Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
jmcdice icon

jpilot-mcp

by jmcdice

Sec8

Provides an MCP server to allow AI agents to manage Jira projects and issues.

Setup Requirements

  • ⚠️Requires Python 3.11+.
  • ⚠️Requires a Jira Cloud account and API token.
  • ⚠️Manual editing of `.env` file is necessary after initial setup to configure Jira credentials.
  • ⚠️Requires an MCP client (e.g., Claude Desktop, Augment Code) to interact with the server.
Verified SafeView Analysis
Credentials are loaded from environment variables (.env file), which is a good practice. Interaction with Jira is primarily through the `jira-python` library, which should handle API communication securely. JQL queries are constructed using f-strings with quoted input, relying on the Jira API to prevent injection; however, robust input sanitization within the `jira-python` library is assumed. No direct `eval` or `os.system` calls were found. Custom field IDs for progress reports are hardcoded, but these are configuration values, not directly exploitable code patterns.
Updated: 2025-12-12GitHub
0
0
Medium Cost
LandonSchropp icon

mcp

by LandonSchropp

Sec7

This repository provides a personal toolkit for AI agents, containing skills and reusable documentation to streamline developer workflows within agent environments like Claude Code.

Setup Requirements

  • ⚠️Requires Bun runtime for TypeScript scripts.
  • ⚠️Primarily designed as a plugin/toolkit for AI agent environments (e.g., Claude Code), not a standalone application.
  • ⚠️The `WRITING_FORMAT` environment variable must be configured with a valid path to a markdown file for certain skills to function correctly.
Verified SafeView Analysis
The toolkit involves scripts that access local files, including potentially sensitive Claude Code conversation logs (`~/.claude/projects/`) for the 'identifying-skill-gaps' functionality. The 'writing-markdown' skill uses `cat "$WRITING_FORMAT"` to output content from an environment variable; if `WRITING_FORMAT` were maliciously configured (e.g., to a path pointing to an executable or a very large file), it could lead to arbitrary code execution or a Denial-of-Service. While the toolkit's design implies trust in the agent and user configuration, these points present potential risks outside of the core code's benign intent. No hardcoded secrets or direct 'eval' calls on unsanitized input were found.
Updated: 2026-01-18GitHub
0
0
Low Cost
jacekciszkowski-plum icon

mcp-servers

by jacekciszkowski-plum

Sec8

Provides comprehensive JSON validation, analysis, and manipulation capabilities for developers.

Setup Requirements

  • ⚠️Requires jsonschema library for schema validation (pip install jsonschema).
  • ⚠️Requires PyYAML library for YAML conversion (pip install pyyaml).
  • ⚠️Python 3.7+ is required.
  • ⚠️MCP settings file path (`mcp_settings.json`) must be absolute and use double backslashes on Windows.
Verified SafeView Analysis
The server primarily performs local file operations (reading JSON files) and string processing. No direct network calls are made by the server for its core functions. The main potential risk would be file path traversal if the `file_path` arguments supplied by the MCP client (e.g., Claude Code) are not adequately sanitized, allowing access to arbitrary files outside the intended scope. However, this is a client-side sanitation responsibility. No hardcoded secrets or direct code execution from user input ('eval') were found.
Updated: 2026-01-07GitHub
0
0
Medium Cost
Akungapaul icon

wp-media-mcp

by Akungapaul

Sec4

Manages WordPress media library programmatically through a Model Context Protocol (MCP) server, allowing AI agents to upload, retrieve, list, update, and delete media.

