Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
security-tools-monkey icon

cebus-mcp-scanner

by security-tools-monkey

Sec9

A Python CLI tool for static and config-based security scanning of MCP (Model Context Protocol) servers and tools, highlighting risky patterns for local or multi-tenant deployments.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires PyYAML for loading YAML configuration files.
Verified SafeView Analysis
The project is a static security scanner designed to analyze source code without executing it. It utilizes standard and safe parsing libraries (Python's `ast` module, `json`, `yaml.safe_load`, `tomllib`) and explicitly handles parsing errors, creating minimal ASTs for malformed files. There are no direct usages of dangerous functions like `eval()` or arbitrary command execution within the scanner's own logic. While it identifies potentially dangerous patterns (e.g., shell execution, dynamic HTTP calls, file access) in the *scanned project's code*, it does not itself exhibit these behaviors. The tool's design prioritizes safety for integration into CI/CD pipelines.
Updated: 2025-11-26GitHub
0
0
High Cost
ambadasjagtap2021 icon

api-mcp-server

by ambadasjagtap2021

Sec8

Provides a Model Context Protocol (MCP) server for mLogica's Star*M database modernization service, offering schema analysis, SQL conversion, and migration estimation.

Setup Requirements

  • ⚠️Requires MLOGICA_API_KEY, which may require signing up for a free or paid tier on the mLogica Star*M website.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Needs to be configured as an MCP server within a compatible MCP client (e.g., Claude Desktop).
Verified SafeView Analysis
The provided source code consists primarily of configuration files (package.json, tsconfig.json, etc.) and a README. No application logic (.ts/.js files) were available for a comprehensive security audit. Sensitive API keys (MLOGICA_API_KEY) are configured to be passed via environment variables, which is a good practice. No explicit 'eval' or other directly malicious patterns are visible in the provided configuration. The overall security depends heavily on the implementation of the core `index.js` file, which was not provided.
Updated: 2025-11-21GitHub
0
0
Low Cost
stanleyncu icon
Sec1

Provides a server endpoint for scikit-learn models or functionalities.

Review RequiredView Analysis
No actual source code was provided for audit beyond the README.md file. Therefore, a comprehensive security analysis for 'eval', hardcoded secrets, network risks, or malicious patterns is not possible. A score of 1 is given due to the inability to verify safety.
Updated: 2025-11-24GitHub
0
0
Low Cost
fortaine icon
Sec8

Enables AI assistants like GitHub Copilot and Claude to interact with GitLab for managing issues, merge requests, and comments.

Setup Requirements

  • ⚠️Requires a GitLab Personal Access Token (PAT) with `api` scope or manual SSO login setup via Playwright.
  • ⚠️Requires Node.js version 18.0.0 or higher.
Verified SafeView Analysis
The provided analysis is based solely on the `package.json` and `README.md`. No malicious patterns like `eval` or obfuscation were found in the provided snippets. Authentication methods leverage standard GitLab Personal Access Tokens or SSO via Playwright cookies, which are common and generally secure. A full security audit of the complete source code (`.mjs` files) was not possible due to truncated input, which could reveal deeper vulnerabilities in API interaction or data handling.
Updated: 2026-01-19GitHub
0
0
Medium Cost
jmalicki icon
Sec8

AI-assisted tools for automated GitHub Pull Request management, including CI failure analysis, comment resolution, and stacked PR workflow optimization.

Setup Requirements

  • ⚠️Requires GITHUB_TOKEN environment variable with 'repo' (full control of private repositories) and 'read:org' (read organization membership) scopes.
  • ⚠️Requires Node.js v20 or higher.
  • ⚠️Requires Git CLI installed and available in PATH for local operations, especially for tools generating git commands (e.g., 'manage_stacked_prs').
Verified SafeView Analysis
The server generates shell command templates for AI agents (e.g., `gh pr comment ...`) which include placeholders like `YOUR_RESPONSE_HERE`. While the server sanitizes some inputs, the ultimate safety of executing these commands depends on the consuming AI agent's ability to sanitize the content it inserts into these templates. Internal build and release scripts use `child_process.execSync` for controlled Git operations. `GITHUB_TOKEN` is read from environment variables, not hardcoded. No direct use of `eval` or obvious malicious patterns detected.
Updated: 2025-12-02GitHub
0
0
Low Cost
semenovsd icon
Sec6

Docker MCP Orchestrator acts as a proxy/gateway between an AI client (Cursor) and multiple MCP servers, providing tools for server management, configuration, and prompt handling.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose to be installed.
  • ⚠️Requires Docker Desktop with MCP Toolkit installed.
  • ⚠️Requires MCP servers to be pre-added to the Docker MCP Catalog.
  • ⚠️The 'Connection Pool' mechanism for connecting to launched MCP servers is noted as 'requiring implementation', implying core proxy functionality might be incomplete or a placeholder.
Review RequiredView Analysis
The server requires mounting the Docker socket (`/var/run/docker.sock`) into its container, granting it root-level access to the Docker daemon. This is a critical security implication, as a compromise of the Orchestrator container would lead to a full compromise of the Docker host. While the internal code uses safer `subprocess.create_subprocess_exec` for CLI calls and JSON serialization for arguments (mitigating basic shell injection), the high privilege level itself is a significant risk. The README explicitly notes that the `Connection Pool` mechanism for connecting to launched MCP servers 'requires implementation', which represents a known functional and potential security gap in the proxy layer's secure communication with managed MCP servers.
Updated: 2025-12-04GitHub
0
0
Low Cost
smorand icon

clipboard-mcp

by smorand

Sec9

Provides cross-platform clipboard operations as an MCP server for AI agents.

