01-19GitHub
0
0
High Cost
arlenagreer icon

mcp_servers

by arlenagreer

Sec8

Provides a collection of Dockerized MCP (Model Context Protocol) servers that integrate globally with Claude Code for various functionalities like web search, browser automation, code transformation, and AI reasoning.

Setup Requirements

  • ⚠️Docker Desktop is required and must be running.
  • ⚠️Several services (Tavily, Context7, Task Master AI via Claude Max plan) require API keys or paid subscriptions for full functionality, or involve third-party services.
  • ⚠️The 'Serena' server requires building from a GitHub repository, involving Python 3.11, Node.js, and Rust, leading to a longer initial build time (~5 minutes).
  • ⚠️Initial Gmail usage requires an OAuth authentication flow for credential storage.
Verified SafeView Analysis
The architecture primarily uses Docker for isolation and `docker exec` for communication, which is generally more secure than direct port exposure. Most servers run as non-root users (`pwuser`). Sensitive API keys are managed via `.env` files or environment variables, avoiding hardcoding in versioned files. However, browser-based containers use `seccomp:unconfined` for necessary functionality, which slightly broadens the attack surface. The 'serena' server also exposes specific ports (9121, 24282), which are documented for MCP and dashboard access.
Updated: 2025-11-25GitHub
0
0
High Cost
Chiragkgit icon

lmgrep

by Chiragkgit

Sec9

Performs local-only semantic search and indexing across codebases for fast, context-aware queries.

Setup Requirements

  • ⚠️Requires Python 3.11 or 3.12 (torch and tree-sitter do not support 3.13 yet).
  • ⚠️Requires significant local storage for vector stores (under ~/.lmgrep/stores/).
  • ⚠️Requires downloading embedding and reranking models on first use, which can be large.
Verified SafeView Analysis
The server operates locally and manages its own data store in the user's home directory. It uses parameterized SQL queries, `yaml.safe_load`, and file locking mechanisms to prevent common vulnerabilities. File system operations (`shutil.rmtree`) are confined to its specific data directories, which are derived from a canonicalized repository root, mitigating risks of arbitrary file deletion. No obvious hardcoded secrets, 'eval', or direct external network risks for data processing were identified.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Saimadhav-333 icon

Test-Remote-MCP-Server

by Saimadhav-333

Sec8

A FastMCP server for tracking and managing personal or small-scale expenses, including adding, listing, and summarizing financial transactions.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer.
  • ⚠️Requires 'aiosqlite' to be installed, which is not listed in the provided pyproject.toml dependencies (only 'fastmcp').
  • ⚠️The SQLite database is stored in the system's temporary directory, making it potentially ephemeral and subject to deletion upon system reboot or by system cleaners.
Verified SafeView Analysis
The server uses parameterized queries to prevent SQL injection. It binds to `0.0.0.0`, making it accessible from all network interfaces, which is common but means it's broadly exposed on a local network. It lacks built-in HTTPS, so data in transit would be unencrypted if exposed publicly without an external proxy. No 'eval' or hardcoded secrets are present. The database is stored in a temporary directory, which could lead to data loss if the system cleans temporary files.
Updated: 2025-11-28GitHub
0
0
Low Cost
vandana08 icon

TEST-REMOTE-SERVER

by vandana08

Sec10

A server providing basic arithmetic and random number generation as API tools.

Setup Requirements

  • ⚠️Requires Python 3.14+ (Note: Python 3.14 is not yet released, which makes this requirement currently impossible to meet.)
Verified SafeView Analysis
The provided code is simple and does not contain any obvious security vulnerabilities like 'eval', hardcoded credentials, or risky network operations. All operations are confined to basic arithmetic and standard library functions.
Updated: 2025-12-06GitHub
0
0
Low Cost
viraj-sh icon

mydylms-client

by viraj-sh

Sec7

An unofficial client for a university Learning Management System (MYDY LMS) that provides improved document access and an MCP endpoint for LLM integration and automation.

