Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
RookieKiwi icon
Sec9

Enables AI assistants to convert, compress, archive, share, and import files across over 100 formats using the ConvertEverything.io API.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher to run.
  • ⚠️Requires a ConvertEverything.io API key (a free tier is available, but higher usage tiers are paid).
  • ⚠️Local file operations require the server to have appropriate filesystem access permissions.
Verified SafeView Analysis
The server employs robust security measures, including explicit input validation using Zod schemas, path sanitization, and checks for null bytes and directory traversal ('..') to prevent malicious file access. It explicitly states it uses the public API and does not expose internal endpoints or secrets. API keys are loaded from environment variables or CLI arguments, not hardcoded. Large file uploads are handled with chunking for reliability and memory efficiency. All API communication uses HTTPS. While interacting with local files always carries some inherent risk, the implementation demonstrates strong mitigation strategies.
Updated: 2025-12-18GitHub
0
0
Low Cost
santhoshnvv icon

mcp-server

by santhoshnvv

Sec1

To provide a custom server implementation, likely for the Minecraft game protocol, allowing for tailored gameplay or administration.

Review RequiredView Analysis
No source code was provided for analysis beyond the `README.md` file. Therefore, it is impossible to assess specific security risks like 'eval' usage, obfuscation, network vulnerabilities, hardcoded secrets, or malicious patterns. Without code to audit, the safety of running this server cannot be guaranteed.
Updated: 2025-11-30GitHub
0
0
Medium Cost
gjoeckel icon

my-mcp-servers

by gjoeckel

Sec3

Automate predefined development workflows with autonomous approval for AI agents within an IDE.

Setup Requirements

  • ⚠️Requires Node.js runtime (>=18.0.0).
  • ⚠️Relies on a `.cursor/workflows.json` file for workflow definitions, which must be manually created and maintained. This file is critical for security.
  • ⚠️Commands defined in `workflows.json` are executed with `child_process.exec`, meaning they run with the permissions of the user running the IDE. Be extremely cautious with workflow definitions.
Review RequiredView Analysis
The server's core function is to execute arbitrary shell commands defined in local workflow files (`.cursor/workflows.json`), with an option for autonomous approval. While workflows are intended to be 'explicit' and 'version-controlled', the `child_process.exec` function is used without an internal allow-list or strict command sanitization for workflow commands. If another tool (e.g., a filesystem tool with write access) or a malicious actor can modify the `workflows.json` file, it can lead to arbitrary code execution and full system compromise, especially with `auto_approve: true` workflows. This constitutes a high-risk vulnerability for arbitrary code execution if the workflow definitions are not absolutely trusted and immutable.
Updated: 2025-11-26GitHub
0
0
High Cost
EodHistoricalData icon

EODHD-MCP-Server

by EodHistoricalData

Sec8

Provides AI agents with tool-based access to EOD Historical Data (EODHD) financial market APIs.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires a valid EODHD API key, which must be obtained and configured via environment variable (EODHD_API_KEY) or command-line argument (--apikey).
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop, ChatGPT with Connectors) for interaction, or a custom MCP client.
Verified SafeView Analysis
The server acts as a proxy, handling API keys via environment variables or CLI arguments, which is good practice. It does not appear to hardcode sensitive secrets or use dangerous functions like 'eval'. Input validation is present in tool functions. Potential risks are primarily related to upstream API vulnerabilities or insecure deployment (e.g., exposing it publicly without proper access controls), which are outside the scope of the provided code's direct control. The `make_request` function appends the API key to every request URL, which is correct for authentication.
Updated: 2025-12-13GitHub
0
0
Low Cost
oliviersorine icon
Sec9

This server exposes simple arithmetic and greeting tools over standard I/O, designed to be integrated with agents or other systems communicating via a Modular Communication Protocol (MCP).

