Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
x51xxx icon
Sec8

Connects an MCP-compatible client (like Claude Code) to GitHub Copilot CLI for automated code analysis, review, refactoring, and brainstorming.

Setup Requirements

  • ⚠️Requires GitHub Copilot CLI (which necessitates a GitHub Copilot subscription - paid).
  • ⚠️Requires Node.js (v18.0.0 or higher).
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop, Claude Code).
Verified SafeView Analysis
The server acts as a proxy to GitHub Copilot CLI, which itself can perform powerful operations like file modification and command execution. The MCP server explicitly exposes and documents security controls such as `allowAllTools`, `allowTool`, `denyTool`, `addDir`, and `allowAllPaths`, which are passed directly to the underlying Copilot CLI. While the server itself uses `cross-spawn` for command execution, it does so to invoke the sandboxed `copilot` CLI. There is no direct `eval` or arbitrary code execution within the MCP server's own logic. The overall security largely depends on how the user configures these tool permissions and directory access controls. Enabling `allowAllTools: true` and `allowAllPaths: true` without careful consideration can introduce significant risks.
Updated: 2025-12-02GitHub
0
0
Medium Cost
axel-rogg icon

mcp-server

by axel-rogg

Sec5

This project functions as a server application, designed to handle network requests and manage various operations, potentially related to a specific protocol or game.

Review RequiredView Analysis
Source code was not provided for analysis. Therefore, a thorough security audit is impossible. All security aspects, including potential for 'eval' usage, obfuscation, network risks, hardcoded secrets, or malicious patterns, remain unknown. The security score reflects this lack of verifiable information rather than an inherent flaw or confirmed safety.
Updated: 2025-11-30GitHub
0
0
Medium Cost
Stopera icon
Sec2

The SOLx402 MCP server enables AI assistants to interact with the x402 payment protocol on the Solana blockchain, facilitating service discovery, consumption, USDC payments, and access to Solana development resources.

Setup Requirements

  • ⚠️Requires a Base58-encoded Solana wallet private key for operations, which is critically exposed via URL query parameters.
  • ⚠️Requires a Solana RPC URL for network interactions.
  • ⚠️MCP client integrations require a minimum request timeout of 60,000ms (60 seconds) to prevent transaction failures.
Review RequiredView Analysis
CRITICAL RISK: The server accepts the Solana wallet's private key via URL query parameters, which is highly insecure. Private keys in URLs are vulnerable to logging, interception, and exposure in browser history and server logs. While 'x-secret: true' is present in configuration, the implementation allows direct transmission, negating this intention. Using a private key in this manner can lead to complete compromise of the associated Solana wallet funds. CORS is set to '*' which is broad but not inherently a risk for this specific issue.
Updated: 2025-11-25GitHub
0
0
High Cost
jgabor icon

finsliparn

by jgabor

Sec9

An iterative coding agent that refines LLM-generated code through test-driven validation and multi-attempt selection using Git worktrees.

Setup Requirements

  • ⚠️Requires Bun v1.3+ to be installed.
  • ⚠️Requires Git to be installed and the project to be a Git repository (uses Git worktrees).
  • ⚠️Operates by creating and managing Git worktrees and branches within the project directory.
Verified SafeView Analysis
The server primarily executes local `bun test` and `git` commands. Arguments for these commands are either fixed or constructed internally from session data (UUIDs, iteration numbers), significantly reducing the risk of command injection through user input. File system operations are generally constrained to the `.finsliparn` directory within the project root. No direct 'eval' or similar dangerous functions are observed. The core operation relies on trusted local tools. The security model largely depends on the trustworthiness of the code being iterated on and the environment it runs in. The use of Git worktrees provides isolation for iterations, preventing accidental corruption of the main branch during refinement. There is no indication of hardcoded secrets or arbitrary network exposure beyond the standard Model Context Protocol (MCP) IPC.
Updated: 2025-12-12GitHub
0
0
Low Cost
sbsdbs icon
Sec9

This server integrates the Star Wars API (SWAPI) into the Model Context Protocol (MCP) framework, enabling AI models like Claude Desktop and MCP Inspector to interact with Star Wars data as a tool or resource.