Setup Requirements

  • ⚠️Requires an active Moodle account at mydy.dypatil.edu to function.
  • ⚠️Moodle credentials (session cookie, session key, and internal API keys) are extracted via web scraping upon login and are stored locally in a '.env' file. Users should be aware of the security implications of storing these credentials.
  • ⚠️The application's core functionality relies on web scraping the official MYDY LMS site, making it fragile to changes in the external website's HTML structure.
Verified SafeView Analysis
The application extracts and stores Moodle session cookies and API keys locally in an .env file. While this simplifies usage, it poses a security risk if the local environment or file system is compromised. The API uses broad CORS settings ('*'), which, while common for local development, could be a concern if deployed publicly without careful configuration. The reliance on web scraping the official Moodle site makes the client brittle and susceptible to breaking if the Moodle site's HTML structure changes.
Updated: 2025-12-31GitHub
0
0
Medium Cost
Bundelkund icon
Sec2

An MCP server for LiteFarm, enabling n8n workflows or Claude Desktop to automate farm management tasks and perform direct database operations via HTTP or stdio.

Setup Requirements

  • ⚠️Requires a full local LiteFarm installation (API on http://localhost:5001, Dockerized PostgreSQL on Port 5433) running simultaneously, which is a complex prerequisite.
  • ⚠️The `LiteFarmClient` explicitly requires `selectFarm(farmId)` to be called after login (or with API calls) to set the `farm_id` in HTTP headers, which is a common breaking point for LiteFarm API interactions.
Review RequiredView Analysis
CRITICAL: The `db_execute_sql` tool directly executes arbitrary SQL queries provided as input (`client.query(sql)` in `db-tools.ts`). This is a severe SQL injection vulnerability if the `sql` input is not strictly controlled or validated. A malicious actor (e.g., via prompt injection to an LLM or direct tool invocation) could execute DDL (CREATE TABLE, DROP TABLE, etc.), delete/modify data, or perform other arbitrary database commands. Although the documentation mentions read/write only, the code does not enforce this. Test scripts have hardcoded login credentials, which is a minor risk for non-production use.
Updated: 2025-12-02GitHub
0
0
Medium Cost
gkoreli icon

backlog-mcp

by gkoreli

Sec9

A minimal task backlog server for LLM agents or CLI editors that supports MCP integration.

Setup Requirements

  • ⚠️Requires Node.js v18.0.0 or higher.
  • ⚠️Default data storage is local to the project (`data/tasks/`, `data/archive/`); use `BACKLOG_DATA_DIR` environment variable for global persistence.
  • ⚠️The web viewer runs on port 3030 by default, which must be free; otherwise, it will error.
Verified SafeView Analysis
The server includes a web viewer that makes a call to `node:child_process.exec("open \"${filePath}\"")` to open task files in the default editor. While direct shell injection via the `taskId` is mitigated by a strict `TASK-XXXX` pattern validation and `path.join` for filePath construction, using `exec` with any user-derived input (even validated) always carries a small inherent risk if future changes or specific environment configurations allow for unforeseen bypasses. The `Access-Control-Allow-Origin: *` header is set for the local web viewer, which is typical for local development tools but means cross-origin requests are permitted from anywhere.
Updated: 2026-01-17GitHub
0
0
Medium Cost
nohuiam icon

health-monitor

by nohuiam

Sec8

This server monitors the health of other Model Context Protocol (MCP) servers and the broader Imminence OS ecosystem, providing real-time alerts and aggregated status.

Setup Requirements

  • ⚠️Requires configuration files (`config/servers.json`, `config/interlock.json`, `config/thresholds.json`) to define monitored servers, InterLock peers, and alert thresholds. Missing or misconfigured files will affect functionality.
  • ⚠️The server utilizes a local SQLite database (`data/health-monitor.db`), necessitating write permissions in the `./data` directory for persistent storage.
  • ⚠️The `getPeerPort` function in InterLock handlers contains hardcoded UDP port mappings for other MCP servers. If peer ports change, this function would need updates.
Verified SafeView Analysis
The server employs several strong security practices, including input validation via Zod for MCP tool arguments, rate limiting on HTTP endpoints, and a hardcoded CORS whitelist. The InterLock UDP communication uses a 'Tumbler' for whitelisting peers and signals, along with message freshness checks, which is a robust security layer for a UDP mesh. No direct usage of `eval` or `child_process` was found. A minor concern exists with the `JSON.parse` usage on raw WebSocket messages and in the InterLock text protocol `decodeTextMessage` without explicit schema validation for all potential message types. However, the current handlers for these pathways are limited, mitigating immediate risks. Hardcoded peer port mappings in `getPeerPort` are brittle but not a direct security flaw.
Updated: 2026-01-17GitHub
PreviousPage 350 of 713Next