Setup Requirements

  • ⚠️Requires Docker for easy setup via `docker-compose`.
  • ⚠️Requires the `mcp` Python library to be installed if not using Docker.
Verified SafeView Analysis
The server primarily uses standard I/O for communication, significantly limiting network attack surface. It does not use `eval`, `exec`, or other dynamic code execution methods. No hardcoded secrets or sensitive information were found. Input validation relies on the `inputSchema` definitions, implying the client adheres to these, and the server's internal logic for operations like 'add' and 'multiply' directly uses the provided arguments without explicit type re-validation beyond basic access, but for simple numeric/string operations, this poses a low risk.
Updated: 2025-11-30GitHub
0
0
Medium Cost
SidneyBissoli icon

ibge-br-mcp

by SidneyBissoli

Sec9

Provides AI assistants access to public IBGE (Brazilian Institute of Geography and Statistics) APIs to query geographic, demographic, and statistical data from Brazil.

Verified SafeView Analysis
The server's source code appears to be well-structured and does not contain obvious malicious patterns or hardcoded sensitive credentials. It uses public APIs from IBGE and the Central Bank of Brazil. Network requests are handled with a retry mechanism and caching. Input validation is implemented using Zod and custom helpers. There are no direct uses of 'eval' or similar dangerous functions. The primary security consideration would be the trustworthiness and availability of the external APIs it consumes.
Updated: 2026-01-18GitHub
0
0
Low Cost
indranilokg icon
Sec8

A standalone, production-ready MCP (Model Context Protocol) server for secure employee data access, validating requests with Okta tokens.

Setup Requirements

  • ⚠️Requires an Okta tenant with a configured authorization server.
  • ⚠️Manual editing of the `.env` file is mandatory to set Okta configuration before the server can start.
  • ⚠️Python 3.9+ is required.
Verified SafeView Analysis
The server implements robust Okta token validation (signature, expiration, issuer, audience, scopes) via OAuth 2.0 discovery. However, the default CORS `allow_origins=["*"]` is too permissive for production and should be configured. Audience and required scope validation can be optionally disabled by omitting `OKTA_AUDIENCE` and `OKTA_REQUIRED_SCOPES`, which relies on correct deployment configuration. The `stdio_transport` intentionally bypasses Okta validation as it's for local subprocess communication, which is acceptable but critical to not expose over a network.
Updated: 2026-01-13GitHub
0
0
Medium Cost
BeduSec icon

gptbot

by BeduSec

Sec7

A secure server for ChatGPT to interact with ethical bug-bounty tools in a controlled Kali Linux environment.

Setup Requirements

  • ⚠️Docker required
  • ⚠️Kali Linux or Debian-based environment assumed for apt-get and tool availability
Verified SafeView Analysis
The server uses `subprocess.run` with lists of arguments for both `/run_tool` and `/install_tool`, which mitigates direct shell command injection vulnerabilities. Tool names for `/run_tool` are whitelisted. However, the server provides direct access to powerful bug-bounty tools (`nmap`, `sqlmap`, etc.) with user-provided arguments. While `subprocess.run` prevents shell injection for the command execution, these tools themselves can be used for malicious purposes (e.g., unauthorized scanning, resource exhaustion) if the AI or external caller is not properly constrained and monitored. The 'explicit user approval' mentioned in the README is assumed to be handled by the client application interacting with this server, not enforced by the server's code. The `/install_tool` endpoint allows installation of arbitrary APT packages, which could potentially be abused for denial-of-service by installing very large packages if not rate-limited or monitored.
Updated: 2025-12-14GitHub
0
0
Low Cost
nikhildx icon

