Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
ry-ops icon
Sec9

Integrates Pulseway RMM (Remote Monitoring and Management) API capabilities with AI assistants using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a Pulseway RMM account with API access and manually generated API credentials (Token ID and Token Secret).
  • ⚠️Installation heavily recommends using `uv` (Astral's fast Python package manager), which may need to be installed separately.
  • ⚠️When configuring for Claude Desktop, the path to the `pulseway-mcp-server` repository must be an absolute path, which is a common setup oversight.
Verified SafeView Analysis
The server follows good security practices by loading API credentials from environment variables and explicitly warning against committing them. It uses HTTPS for API communication and handles API errors gracefully without exposing raw secrets. No 'eval' or other directly malicious patterns were found. A minor potential concern is that `response.text` from API errors is included in the custom `APIError` details, which could theoretically contain sensitive information if the remote API leaks it, but this is standard practice for debugging.
Updated: 2025-12-03GitHub
0
0
Medium Cost
GSA-TTS icon
Sec8

Acts as a portfolio Multi-cloud Proxy (MCP) server, aggregating and exposing data from other specialized MCP servers like NIH Reporter and USA Spending via a single endpoint.

Setup Requirements

  • ⚠️Python 3.13+ required
Verified SafeView Analysis
No 'eval' or obvious obfuscation found. Hardcoded external MCP server URLs are dependencies, not secrets. The project explicitly outlines its GSA Vulnerability Disclosure Policy. The server acts as a proxy, forwarding requests; its overall security relies on the upstream MCP services it connects to, but the immediate code does not introduce new vulnerabilities. Uses 'random-route' in deployment config for better security.
Updated: 2026-01-06GitHub
0
0
High Cost
LZMW icon
Sec9

Enables a local AI to receive iterative guidance from a remote, superior AI for solving programming problems, fostering hierarchical AI collaboration.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires an API Key for external LLM providers (paid services like OpenAI, Zhipu, Anthropic, Gemini, or custom relays).
  • ⚠️Integration with Claude Code requires the `claude mcp` CLI tool.
  • ⚠️The 'custom' AI provider requires the `AURAI_BASE_URL` environment variable to be explicitly set.
Verified SafeView Analysis
The server uses `json.loads` to parse LLM responses and certain tool parameters (`context`, `files`, `project_info`). While the expected JSON schema is defined, a compromised or misconfigured LLM could potentially craft malicious JSON content. The server itself does not execute `action_items` or `code_changes` returned in the JSON; these are intended for the client (Claude Code) to interpret and act upon. The overall system security relies on the client's safe handling of these structured outputs.
Updated: 2026-01-19GitHub
0
0
Medium Cost
BROKENISTXD icon

ilspy-mcp-server

by BROKENISTXD

Sec7

Decompile and analyze .NET assemblies via a structured MCP server.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️ILSpy CLI (ilspycmd) must be installed and available in system PATH.
  • ⚠️Python dependencies (`mcp`, `pydantic`, `pefile`, `dnlib`) must be installed via `pip install -r requirements.txt`.
Review RequiredView Analysis
The server primarily executes `ilspycmd` on user-provided assembly files, which inherently carries risk when processing untrusted binaries. While `subprocess.run` is used with a list of arguments to mitigate direct shell injection, any vulnerability in `ilspycmd` itself could be exploited. Additionally, `pickle.load` is used for caching results, which poses a local deserialization risk if an attacker can manipulate the cache files on the filesystem. The server operates over stdio, avoiding direct network exposure, but a wrapper exposing it over a network would need its own security considerations. No hardcoded secrets were identified.
Updated: 2025-12-13GitHub
0
0
Medium Cost
iosxx icon
Sec1

A server component likely designed to interact with or serve resources within the Hugging Face ecosystem.

Review RequiredView Analysis
No source code was provided for analysis, making it impossible to perform a security audit. Critical security risks such as 'eval' usage, obfuscation, network vulnerabilities, or hardcoded secrets cannot be identified. Therefore, it is highly unsafe to run without reviewing the complete source code yourself.
Updated: 2025-11-28GitHub
0
0
Low Cost
nezzeur icon
Sec1

A simple Model Context Protocol (MCP) server that exposes a tool to send emails via SMTP and a resource for server information.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer.
  • ⚠️SMTP credentials (server, port, sender email, password) must be manually edited and hardcoded into the 'main.py' file.
  • ⚠️If using Gmail, requires a Google App Password (not your regular password) after enabling 2-Step Verification.
Review RequiredView Analysis
CRITICAL RISK: The repository includes a 'get-pip.py' file which is heavily truncated and contains large sections of base64 encoded, obfuscated code. This file is highly suspicious and its presence in a server's root directory with obfuscation is a severe security vulnerability, indicating potential for malicious code injection or unexpected behavior that cannot be easily audited. Additionally, SMTP credentials (SMTP_SERVER, SMTP_PORT, SENDER_EMAIL, SENDER_PASSWORD) are hardcoded directly into 'main.py' and the README instructs users to edit the file to configure them. This is a poor security practice, as sensitive information should be managed via environment variables to avoid exposure in source code and enable more secure deployment.
Updated: 2025-11-24GitHub
0
0
Medium Cost
joerawr icon

scaha.net-mcp

by joerawr

Sec8

Provides youth hockey data (schedules, standings, player stats) from scaha.net via web scraping for AI agents.