Setup Requirements

  • ⚠️Requires a running WordPress instance accessible via REST API.
  • ⚠️WordPress 'Application Passwords' must be configured for authentication.
  • ⚠️Requires Node.js runtime (version >=18 for @modelcontextprotocol/sdk dependency).
  • ⚠️WP-CLI must be installed and configured on the WordPress server (or remotely via SSH) if WP-CLI dependent tools like 'regenerate_thumbnails' are to be used.
Review RequiredView Analysis
The `upload_media` tool handler is vulnerable to Server-Side Request Forgery (SSRF) as it fetches an arbitrary URL provided by the user (`args.source`) without sufficient validation or sanitization. This could lead to internal network scanning, access to sensitive internal resources, or denial-of-service by downloading large or malicious files. Additionally, the WP-CLI integration, while not directly exploitable for command injection in the provided snippet, relies on the `WPCLIClient` implementation in a shared library for robustness. Broad commands like `regenerate_thumbnails` without a specific ID could be resource-intensive if triggered maliciously on a large WordPress site.
Updated: 2025-11-28GitHub
0
0
Low Cost

python-mcp-server

by changren-wcr

Sec9

Deploys a simple tool-serving API using fastmcp that exposes basic arithmetic functions, primarily intended for integration with AI agents or other systems requiring callable external tools.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Project dependencies (fastmcp, uvicorn) must be installed.
  • ⚠️Intended for deployment (e.g., Google Cloud Run) but can be run locally.
Verified SafeView Analysis
The provided source code is clean, with no apparent malicious patterns, hardcoded secrets, or dangerous functions like 'eval'. It serves a simple API; overall security relies on the FastMCP library and the deployment environment's network configuration.
Updated: 2025-11-25GitHub
0
0
High Cost
cpatel1293 icon

PRD-MCP-Server

by cpatel1293

Sec1

A specialized Model Context Protocol (MCP) server dedicated to creating and validating Product Requirements Documents (PRDs) using AI and customizable templates.

Setup Requirements

  • ⚠️Requires API keys for AI providers (e.g., OPENAI_API_KEY), which are typically paid services.
  • ⚠️Google Gemini, Anthropic Claude, and Local Model providers are currently stubbed implementations and will throw 'not yet implemented' errors if selected.
Review RequiredView Analysis
Critical vulnerability: The `get_provider_config` MCP tool exposes all configured AI provider API keys (e.g., OPENAI_API_KEY, ANTHROPIC_API_KEY) to any connected MCP client. This means anyone who can connect to the server can steal these secrets. High severity vulnerability: Multiple tools (`get_logs`, `export_templates`, `import_templates`) are vulnerable to path traversal attacks, allowing arbitrary file read/write on the server's filesystem by manipulating input parameters like `fileName` or `filePath`.
Updated: 2025-11-20GitHub
0
0
Medium Cost
Dynava icon
Sec8

This server provides an MCP interface to interact with a Genesys transcription API, enabling the retrieval, generation, and querying of conversation transcripts.

Setup Requirements

  • ⚠️Requires the 'HOST' environment variable to be set to the transcription API endpoint, defaulting to 'http://9.223.220.100' if not provided.
  • ⚠️Requires Python 3.12 or newer.
  • ⚠️The backend Genesys API requires authentication for certain operations (e.g., 'interval_conversations').
Verified SafeView Analysis
The server acts as a proxy, forwarding requests to an external API defined by the HOST environment variable. While no direct 'eval' or hardcoded secrets are present, the security largely depends on the trustworthiness and security of the backend transcription API it connects to. Improper configuration of the HOST variable could lead to connections to untrusted services. The direct passing of arguments to the backend API could expose it to malicious input if the backend isn't robustly validated.
Updated: 2025-12-02GitHub
0
0
Medium Cost
pradhyu icon
Sec8

Provides sample implementations for a Minimal Chat Protocol (MCP) server, either via FastAPI for HTTP or stdio for subprocess communication, using LangChain with OpenAI-compatible APIs.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid)
  • ⚠️Docker required
  • ⚠️Python 3.10+
Verified SafeView Analysis
The code itself avoids dangerous patterns like `eval` or hardcoded secrets. It relies on environment variables for API keys, which the READMEs correctly advise against for production in favor of secrets management. The FastAPI version exposes a standard HTTP port. The stdio version communicates via stdin/stdout, which is generally safer for isolated process communication. Production hardening (like multi-stage builds, healthchecks, robust framing) is recommended but not handled by the sample code.
Updated: 2025-11-25GitHub
0
0
Medium Cost
a1loy icon

gerrit-mcp

by a1loy

Sec8

Provides an MCP (Model Context Protocol) interface to query a Gerrit instance for code review changes and project information, acting as a tool for potential AI agents.