Setup Requirements

  • ⚠️Requires Node.js (v18+) and npm to be installed on the system.
  • ⚠️The `npm run build` command must be executed once to compile TypeScript to JavaScript before running the server.
  • ⚠️The Linux installation instructions provided in the README are incorrect and should not be followed; refer to the `package.json` scripts for proper setup.
Verified SafeView Analysis
The server uses `zod` for input schema validation, which helps prevent malformed inputs. No `eval` or `child_process` usage was found. The `BASE_URL` for SWAPI is hardcoded, but it is a public API and not a secret. Error handling is present for API calls. Dependencies are well-known and up-to-date. No obvious malicious patterns or hardcoded sensitive information were identified.
Updated: 2026-01-19GitHub
0
0
High Cost
cubismod icon

mbta-mcp

by cubismod

Sec8

An MCP (Model Context Protocol) server providing AI clients with real-time and historical access to Boston's public transit data (MBTA, Amtrak) and track predictions.

Setup Requirements

  • ⚠️Requires `uv` package manager for easiest installation and execution.
  • ⚠️Python 3.11 or newer is required.
  • ⚠️An `MBTA_API_KEY` is highly recommended for full features and higher rate limits (obtainable from api-v3.mbta.com).
  • ⚠️Relies on several external, non-MBTA APIs for certain features (e.g., IMT Track Prediction API, Boston Amtrak Tracker API), whose availability and performance are outside the control of this server.
Verified SafeView Analysis
The server uses `aiohttp` for network requests with proper async context management and includes retry logic (`tenacity`) for robustness. API keys are sourced from environment variables (`MBTA_API_KEY`), avoiding hardcoding. It integrates with external third-party APIs (IMT, Boston Amtrak Tracker) which introduces reliance on their security and availability, though this is a common pattern for data aggregation. No 'eval' or obvious malicious code patterns were found. Code quality tools like `ruff` and `mypy` are used, indicating a focus on maintainability and correctness which can indirectly enhance security.
Updated: 2026-01-19GitHub
0
0
Low Cost
ThomasJamesTaylorWork icon

agentic-ai-mastery-portfolio

by ThomasJamesTaylorWork

Sec1

The source code for this project was not provided, thus its intended use case cannot be identified.

Setup Requirements

  • ⚠️Source code not provided, cannot determine any specific setup requirements or friction points.
  • ⚠️Project is non-functional without code.
Review RequiredView Analysis
Source code was not provided for analysis. Therefore, a meaningful security audit cannot be performed, and no specific security risks, malicious patterns, or hardcoded secrets can be identified within the code itself. The score reflects the inability to assess.
Updated: 2025-12-02GitHub
0
0
Medium Cost
tapmodocrop icon

mcp

by tapmodocrop

Sec6

This repository provides complete sample code for deploying Python web applications and background processing tasks to various Google Cloud Platform services, including Kubernetes Engine, App Engine, and Compute Engine.

Setup Requirements

  • ⚠️Requires a Google Cloud Platform project with billing enabled and specific APIs (e.g., Datastore, Pub/Sub, Storage, Logging) enabled.
  • ⚠️Requires Google Cloud SDK and Docker installed locally for building container images and deploying to Kubernetes Engine.
  • ⚠️Configuration files (`config.py`) contain placeholder values for project IDs, bucket names, and various secrets/credentials that must be manually updated before deployment.
  • ⚠️Many samples are designed for Python 3.7 as indicated in `app.yaml` files and Cloud Functions deployment commands.
Verified SafeView Analysis
The sample applications, particularly `bookshelf/main.py` and `optional-kubernetes-engine/config.py`, use `'secret'` as the default Flask `SECRET_KEY`. This is a critical security vulnerability for production environments and *must* be changed. File uploads in the Bookshelf app use `secure_filename` and perform extension checks, which is a good practice. The repository demonstrates integration with Google Cloud services like Secret Manager (for CI/CD scripts), Stackdriver Logging, Error Reporting, and Identity-Aware Proxy (IAP) for authentication, which enhance security when properly configured.
Updated: 2025-12-21GitHub
0
0
Medium Cost
belgrano9 icon

