Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
pakyeon icon
Sec9

Exposing Python functions as networked tools or microservices using the FastMCP framework.

Setup Requirements

  • ⚠️Requires the 'fastmcp' Python package to be installed.
Verified SafeView Analysis
The provided source code is minimal and does not contain any obvious security vulnerabilities like 'eval', hardcoded secrets, or malicious patterns. The `FastMCP` library itself would be the primary area for further security scrutiny, but the usage here is safe.
Updated: 2025-12-11GitHub
0
0
Low Cost
alok067exe icon

kali-mcp-server

by alok067exe

Sec1

Provides a server component, likely for a specific protocol or service related to Kali Linux or a similar environment, intended for multi-client interaction.

Review RequiredView Analysis
Cannot perform a meaningful security audit as the provided source code was only a truncated README file. Without actual code, it's impossible to check for 'eval', hardcoded secrets, network vulnerabilities, or malicious patterns. Running any server project without reviewing its code is inherently risky.
Updated: 2025-11-23GitHub
0
0
Medium Cost
moner124 icon
Sec9

The server enables natural language interaction with the Hyperliquid DEX for real-time cryptocurrency trading, account management, and market data retrieval.

Setup Requirements

  • ⚠️Requires `HYPERLIQUID_PRIVATE_KEY` (Ethereum private key) and `HYPERLIQUID_ACCOUNT_ADDRESS` to be provided as environment variables, which are sensitive credentials.
  • ⚠️The `setup.py` script automatically modifies the user's Claude Desktop configuration file (`claude_desktop_config.json`) in their application support directory (e.g., `~/Library/Application Support/Claude` on macOS).
  • ⚠️Requires Python 3.8 or higher, as explicitly checked by the setup script.
Verified SafeView Analysis
The project follows good practices for handling sensitive information by requiring private keys and account addresses to be loaded from environment variables (e.g., .env file) rather than being hardcoded. The `setup.py` script automatically modifies the `claude_desktop_config.json` in the user's application support directory, which, while intended functionality for integration, could be considered an intrusive action for some users, though it does create a backup. The core trading and market data tools primarily interact with the Hyperliquid SDK, and no 'eval', obfuscation, or immediately malicious patterns are apparent in the provided source code snippets. The 'dead man's switch' feature in `TradingTools` is a positive security-oriented design for automated trading.
Updated: 2026-01-19GitHub
0
0
High Cost
gyasis icon

gemini-mcp

by gyasis

Sec9

An MCP server enabling AI assistants to collaborate with Google's Gemini model for multimodal AI workflows, deep research, and coding tasks like code review, brainstorming, and debugging.

Setup Requirements

  • ⚠️Requires a valid `GEMINI_API_KEY` from Google AI Studio.
  • ⚠️Requires Python 3.12+.
  • ⚠️Recommends `uv` for fast dependency management; `pip` is a fallback.
  • ⚠️Native desktop notifications (`notify-py`) may require OS-specific dependencies/permissions (e.g., `libnotify-bin` on Linux, macOS notification permissions).
  • ⚠️Uploaded files in Gemini storage have a 48-hour retention limit.
  • ⚠️Specific `grpcio` version constraint (`>=1.62.0,<1.70.0`) which may cause dependency conflicts.
Verified SafeView Analysis
API keys are handled via environment variables (`.env`) for security. SQL injection is prevented in `StateManager.update_task` through explicit column whitelisting. SQLite uses `PRAGMA foreign_keys=ON` for data integrity and `_task_locks` in `DeepResearchEngine` mitigates race conditions during concurrent operations. File uploads are handled securely via Gemini's API, and temporary files are cleaned up. Destructive operations like file deletion require explicit confirmation (`confirmed=True`).
Updated: 2026-01-13GitHub
0
0
Medium Cost
GreenFlux icon
Sec9

Provides AI models (via Model Context Protocol) access to Handsontable documentation for enhanced code generation and contextual understanding.