Setup Requirements

  • ⚠️Requires access to a Gerrit instance, defaulting to `https://chromium-review.googlesource.com` unless specified via `-gerrit-instance`.
  • ⚠️Gerrit authentication, if enabled with `-with-auth`, necessitates specific environment variables such as `GERRIT_USERNAME` and `GERRIT_PASSWORD` (for basic/digest) or `GERRIT_COOKIE_NAME` and `GERRIT_COOKIE_VALUE` (for cookie auth).
  • ⚠️The MCP server's own authentication (via Bearer header) requires the `BEARER_TOKEN` environment variable to be set for the server to validate client requests.
Verified SafeView Analysis
The server employs environment variables (e.g., BEARER_TOKEN, GERRIT_USERNAME, GERRIT_PASSWORD) for handling sensitive authentication credentials, which is a good security practice. There is no evidence of 'eval' or other dynamic code execution patterns. Input parsing for tool requests leverages `mcp.ParseString` and `mcp.ParseInt`, and interactions with Gerrit are managed through a dedicated Go client library. URL validation includes hostname checks to prevent queries against unauthorized Gerrit instances. While `panic` calls exist for critical initialization failures, they are not within runtime request handling paths, thus not directly posing a runtime security flaw, but could impact server robustness. Overall, the code demonstrates reasonable security hygiene for its function.
Updated: 2025-11-30GitHub
0
0
Low Cost
omnifyjp icon
Sec9

Enables AI assistants like Claude to create and validate Omnify schemas, facilitating structured data modeling.

Setup Requirements

  • ⚠️Requires Node.js and npm/npx to run.
  • ⚠️Requires configuration within Claude Code/Desktop's MCP settings for direct integration.
Verified SafeView Analysis
The server primarily processes structured text input (schema definitions) and generates text output (YAML, markdown). It uses standard libraries like 'yaml' and 'zod' for parsing and validation. No 'eval' or direct execution of untrusted code is observed. The scope is well-defined, mitigating common web vulnerabilities, and no hardcoded secrets or direct network interactions beyond stdio are present.
Updated: 2026-01-19GitHub
0
0
Low Cost
gilamran icon
Sec9

A minimal MCP server template demonstrating both STDIO and HTTP transports with an example tool for filtering an in-memory TV catalog.

Setup Requirements

  • ⚠️To run the server in HTTP mode, you must create a '.env' file and set `MCP_SERVER_TRANSPORT_TYPE=HTTP`.
  • ⚠️For public access to the HTTP server, a reverse proxy (e.g., ngrok) is required.
  • ⚠️Requires Node.js and Yarn for initial setup (installing dependencies and building).
Verified SafeView Analysis
No 'eval' or code obfuscation found. No hardcoded secrets; configuration for transport type and port relies on environment variables. The HTTP server setup uses standard practices with Express. A full security audit of the underlying `@modelcontextprotocol/sdk` and `express` dependencies is beyond the scope of this source code analysis.
Updated: 2025-12-12GitHub
0
0
Low Cost
BhumitArora icon

remote-MCP

by BhumitArora

Sec8

Manages personal or small-scale expense tracking, allowing users to add, list, and summarize financial transactions.

Setup Requirements

  • ⚠️Database stored in a temporary directory, meaning data will be lost upon server restart or temporary directory cleanup.
  • ⚠️Requires `fastmcp` and `aiosqlite` Python packages to be installed.
Verified SafeView Analysis
The server correctly uses parameterized queries to prevent SQL injection. No 'eval' or obfuscation is present, and no hardcoded secrets were found. The database is stored in a temporary directory, which can be a security benefit by limiting persistence but also means data loss. Error messages might expose minor database details, which is a minor information disclosure risk. The server listens on 0.0.0.0, which is standard but requires proper firewalling in production.
Updated: 2025-12-12GitHub
PreviousPage 379 of 713Next