renfe_mcp_server

by belgrano9

Sec9

Query Renfe (Spanish railway) train schedules and prices using official GTFS data and real-time web scraping via a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher
  • ⚠️Requires 'uv' or 'pip' for dependency management
  • ⚠️Initial run automatically downloads GTFS data (approx. 40MB extracted)
  • ⚠️API key authentication and rate limiting are enabled by default (configurable via .env)
Verified SafeView Analysis
The project demonstrates strong security awareness for network requests and file handling. It actively prevents SSRF attacks through URL whitelisting, HTTPS enforcement, response size limits, and restricted redirects. Zip Slip vulnerabilities during data updates are mitigated with safe extraction. Authentication and rate limiting are configurable via environment variables, and a security logger is in place to audit events with sensitive data redaction. The reliance on reverse-engineered DWR protocol for price scraping, while implemented carefully, introduces a minor inherent risk of breaking due to external changes.
Updated: 2025-11-24GitHub
0
0
Medium Cost
Sec8

Generate Office documents (Word, Excel, PowerPoint, PDF) using Carbone templates, convert formats, and analyze templates, integrating with MinIO and LibreOffice.

Setup Requirements

  • ⚠️Core document generation and conversion features (Phase 2) are currently pending implementation (the server returns placeholders for these operations).
  • ⚠️Requires Docker for production deployment, or Node.js 20+ and TypeScript build for local development.
  • ⚠️Requires a running MinIO or S3-compatible server for file storage (MinIO_ENDPOINT, MINIO_ACCESS_KEY, MINIO_SECRET_KEY).
Verified SafeView Analysis
The server processes documents and templates, which could be a vector for vulnerabilities (e.g., template injection, parsing exploits) if untrusted input is processed without strict sanitization. It interacts with external services (MinIO, Nextcloud via WebDAV). Generally safe for intended use with trusted inputs and a secure environment.
Updated: 2025-11-20GitHub
0
0
Medium Cost
manishgadhock-monotype icon

monotype-mcp

by manishgadhock-monotype

Sec8

The Monotype MCP Server integrates Monotype API for user and team management, acting as a plugin to extend the capabilities of AI chat agents.

Setup Requirements

  • ⚠️Requires a valid, encrypted Monotype authentication token (MONOTYPE_TOKEN env var).
  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Designed to be used as a plugin for an MCP-compatible client/agent, which needs separate setup.
Verified SafeView Analysis
The server uses `process.env.MONOTYPE_TOKEN` for API authentication, which is good practice. The decryption keys and IVs for `decryptCookie.js` and `decryptFontBridge.js` are hardcoded. While these appear to be integral to decrypting Monotype's proprietary token format rather than user-specific secrets, hardcoding cryptographic material is generally discouraged for broader security best practices. However, no `eval` or arbitrary code execution vulnerabilities were found. The tool invocation is restricted to predefined functions, limiting attack surface.
Updated: 2025-12-11GitHub
0
0
Medium Cost
ForestAdmin icon

mcp-server-airtable

by ForestAdmin

Sec9

Connects Dust.tt AI agents to Airtable bases, enabling natural language querying and analysis of Airtable data.

Setup Requirements

  • ⚠️Requires an Airtable Personal Access Token (PAT) with specific scopes (data.records:read, schema.bases:read) and base access.
  • ⚠️A unique MCP authentication token must be generated and set as an environment variable (`MCP_AUTH_TOKEN`).
  • ⚠️Requires Python 3.10 or higher.
Verified SafeView Analysis
The server has undergone significant security hardening, addressing critical vulnerabilities. It features Bearer token authentication on all MCP endpoints, robust input validation for Airtable IDs and field names, formula injection prevention through input sanitization, error message sanitization to prevent information disclosure, rate limiting (30 requests/minute per IP), comprehensive audit logging for all operations, and explicit confirmation for destructive operations (delete). Secrets are managed via environment variables and are not hardcoded in the repository. The implementation of these features makes the server highly secure for its intended use case.
Updated: 2025-12-02GitHub
PreviousPage 370 of 713Next