Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
Umair-Siddique icon

SimplyBook-Mcp-Server

by Umair-Siddique

Sec8

The SimplyBook-Mcp-Server acts as a FastMCP server to provide a structured interface for interacting with the SimplyBook.me REST API, facilitating booking and service management.

Setup Requirements

  • ⚠️Requires Docker Desktop for the recommended deployment method using Docker Compose.
  • ⚠️SimplyBook.me credentials (`SIMPLYBOOK_COMPANY`, `SIMPLYBOOK_LOGIN`, `SIMPLYBOOK_PASSWORD`) are mandatory environment variables.
  • ⚠️Ngrok must be installed and authenticated if public access is desired, noting free-tier limitations like changing URLs and session timeouts.
  • ⚠️Requires Python 3.11+ for local execution.
Verified SafeView Analysis
The server handles SimplyBook.me API credentials via environment variables. The obtained X-Token is stored in a temporary file (cleared after 1 hour), which is a minor risk but mitigated by short expiry. Sensitive data is sanitized in logs before writing. No direct 'eval' or obfuscation is present. Public exposure via Ngrok is possible, and documentation explicitly warns about associated security risks, indicating awareness but placing responsibility on the user for secure deployment.
Updated: 2026-01-16GitHub
0
0
Medium Cost
dimmark2 icon

mcp-server

by dimmark2

Sec2

Provides an AI agent with tools to query and explore a Postgres database schema (specifically 'df365') via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a running PostgreSQL database instance.
  • ⚠️Database connection details (host, port, user, password, database) are primarily configured via environment variables, but insecure hardcoded defaults exist.
  • ⚠️Relies on the `@modelcontextprotocol/sdk` for client-server communication.
Review RequiredView Analysis
CRITICAL: The server has a hardcoded default PostgreSQL password ('qDJqEEbhMrQThzXAKRgtIFzFVKsHSaio') which is a severe security vulnerability. CRITICAL: The `sample_rows` and `describe_table` tools are vulnerable to SQL injection as they construct SQL queries by directly concatenating user-provided `schema` and `table` names without proper sanitization or parameterization for identifiers. The `run_select` tool attempts to prevent data modification and arbitrary SQL execution via a blacklist, but this approach is less secure than whitelisting or using parameterized queries for dynamic identifiers, and does not cover the other vulnerable tools.
Updated: 2025-12-06GitHub
0
0
Medium Cost
kickflow icon
Sec9

This MCP server allows AI agents to interact with the kickflow API for workflow automation and data management.

Setup Requirements

  • ⚠️Requires Node.js v22.18.0 or higher.
  • ⚠️Requires a Kickflow Access Token (KICKFLOW_ACCESS_TOKEN) to be set as an environment variable or passed as a command-line argument.
Verified SafeView Analysis
The server retrieves the Kickflow access token from environment variables or command-line arguments, avoiding hardcoding of sensitive credentials. It uses Zod for input validation on API parameters, enhancing robustness against malformed requests. API interactions are handled via a well-established Axios library. File uploads from base64 strings are processed carefully, minimizing direct execution risks.
Updated: 2026-01-19GitHub
0
0
Low Cost
zkangHUST icon

mcp_calc

by zkangHUST

Sec8

This server demonstrates a ChatGPT Widget for a calculator application, integrating custom UI components with the OpenAI Apps SDK and Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires manual configuration in the ChatGPT client (protocol, URL, name) after server startup.
  • ⚠️Dependencies `fastmcp` and `pydantic` must be installed via pip.
  • ⚠️The server is designed for local demonstration; deploying publicly with `allow_origins=["*"]` would require careful security review.
Verified SafeView Analysis
The server uses `starlette.middleware.cors.CORSMiddleware` with `allow_origins=["*"]`, which permits requests from any origin. While common for local development and demos, this is a significant security risk for a publicly accessible server as it disables standard browser same-origin policy protections. However, for a local MCP server interacting with a ChatGPT client, this setup is typical and less of a direct risk. The tool itself is marked as non-destructive and read-only, reducing the impact of any potential misuse. No `eval` or obvious malicious patterns were found. It's safe to run locally.
Updated: 2025-11-24GitHub
0
0
Medium Cost
madnessqw icon
Sec5

Integrates 58+ MCP servers with n8n for advanced workflow automation.

Setup Requirements

  • ⚠️Requires a running n8n instance
  • ⚠️Requires access/credentials to one or more MCP servers
Review RequiredView Analysis
No source code provided for analysis beyond the README.md file. Cannot perform a comprehensive security audit for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. Score reflects unassessed risk rather than confirmed safety or danger.
Updated: 2025-11-29GitHub
0
0
High Cost
pravinmenghani1 icon
Sec1

This server provides a cross-platform backend for a personal agent, likely handling agent logic and communication across different operating environments.

