Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
brownrl icon

ecl_mcp

by brownrl

Sec9

Provides AI agents with programmatic access to the European Commission's Component Library (ECL) documentation and code examples, enabling them to build and retrieve UI components.

Setup Requirements

  • ⚠️Requires a pre-populated `ecl-database.sqlite` file. This database is typically built by running the `crawl.js` script.
  • ⚠️Requires Node.js runtime installed.
  • ⚠️Local ECL assets (CSS, JS, icons) need to be downloaded and placed in an `assets/` directory (e.g., by running `download-ecl-assets.sh`) for the `get_starter_template` tool to function correctly.
Verified SafeView Analysis
The server uses SQLite with parameterized queries, which is a good practice against SQL injection. File I/O operations are for reading trusted local files (scripts, templates, database). External content fetching happens during the crawling process (via `crawl.js`) which is separate from the MCP server's runtime. The MCP server itself primarily serves data from a local database over `stdio`. No direct use of `eval` or hardcoded secrets found in the server logic. The `ecl-ec.js` is a client-side library; its security is relevant for web applications using it, but not for the server-side audit of this MCP server.
Updated: 2025-11-27GitHub
0
0
Low Cost
Mydcj icon
Sec9

Provides a basic TCP server for testing network connections and data exchange.

Setup Requirements

  • ⚠️Node.js environment required (if not using Docker directly)
  • ⚠️Docker is the primary recommended deployment method via the provided Dockerfile.
Verified SafeView Analysis
The server is a very simple TCP listener with no external dependencies, dynamic code execution (e.g., eval), or hardcoded secrets. It logs received data and sends a fixed response. The only potential 'risk' is that it listens on `0.0.0.0`, exposing it to all network interfaces, which should be considered for public deployment but is common for a test server.
Updated: 2025-11-22GitHub
0
0
Medium Cost
Muhaastok icon

DBJavaGenix

by Muhaastok

Sec8

Generates layered Java code (Entity, DAO, Service, Controller) from database schemas using AI-enhanced analysis and templates, with Spring Boot project dependency management.

Setup Requirements

  • ⚠️Requires Python 3.9+ for the server to run.
  • ⚠️Requires Java JDK 8 or higher to compile and run generated code.
  • ⚠️Requires a database connection (e.g., MySQL, PostgreSQL) to analyze schemas and generate code.
  • ⚠️Requires an OpenAI or other supported AI service API Key (paid) if AI-enhanced features are used.
Verified SafeView Analysis
The server features SQL query execution (db_query_execute) but strictly limits it to 'SELECT' queries for safety. Database credentials (passwords) are handled directly in arguments and in configuration files, though a `ConnectionManager` masks them for internal storage. Build files (pom.xml, build.gradle) are modified using regex, which can be brittle but is mitigated by a backup mechanism during automatic dependency fixes. No direct 'eval' or malicious obfuscation patterns were identified.
Updated: 2026-01-19GitHub
0
0
Low Cost
kym6464 icon
Sec8

A remote Model Context Protocol (MCP) server demonstrating Google OAuth as an identity provider for authentication and serving basic AI tools and resources over Streamable HTTP.

Setup Requirements

  • ⚠️Requires acquiring Google OAuth Client ID and Client Secret by following Google's guide for web server applications.
  • ⚠️A '.env.local' file must be created and configured with the Google client credentials.
  • ⚠️The pnpm package manager is used for dependency installation and script execution.
  • ⚠️Node.js version 18 or higher is required.
Verified SafeView Analysis
The server implements OAuth 2.0 flows using Google's official client library, ensuring standard and secure authentication practices. Sensitive credentials (Google Client ID/Secret) are correctly externalized via environment variables, preventing hardcoding. The in-memory client store for Dynamic Client Registration (DCR) is acceptable for a demonstration, but a production environment would require a persistent store. The use of a wildcard `*` for the CORS `origin` header is common for demos but should be restricted to specific trusted domains in a production setup to mitigate potential cross-site scripting (XSS) risks. No 'eval' or other malicious patterns, or obfuscation were found in the provided source code.
Updated: 2025-11-24GitHub
0
0
High Cost
diamajumder icon