Setup Requirements

  • ⚠️Requires Node.js (>=18.0.0) to be installed locally.
  • ⚠️Manual configuration of Claude Desktop's `claude_desktop_config.json` is required, specifying an absolute path to the `index.js` file.
  • ⚠️The `get_doc` tool involves fetching, parsing, and converting external HTML to Markdown, which can incur latency and potential rate limiting from the source documentation site (though the server has its own 100ms rate limit and LRU cache).
Verified SafeView Analysis
The server operates locally via stdio, eliminating external network exposure. It implements robust input validation, sanitization, and URL restriction to only 'handsontable.com', effectively preventing path traversal and other common web vulnerabilities. No 'eval' or similar dangerous patterns are used, and no hardcoded secrets are present. An in-memory cache and rate limiting are also implemented, enhancing stability and preventing abuse of the external documentation source. The explicit security policy and development best practices outlined in the repo further contribute to its high security posture.
Updated: 2025-11-28GitHub
0
0
Medium Cost
anbylau2130 icon

github-mcp-demo

by anbylau2130

Sec5

Develop and run a modified Minecraft server, likely for demonstrating modding capabilities or custom game logic.

Setup Requirements

  • ⚠️Requires Java Runtime Environment (JRE) or Java Development Kit (JDK) 8 or higher.
  • ⚠️May require specific Minecraft client version compatibility.
  • ⚠️Potentially requires manual setup of MCP (Minecraft Coder Pack) environment if building from scratch.
Review RequiredView Analysis
Source code not provided for direct audit. As a server application, it inherently presents network exposure risks. Modding environments can introduce vulnerabilities if external code is not vetted or improperly handled. Without the actual code, specific risks like 'eval', hardcoded secrets, or malicious patterns cannot be identified. Users should exercise caution and review code if available.
Updated: 2025-11-20GitHub
0
0
Medium Cost
homelab-admin icon
Sec6

Enables AI assistants like Claude to control and interact with BetterTouchTool on macOS for automation, configuration management, and system interaction.

Setup Requirements

  • ⚠️Requires macOS as BetterTouchTool is macOS-only.
  • ⚠️BetterTouchTool must be installed with a valid license and its webserver enabled in preferences.
  • ⚠️Requires Python 3.12+ for execution.
Verified SafeView Analysis
The server exposes powerful BetterTouchTool capabilities to an AI agent, including reading/writing arbitrary local file paths for preset management, displaying notifications with arbitrary images, and reading/writing clipboard content. While the server itself doesn't contain obvious injection vulnerabilities (inputs are Pydantic-validated), a compromised AI agent controlling this server could leverage these capabilities to perform destructive actions (e.g., overwrite system files via preset export), access sensitive user data (e.g., read clipboard contents), or exfiltrate local files if combined with other tools. The default communication is local HTTP, but passing a 'shared_secret' in a URL parameter is generally not ideal, though mitigated by default localhost operation. The `bttcli` subprocess execution appears robust against direct command injection from the MCP client.
Updated: 2025-11-30GitHub
0
0
Medium Cost
NaitikVora icon

Sassy-Scotty

by NaitikVora

Sec8

An MCP server that integrates with Canvas LMS and CMU SIO to provide unified task management, daily planning, and AI-powered coaching context for students.

Setup Requirements

  • ⚠️Requires Canvas API Token and CMU Andrew ID/SIO Password for full functionality.
  • ⚠️Requires Playwright browsers to be installed via `npx playwright install chromium`.
  • ⚠️User data is stored in local JSON files on the server's file system, which is not suitable for stateless or distributed deployments and requires file system write permissions.
  • ⚠️The frontend UI (sassy-scotty-ui) requires the HTTP server (`mcp-server/src/httpServer.ts`) to be running on port 3001 or proxied, otherwise it falls back to mock data.
Verified SafeView Analysis
The server correctly uses environment variables for sensitive credentials (Canvas API token, SIO username/password, admin webhook URL), which is a strong security practice. Input validation is performed using Zod schemas for tool calls, reducing the risk of malformed inputs. The Playwright browser scraping, while powerful, is executed with internally defined code, mitigating direct user injection risks. However, user data (profiles, tasks, kanban state) is stored directly on the local file system as JSON files (`mcp-server/data/`), which is not ideal for robust security or scalability in a production environment, as a server compromise could expose all user data and managing access controls/encryption for files can be complex. Path traversal for user data files is mitigated by the userId extraction regex, which prevents `../` in path segments.
Updated: 2025-11-24GitHub
0
0
Medium Cost
Mohit-Harsh icon

AgentforceMCP

by Mohit-Harsh

Sec2

Integrates Model Context Protocol (MCP) clients and REST API applications with Salesforce Agentforce Agents.