Review RequiredView Analysis
Source code was explicitly indicated as 'Truncated' and only the README.md content was provided for analysis. Without access to the actual server's implementation code, a comprehensive security audit is impossible. Cannot check for 'eval', obfuscation, hardcoded secrets, network vulnerabilities, or malicious patterns. Therefore, it cannot be considered safe to run without further inspection of its full codebase.
Updated: 2025-12-13GitHub
0
0
Low Cost
jarrett-au icon

cc-devkit

by jarrett-au

Sec7

Configuration synchronization tool for Vibe IDEs (Claude Code), allowing users to sync commands, skills, and MCP configurations from a Git repository or local folder into their development environment.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️If syncing from a remote repository via `--from`, Git must be installed on the system.
  • ⚠️The source configuration repository must strictly adhere to a specific structure (e.g., `commands/`, `skills/`, `mcp.json`, and `README.md` must be present at the root).
Verified SafeView Analysis
The tool's core function involves synchronizing configurations, including potentially executable commands defined in `mcp.json`, from external sources (local directories or remote Git repositories). The `child_process.execSync` call for `git clone` with a user-provided repository URL is a potential vector for supply chain attacks if the user points to an untrusted or malicious repository. While the tool itself does not contain explicit vulnerabilities like `eval` or obfuscation, its utility in deploying arbitrary configurations from external sources means users must exercise caution and only sync from trusted sources to prevent injecting malicious scripts or settings into their IDE.
Updated: 2026-01-19GitHub
0
0
Medium Cost
cfdude icon

mcp-finnhub

by cfdude

Sec9

Accessing and analyzing Finnhub financial market data for stocks, crypto, and forex, including technical analysis, fundamentals, and news sentiment.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires a Finnhub API key (free tier available with limitations, paid tiers offer higher rate limits).
  • ⚠️Requires `FINNHUB_STORAGE_DIR` environment variable to be set for data storage.
Verified SafeView Analysis
The server implements robust path validation in `PathResolver` to prevent directory traversal attacks for file storage. API keys are loaded from environment variables (`FINNHUB_API_KEY`), not hardcoded. Standard library `json` parsing is used, with no obvious `eval` or arbitrary code execution risks. Network communication uses `httpx` with built-in retry and rate limiting. The overall design prioritizes security for file operations and secret management.
Updated: 2025-12-11GitHub
0
0
Low Cost
gavinz0228 icon

mcp-proxy

by gavinz0228

Sec3

Acts as a proxy for managing and fetching data from multiple MCP servers, likely used in a gaming or service orchestration context.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for setup.
  • ⚠️Relies on external `uvx` command and `mcp-server-fetch` utility to be available in the container or host environment for fetching server data.
  • ⚠️Uses `network_mode: host`, which requires careful consideration of host network security and may conflict with other services.
Review RequiredView Analysis
The use of `network_mode: host` in the Docker configuration is a critical security risk, as it bypasses Docker's network isolation and exposes the container directly to the host's network, potentially allowing access to other host services. Additionally, the proxy is configured to execute external commands (`uvx mcp-server-fetch`) based on its configuration, which introduces a potential attack surface if the configuration or the `uvx` utility can be compromised or manipulated.
Updated: 2025-11-27GitHub
0
0
High Cost
git-sharwaree icon

Sonique

by git-sharwaree

Sec9

An AI-powered audio toolkit for transcription, summarization, sentiment, speaker, and topic analysis of spoken content, with an interactive UI and MCP server support for agent integration.

Setup Requirements

  • ⚠️Requires AssemblyAI API Key (Paid Service)
  • ⚠️Local audio files must be accessible by the server or provided via URL
  • ⚠️Python 3.8+ recommended for modern dependencies
Verified SafeView Analysis
The application handles `ASSEMBLYAI_API_KEY` securely via environment variables. It relies on the AssemblyAI SDK for audio processing, which is expected to handle external `audio_location` URLs responsibly. No 'eval' or obfuscation patterns were found in the provided code. Potential network risks related to `audio_location` being a URL are mitigated by the use of a dedicated SDK rather than raw network calls, making Server-Side Request Forgery (SSRF) less likely in a controlled MCP environment where tool inputs are managed by an AI agent.
Updated: 2026-01-17GitHub
0
0
Medium Cost
noctivagous icon

todotracker

by noctivagous

Sec8

AI-powered todo management system for software development projects, integrating with agentic code editors via Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️MCP client integration (e.g., Cursor IDE, Claude Desktop) requires manual JSON configuration with absolute paths to the TodoTracker installation, which can be error-prone for new users.
  • ⚠️When run directly without explicit project context, it defaults to a 'development/testing database' (`./data/project.db`) instead of a project-specific database, which can be confusing if not understood.
Verified SafeView Analysis
The system is designed for local, single-user operation with no built-in authentication, relying on local system security. It utilizes `subprocess.run` to execute internal shell scripts (`setup-project-todos.sh`, `launch_todotracker_webserver.sh`) provided within the repository. These scripts receive controlled arguments, which mitigates the risk of arbitrary command injection. The web UI's Markdown rendering uses `marked.parse` with `DOMPurify.sanitize` (if available) to prevent XSS, falling back to safe text content rendering if `DOMPurify` is absent. File attachments are stored on the local filesystem with unique, sanitized filenames, including a basic path traversal defense in `_safe_filename`. Overall, it is considered safe for its intended local execution environment.
Updated: 2026-01-19GitHub
0
0
Low Cost
joydeep2024 icon

mcp-gateway

by joydeep2024

Sec6

A simple HTTP proxy designed for monitoring and debugging requests and responses flowing between an MCP client and an MCP server.

Setup Requirements

  • ⚠️Requires Flask, requests, and python-dotenv Python modules to be installed.
  • ⚠️An existing MCP server must be running and its URL configured in a .env file as TARGET_BASE.
Verified SafeView Analysis
The proxy logs all incoming requests and outgoing responses (including bodies) to standard output, which can expose sensitive data if not run in a controlled, secure environment. It acts as a man-in-the-middle, but does not add any inherent security features like input validation or sanitization for forwarded content, relying on the target server for security. It is explicitly designed for debugging and not for production use with sensitive data or untrusted clients.
Updated: 2025-11-22GitHub
PreviousPage 369 of 713Next