mcpserver

by diamajumder

Sec8

A collection of Model Context Protocol (MCP) servers enabling AI agents with prompt management, resource querying, tool execution (file I/O, API calls), memory persistence via vector stores, and external service integration, orchestrated by an OpenAI-integrated client.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for client and memory tracker functionality.
  • ⚠️Requires Python 3.13 or newer, as specified in multiple `pyproject.toml` files.
  • ⚠️The `mcp-client/client.py` contains a hardcoded path (`C:\MCP\code\mcp-build-memory\run\server.py`) that needs to be updated by the user to point to their actual local MCP server instance.
  • ⚠️Relies on `uv` (a Python package manager/environment tool) for dependency management and possibly for running servers, as indicated by `pyproject.toml` workspace configuration and client script usage.
Verified SafeView Analysis
File I/O functions (`add_note_to_file`, `add_person`, `read_file`) directly use string input from the user or LLM, which could lead to unvalidated content being written to or read from specific local files (`notes.txt`, `log.txt`), potentially impacting data integrity or exposing previously stored data. No direct 'eval' or critical code injection vulnerabilities were found.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Raghavvram icon

github-readme-mcp

by Raghavvram

Sec9

Provides a local Model Context Protocol (MCP) server for fetching README.md files from public GitHub repositories.

Setup Requirements

  • ⚠️Requires pnpm for dependency management and building.
  • ⚠️Requires Node.js to run.
  • ⚠️Requires an absolute path to the compiled 'index.js' for integration with tools like gemini-cli.
Verified SafeView Analysis
The server's functionality is limited to fetching public README.md files. No 'eval', obfuscation, or hardcoded secrets were found. The 'repoName' input is directly used to construct a URL to raw.githubusercontent.com, which is generally safe for content delivery and resists simple path traversal attacks to arbitrary files outside its scope. The primary risk would be how the consuming application handles the returned markdown content, but the server itself does not introduce direct execution vulnerabilities. The server makes an assumption of 'main' as the default branch, which is a functional limitation rather than a security flaw.
Updated: 2026-01-18GitHub
0
0
Low Cost
ateska icon
Sec9

Enables AI assistants to manage Markdown notes and images through the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Docker is the recommended installation and execution method.
  • ⚠️Requires a configuration file (e.g., `etc/markdown-notes-mcp.conf`) with defined tenant IDs.
  • ⚠️Multi-tenant support is enforced, requiring at least one tenant ID to be configured.
Verified SafeView Analysis
The server implements robust path normalization (`normalize_note_path`) to prevent directory traversal attacks, ensuring all file system operations (CRUD for notes and directories, image uploads) are constrained within the designated tenant-specific notes directory. Input parameters for file and directory names are sanitized using `os.path.basename`. No 'eval' or similar dangerous functions are used, and no hardcoded secrets are evident. File operations like `os.remove` and `shutil.rmtree` are controlled by these safe path handling mechanisms.
Updated: 2026-01-12GitHub
0
0
Low Cost
VIGNESH-2232005 icon
Sec7

Manages employee data via an HTTP API, secured with Google OAuth, and integrated as an MCP server for AI agents.

Setup Requirements

  • ⚠️Requires Node.js v18+.
  • ⚠️Requires Google Cloud Credentials (CLIENT_ID, CLIENT_SECRET) to be configured in a .env file.
  • ⚠️The Google Cloud Console project must have `http://127.0.0.1:3000/oauth2callback` (or `http://localhost:3000/oauth2callback`) added as an authorized redirect URI.
  • ⚠️The system requires two separate terminal processes to run concurrently: one for the Mock API server (`npm run api`) and one for the Main MCP server (`npm start`).
  • ⚠️Due to `logout()` being called after every successful operation in `src/bridge.js`, users will be prompted to re-authenticate via Google OAuth for every single interaction (e.g., listing employees, then adding one, then listing again).
Verified SafeView Analysis
Google Client ID and Secret are loaded from environment variables, which is good practice. The server saves the Google ID token to a local '.token' file; this file should have strict permissions to prevent unauthorized access. The `src/bridge.js` (used for Windsurf integration) immediately calls `logout()` after *every* successful tool execution or resource access, which deletes the local token file. This design forces re-authentication via a browser for every single subsequent interaction, making the session extremely ephemeral and enhancing security by limiting token lifetime, but at a significant cost to usability.
Updated: 2025-12-11GitHub
0
0
Low Cost
arvindg4u icon

n8n-doctor-mcp

by arvindg4u

Sec9

This server acts as a diagnostic tool for n8n workflows, providing insights into their status and health.