Setup Requirements

  • ⚠️On Linux, requires `xclip` or `xsel` to be installed.
  • ⚠️Designed to be integrated as an MCP server for AI agents (e.g., Claude Code), not a standalone user application.
  • ⚠️Building from source requires Go 1.21+.
Verified SafeView Analysis
The source code appears robust against common injection attacks by using `golang.design/x/clipboard`, which interacts with underlying system clipboard utilities (like `xclip` on Linux) by piping data to standard input rather than passing it as command-line arguments. No `eval` or dynamic code execution is observed. The project does not contain hardcoded secrets, obfuscation, or direct network risks beyond its standard I/O communication as an MCP server.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Legitate icon
Sec4

This server provides tools for managing employee records (list, add, update, delete) and integrates Google OAuth for authentication, making its functionalities accessible via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires a separate 'external_api.js' server to be running (typically on port 5007) for employee data persistence.
  • ⚠️Requires Google Cloud Console setup for OAuth credentials (GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET) and a specific GOOGLE_REDIRECT_URI (http://localhost:8080/callback).
  • ⚠️Requires Node.js version 18 or higher.
Review RequiredView Analysis
The server logs sensitive Google OAuth tokens (credentials) to `/tmp/debug_mcp.log`. Any local attacker with read access to `/tmp` could compromise user accounts. Sensitive data like `tokens.json` (OAuth tokens) and `employees.json` are stored in plain text in the project root; their security relies heavily on host system file permissions. While input to employee management tools is validated with Zod, the critical flaw of logging tokens makes it unsafe to run as-is without modification.
Updated: 2025-12-11GitHub
0
0
Medium Cost
Glover69 icon
Sec8

Enables AI assistants to browse products, retrieve details, and facilitate purchases from Mpampa Cereals through a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Bun runtime installed.
  • ⚠️Recommended for use with Claude Desktop (as per README).
  • ⚠️Relies on an external backend API specified by API_BASE_URL.
Verified SafeView Analysis
The server uses environment variables for sensitive configurations like API_BASE_URL and SPLIT_CODE_PROD, which is good practice. The payment flow incorporates a two-step process with Paystack's Charge API and OTP verification, enhancing transaction security. The system correctly initiates payment *before* allowing the order to be completed, preventing AI manipulation of amounts post-charge. CORS is broadly enabled ('*'), which is typical for an MCP endpoint designed for diverse AI client integrations but could be a concern for direct browser access if sensitive operations lack proper authorization. Security heavily relies on the external backend API (`API_BASE_URL`) and Paystack's inherent security measures, which are outside the scope of this audit.
Updated: 2026-01-05GitHub
0
0
Low Cost
fastbs icon
Sec8

Provides a programmatic interface for managing Nextcloud Deck kanban boards via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires an existing Nextcloud instance with the Deck app installed and accessible.
  • ⚠️Requires NEXTCLOUD_URL, NEXTCLOUD_USERNAME, and NEXTCLOUD_PASSWORD environment variables to be explicitly set.
  • ⚠️Node.js (version >=18.0.0) is required, along with running `npm install` and `npm run build` before starting the server.
Verified SafeView Analysis
The server uses environment variables for Nextcloud credentials, which is good practice. Basic authentication is used for Nextcloud API calls; while the example configuration strongly implies HTTPS for NEXTCLOUD_URL, misconfiguration to HTTP would expose credentials in plaintext. Input validation for tool arguments is performed using Zod schemas, mitigating some injection risks. No 'eval', obfuscation, or obvious malicious patterns were found. The primary external security risk relies on the security of the connected Nextcloud instance and its API.
Updated: 2026-01-13GitHub
0
0
Low Cost
LinhDangOpti icon

mcpserver

by LinhDangOpti

Sec8

Integrate Azure DevOps work item queries with GitHub Copilot Chat through a local Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires an Azure DevOps Personal Access Token (PAT) with 'Work Items (Read)' scope.
  • ⚠️Initial and periodic data refresh via `npm run refresh` is mandatory to populate the local cache.
  • ⚠️Requires specific VS Code `settings.json` configuration for MCP server integration with GitHub Copilot Chat.
Verified SafeView Analysis
The server uses Personal Access Tokens (PATs) for Azure DevOps, which are powerful. The documentation correctly advises using 'Work Items (Read)' scope and storing the token in a `.env` file, not hardcoded. Data is cached locally, minimizing direct external API calls during routine queries. No obvious 'eval' or direct arbitrary command execution from user input is present. Communication with Copilot is via stdio, avoiding typical network port vulnerabilities for the MCP server itself.
Updated: 2025-11-19GitHub
0
0
High Cost
leonmariotto icon

kimcp

by leonmariotto

Sec8

A Micro-service Communication Protocol (MCP) server providing specialized tools for PCB design by interacting with a local KiCad instance.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️A running instance of KiCad must be present for the server to connect to via IPC.
  • ⚠️A client application configured to use the MCP protocol is needed to interact with the server.
Verified SafeView Analysis
The server is designed to interact with a local KiCad instance via Inter-Process Communication (IPC). While no 'eval', obvious hardcoded secrets, or malicious patterns were found in the provided code, exposing this server publicly without proper authentication and authorization would pose a significant security risk, as it allows direct manipulation of KiCad board files. It appears safe to run in a controlled, local development environment.
Updated: 2026-01-18GitHub
PreviousPage 359 of 713Next