Setup Requirements

  • ⚠️Requires Chrome or Chromium browser installed locally.
  • ⚠️Tool calls involving browser automation (Puppeteer) can take 5-15 seconds.
  • ⚠️Specific parameter formats are required for seasons (e.g., '2025/26'), schedules (e.g., '14U B'), and exact team names.
  • ⚠️Historical player and team roster data retrieval is currently unavailable for some tools due to an explicit SCAHA website limitation.
Verified SafeView Analysis
The server uses Puppeteer for web scraping, which is generally safer than direct 'eval' but involves executing code in a browser context. No hardcoded secrets were found. The primary security consideration is if the server is exposed publicly without rate limiting, it could be misused for aggressive scraping against scaha.net. The 'npx -y' installation method skips user confirmation, a minor supply chain risk if the package source is compromised.
Updated: 2025-12-23GitHub
0
0
Low Cost
crypto-ninja icon

mcp-test-repo

by crypto-ninja

Sec10

A test repository for validating the repository management and pull request capabilities of a GitHub Multi-Cloud Platform (MCP) server.

Verified SafeView Analysis
The provided source code consists entirely of inert markdown files (README.md, TESTING.md, pr-test-file.md). These files themselves contain no executable code, network calls, or secret credentials, and therefore pose no direct security risks. The security assessment is strictly limited to the provided content. The actual GitHub MCP server that interacts with and manages these repositories would require a separate, in-depth security audit.
Updated: 2025-12-11GitHub
0
0
Medium Cost
collinsoik icon

nl2tcl-mcp

by collinsoik

Sec6

Exposes Yosys synthesis and Icarus Verilog simulation tools to Claude Code for FPGA design workflows.

Setup Requirements

  • ⚠️Requires `yosys` and `iverilog` (including `vvp`) to be installed system-wide as command-line tools.
  • ⚠️Requires Python 3.10+.
Review RequiredView Analysis
The server includes a TCL validator to block dangerous commands (`exec`, `file delete`, `source`, shell pipes, etc.) when executing Yosys TCL. However, it is susceptible to path traversal vulnerabilities: 1. **Arbitrary File Write:** The `yosys_synthesize` tool's `output_json` argument allows writing to arbitrary file paths if an absolute path or `../` sequence is provided, potentially overwriting system files. 2. **Information Disclosure:** The `list_designs` and `get_design_content` tools' `directory` and `name` arguments can be manipulated with absolute paths or `../` to list or read files outside the intended project directories. No hardcoded secrets or direct network listening are apparent (uses stdio transport).
Updated: 2025-12-12GitHub
0
0
Low Cost
razeone icon

mcp-weather

by razeone

Sec8

This server provides weather information, including alerts for US states and forecasts for specific coordinates, by interacting with an external weather API.

Setup Requirements

  • ⚠️Requires .NET SDK to build and run.
  • ⚠️Relies on external Weather.gov API, which may have usage policies or rate limits.
  • ⚠️Requires an active internet connection to fetch weather data.
Verified SafeView Analysis
The provided source code is limited to the README, which describes an architecture prioritizing input validation (via Value Objects like StateCode, Coordinates) and clear separation of concerns, generally contributing to a more secure system. No 'eval' or malicious patterns are visible. Interaction with an external 'WeatherGovService' implies network calls, which would require secure handling (e.g., TLS, input sanitization, error handling) in the actual implementation, but this is not verifiable from the provided text. Hardcoded secrets are not evident in the README.
Updated: 2025-12-01GitHub
0
0
Low Cost
kgatilin icon

go-mcp-template

by kgatilin

Sec9

A production-ready Go template for building Model Context Protocol (MCP) servers, designed to follow official best practices and support both MCP client integration and direct command-line tool execution.

Setup Requirements

  • ⚠️Requires Go 1.23 or higher.
  • ⚠️Mandatory cleanup of example tools, resources, and prompts, and updating registration functions after cloning or using the template.
  • ⚠️Requires renaming the Go module and updating imports throughout the codebase if used as a new project.
Verified SafeView Analysis
The template demonstrates and strongly enforces security best practices including comprehensive input validation and sanitization, proper error handling, context cancellation, and the use of environment variables for secrets. It explicitly warns against common pitfalls like hardcoding secrets or unsafe SQL string concatenation. For HTTP transport, it mandates TLS, authentication, and rate limiting. The `internal/resources/files.go` includes path cleaning. The score isn't 10 because a template relies on developer adherence to its guidelines for true security, but it provides an excellent foundation and strong guidance.
Updated: 2025-11-19GitHub
0
0
Medium Cost
denkaryo icon

cf-rawg

by denkaryo

Sec8

An AI agent for analyzing video game data using the RAWG API, deployed on Cloudflare Workers.

Setup Requirements

  • ⚠️Requires RAWG API key (Paid/Free, depending on usage limits)
  • ⚠️Requires OpenAI API Key OR Anthropic API Key (Paid, depending on LLM_PROVIDER)
  • ⚠️Requires Node.js 20+ and pnpm 10+
  • ⚠️Cloudflare Workers CPU time limit of 30 seconds requires a paid Cloudflare plan for optimal performance.
Verified SafeView Analysis
The server uses QuickJS in a sandboxed environment for `execute_calculation`, with a validator that actively checks for dangerous patterns like `eval`, `new Function()`, `process`, and network access (`fetch`). This significantly mitigates risks associated with arbitrary code execution. Client-side evaluation in the UI's 'Evaluation Panel' uses `new Function()`, but this is confined to the user's browser for debug purposes and does not pose a server-side vulnerability. All sensitive API keys are correctly managed via environment variables.
Updated: 2025-11-28GitHub
PreviousPage 354 of 713Next