Setup Requirements

  • ⚠️Requires an existing n8n instance to connect to.
  • ⚠️Requires N8N_API_URL environment variable to be set.
  • ⚠️Requires N8N_API_KEY environment variable for authentication with the n8n API.
Verified SafeView Analysis
The server correctly uses environment variables for sensitive API keys (N8N_API_KEY) and does not hardcode them. Input schemas are defined for tools, although inputs are currently empty. Basic error handling is present. No 'eval' or malicious patterns were identified. External API calls are made via axios to a configurable n8n instance, which is standard practice.
Updated: 2025-11-26GitHub
0
0
Medium Cost
r-huijts icon

coder

by r-huijts

Sec8

Transforms iTerm2 into a powerful AI coding agent, providing structured tools for terminal interaction, filesystem manipulation, and code searching.

Setup Requirements

  • ⚠️Requires macOS (iTerm2 is macOS-only).
  • ⚠️Requires Homebrew for `ripgrep` installation (`brew install ripgrep`).
  • ⚠️iTerm2 must be configured: Python Runtime installed and 'Allow all apps to connect to iTerm2' enabled in Script settings.
  • ⚠️Requires an MCP client (e.g., Claude Desktop) to operate; it is not a standalone HTTP server.
Verified SafeView Analysis
The server employs several safety features: `run_command` requires confirmation for destructive commands. File I/O and code search use dedicated Python methods or `subprocess.create_subprocess_exec` (without `shell=True`) to avoid direct shell injection risks. Complex shell commands are written to temporary, self-deleting scripts to mitigate quoting issues during injection. `send_text` can use `async_inject` to bypass shell interpretation. While `run_command` ultimately executes via a shell, these layers, combined with the intended local-only use by a trusted MCP client, make it reasonably secure for its purpose. No obvious hardcoded secrets or malicious patterns were found.
Updated: 2025-12-22GitHub
0
0
Medium Cost
horison-ai icon

google-drive-mcp

by horison-ai

Sec9

Provides a Model Context Protocol (MCP) server for comprehensive Google Drive file and folder management, sharing, search, and comments.

Setup Requirements

  • ⚠️Requires a running and accessible 'connectivity-service' to fetch OAuth credentials.
  • ⚠️Requires `GOOGLE_OAUTH_CLIENT_ID` and `GOOGLE_OAUTH_CLIENT_SECRET` environment variables to be set for Google OAuth.
  • ⚠️The `drive_read_file` operation can return the entire content of a file as text, potentially leading to very high token costs if large text files are processed.
Verified SafeView Analysis
The server uses standard Google API client libraries and retrieves OAuth credentials from an external 'connectivity-service' via environment variables (`CONNECTIVITY_SERVICE_URL`, `INTERNAL_API_KEY`). It does not store credentials locally. Critical security depends on the integrity and security of the 'connectivity-service' and the secure handling of all required environment variables (`GOOGLE_OAUTH_CLIENT_ID`, `GOOGLE_OAUTH_CLIENT_SECRET`). No 'eval' or similar dangerous patterns are found in the provided source code.
Updated: 2025-11-22GitHub
0
0
Low Cost
ezemriv icon
Sec9

A reusable template for building Model Context Protocol (MCP) servers, allowing LLMs to use custom tools, access resources, and leverage prompts.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Requires 'uv' (Astral's dependency manager) to be installed globally or accessible in PATH.
  • ⚠️Manual Claude Desktop configuration requires absolute paths to the 'uv' binary and project directory.
Verified SafeView Analysis
The server uses FastMCP from the official MCP Python SDK and only implements very basic, safe operations (greeting, static info). There are no 'eval', 'exec', 'subprocess' calls or direct network interactions beyond what the MCP framework handles. No hardcoded sensitive data is present. As a template, custom implementations would need to be audited for security, but this base is robust.
Updated: 2025-12-06GitHub
PreviousPage 352 of 713Next