Setup Requirements

  • ⚠️Requires a Salesforce Org with Agentforce enabled and a configured Connected App.
  • ⚠️Extensive Salesforce setup (Connected App, OAuth Scopes, Remote Site Settings, Apex Actions) is required.
  • ⚠️Different server implementations require varying environment variables, and some also accept sensitive data via HTTP headers or CLI arguments.
Review RequiredView Analysis
The `src/streamable-http-agent-api/server.py` implementation exposes sensitive Salesforce Connected App credentials (`clientId`, `clientSecret`, `domainUrl`) via HTTP headers, which is a critical security risk as these can be intercepted or easily discovered. The `src/streamable-http-oauth/server.py` contains a `CustomTokenVerifier` that bypasses proper JWT verification for incoming tokens, effectively accepting any token as long as it is present, which significantly weakens the authentication mechanism of the MCP server. Additionally, the `src/stdio/server.py` and `npm-package/server.py` implementations (when run via `npx`) pass Salesforce credentials (`username`, `password`, `securityToken`, `agentName`) directly as command-line arguments, posing a risk of exposure via process listings (`ps -ef`) or command history.
Updated: 2025-11-27GitHub
0
0
Medium Cost
Hazim100-Shadow icon

documan

by Hazim100-Shadow

Sec5

documan is a documentation tool with a built-in MCP server for real-time AI-powered document search and comprehension for developers.

Setup Requirements

  • ⚠️Requires Windows 10 or higher operating system.
  • ⚠️Requires a stable internet connection for real-time AI features.
Review RequiredView Analysis
A thorough security audit of the MCP server's source code could not be performed as the provided 'SOURCE CODE' only contained the README.md file content, not the actual application code. Therefore, an assessment for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns is not possible based on the given information.
Updated: 2026-01-19GitHub
0
0
Low Cost
Oscaross icon

eatneat-mcp

by Oscaross

Sec3

This is a Swift-based Microservice Communication Protocol (MCP) server designed to act as a backend component for an 'EatNeat' application, enabling specific interactions like showing in-app popups and registering item-need matches with a local 'AppBridge'.

Setup Requirements

  • ⚠️Requires Swift 6.0 runtime and toolchain.
  • ⚠️Relies on an 'AppBridge' service running locally at `http://127.0.0.1:9090` for its core functionality.
  • ⚠️Authentication is explicitly disabled in the provided code, making it unsuitable for production environments without modification.
Verified SafeView Analysis
The server explicitly disables its authentication handler for testing via `return .authorized // DISABLE AUTH TO RUN TESTING VIA. PYTHON`. This is a critical security vulnerability if deployed in a production environment, allowing unauthorized access to all MCP tools. It listens on `0.0.0.0`, making it accessible from any network interface, which is highly risky without proper authentication.
Updated: 2026-01-02GitHub
0
0
High Cost
maggots555 icon

mcp-servers

by maggots555

Sec3

Advanced MCP server for file manipulation, search, code analysis, and Git integration, designed to extend client capabilities like Antigravity with VS Code-style editing.

Setup Requirements

  • ⚠️Requires Node.js 18+
  • ⚠️Requires manual configuration of `mcp_config.json` with absolute paths
  • ⚠️Requires Git to be installed on the system for Git integration tools to function
Review RequiredView Analysis
CRITICAL: The server is vulnerable to path traversal attacks due to a lack of input validation on file paths (`filePath`, `directory`, `path`, etc.) passed directly from user input to file system operations (e.g., `fs.readFile`, `fs.writeFile`, `fs.readdir`). This allows accessing or modifying files outside the intended project directory. SIGNIFICANT: Command injection risk exists with `git_diff` due to using `execAsync` and directly appending a user-provided `filePath` to the command string, despite an attempt to quote it. Input validation is insufficient. SIGNIFICANT: ReDoS (Regular Expression Denial of Service) vulnerability in `search_files` and `regex_replace` as user-supplied `pattern` strings are directly used to construct regular expressions, which could lead to server hang if a malicious or inefficient regex is provided. No sanitization or sandboxing of regex patterns is observed.
Updated: 2025-11-27GitHub
PreviousPage 351 of 713Next