umcp

by nikhildx

Sec9

Securely enables AI assistants and automation tools to administer Ubuntu Linux systems through authenticated and whitelisted operations.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Primarily designed for Ubuntu Linux systems; many tools (`apt`, `systemctl`) are OS-specific.
  • ⚠️Full functionality for system administration tasks (e.g., package installation, service control, file ownership changes) will likely require the server to run with elevated privileges (e.g., `sudo`) or configured `sudoers` entries for the user running the server.
Verified SafeView Analysis
The project demonstrates a strong "security first" approach. It employs multi-layered security including API key/JWT authentication, Role-Based Access Control (RBAC), extensive command, path, user, git repository, APT package, and systemd service whitelisting, and comprehensive audit logging. Command execution primarily uses `asyncio.create_subprocess_exec` with list arguments, which is safer than shell execution. A `execute_shell` method exists but is explicitly warned against for untrusted input. There are no apparent hardcoded critical secrets in the provided truncated code (example API keys are in a `.example` file, and JWT secret is expected from environment variables). Rate limiting and TLS are configurable features. Robust input validation and sanitization are implemented to prevent command injection and path traversal.
Updated: 2025-12-06GitHub
0
0
High Cost
tyson-swetnam icon

envirofacts-mcp

by tyson-swetnam

Sec8

This server provides a Model Context Protocol (MCP) interface to query the EPA Envirofacts Data Service API for environmental data.

Setup Requirements

  • ⚠️Requires Python 3.8 or higher.
  • ⚠️Requires manual installation of dependencies via `pip install -r requirements.txt` within a Python virtual environment.
  • ⚠️Requires absolute paths to be configured in `mcp_config.json` or Claude Desktop/CLI settings for the Python executable and working directory.
Verified SafeView Analysis
The server uses `httpx` for external API calls and `pydantic-settings` for configuration, which are good practices. It communicates via stdio, limiting network attack surface. The URL construction in `query_builder.py` directly appends user-provided filter values to the URL path. While the EPA API might sanitize these, this pattern could potentially allow for manipulation of the API request path or injection of unintended query parameters if the user input contains path delimiters (e.g., '/') and the EPA API does not rigorously validate or sanitize its path segments. Given it's a public EPA API with no authentication, the impact is primarily limited to making unintended API calls rather than direct server compromise.
Updated: 2025-12-06GitHub
0
0
Low Cost
McGovs icon
Sec9

Provides a Model Context Protocol (MCP) server for querying Google Analytics 4 (GA4) data with user-specific OAuth, and manages user tokens and BigQuery dataset associations.

Setup Requirements

  • ⚠️Requires a PostgreSQL database with connection string provided via DATABASE_URL.
  • ⚠️Requires Google OAuth 2.0 Client ID and Secret (GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET) for a Google Cloud Project with the Analytics Data API and Analytics Admin API enabled.
  • ⚠️Requires a Google Cloud Project ID (GOOGLE_CLOUD_PROJECT_ID) and service account credentials (GOOGLE_APPLICATION_CREDENTIALS_JSON) with BigQuery permissions for BigQuery dataset listings.
Verified SafeView Analysis
All sensitive credentials (Google API keys, database URL, server API key, BigQuery credentials) are correctly handled via environment variables. An API key authentication middleware protects core endpoints. OAuth tokens are stored in a database and auto-refreshed. Audit logging is implemented for key actions. No direct 'eval' or malicious patterns found. The default CORS configuration is wide open, but the API key authentication provides a primary layer of security for the actual data endpoints.
Updated: 2025-11-29GitHub
0
0
High Cost
shireeshthota icon

Movies

by shireeshthota

Sec9

Provides a robust, programmatic API for accessing and querying a movie dataset (profile, lookup by ID, search by criteria) via the Model Context Protocol (MCP), primarily designed to serve AI agents.

Setup Requirements

  • ⚠️Requires `ANTHROPIC_API_KEY` environment variable for LLM agent clients (Anthropic is a paid service).
  • ⚠️Relies on the `movies_Dataset.csv` file being present in the same directory as `movies_mcp.py`.
  • ⚠️Requires installation of `mcp`, `anthropic`, and `python-dotenv` Python packages.
Verified SafeView Analysis
The MCP server component (`movies_mcp.py`) itself avoids direct `eval` or external process execution based on arbitrary user input. It operates via `stdin/stdout` for communication, minimizing network attack surface. Data is loaded from a local CSV file, implying trust in the source data. Security considerations would primarily be with the client agents' LLM interactions and how they handle potentially malicious output, rather than the server itself.
Updated: 2026-01-19GitHub
PreviousPage 358 of 713Next