Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
DevSkillsIT icon
Sec4

Enables AI assistants (Claude Code, Gemini CLI, Claude Desktop) to interact with Veeam Backup & Replication for monitoring, querying, and controlling backup infrastructure through natural language.

Setup Requirements

  • ⚠️Requires Veeam Backup & Replication 12+ with REST API enabled.
  • ⚠️Veeam API credentials with appropriate permissions (read-only for queries, higher for control operations) are mandatory.
  • ⚠️Node.js 20+ runtime environment is required.
  • ⚠️The `VEEAM_IGNORE_SSL=true` setting is enabled by default, posing a significant security risk by ignoring invalid SSL certificates for the Veeam API. This must be explicitly set to `false` and proper SSL configured for production deployments.
  • ⚠️A custom `AUTH_TOKEN` environment variable must be set by the user for securing the MCP HTTP endpoints.
Review RequiredView Analysis
The server's default configuration, especially in `docker-compose.yml` and explicitly in several tool files, sets `VEEAM_IGNORE_SSL` to `true` or `rejectUnauthorized` to `false`. This disables SSL certificate validation for connections to the Veeam REST API, making the communication vulnerable to Man-in-the-Middle (MITM) attacks. While `SafetyGuard` is implemented for critical write operations (`start-backup-job`, `stop-backup-job`) requiring explicit confirmation tokens and audit logging, and sensitive credentials are sourced from environment variables, the default insecure SSL configuration is a critical vulnerability for production environments. The HTTP server runs without native HTTPS, relying on external reverse proxy for SSL in production, which is a documented but insecure default for direct exposure.
Updated: 2025-12-20GitHub
0
0
Low Cost
pyhoon icon
Sec8

A simple inventory management system demonstrating MCP Server functionality with SQLite through standard input/output.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) installed and configured in the PATH or specified in the Claude Desktop config.
  • ⚠️Requires the compiled 'mcp_server.jar' file to be present at the exact path specified in the Claude Desktop configuration (e.g., C:\B4X\Development\mcp-server\Objects\mcp_server.jar).
Verified SafeView Analysis
The server runs locally via standard I/O, minimizing network exposure. No 'eval' or obvious malicious patterns are present in the truncated code. The primary security consideration would be potential SQL injection vulnerabilities within the unseen B4J implementation of 'get_inventory' and 'add_product' if user inputs are not properly sanitized before database interaction. Assuming standard safe coding practices in B4J, the risk is moderate.
Updated: 2025-12-12GitHub
0
0
Medium Cost
FairArena icon
Sec9

Provides a Model Context Protocol (MCP) server for semantic search and retrieval of FairArena documentation using Pinecone and Google Gemini embeddings.

Setup Requirements

  • ⚠️Requires Pinecone API key and configured Pinecone indexes (developer and user documentation).
  • ⚠️Requires a Google Gemini API Key for effective semantic search; otherwise, it falls back to a hash-based (non-semantic) embedding for development purposes.
  • ⚠️The embedding dimension in environment variables must match the Pinecone index configuration.
Verified SafeView Analysis
The server implements strong security practices including API key authentication, rate limiting (per IP and per API key), secure headers (Helmet), and Zod-based request validation. Sensitive data is redacted in structured logs. Circuit breakers are used for external services to prevent cascading failures. The primary API key validation is based on format, with actual validation occurring when making calls to the Google API, which is a reasonable approach for third-party keys. CORS is configurable but defaults to '*' if not explicitly set, which should be adjusted for production deployments.
Updated: 2026-01-18GitHub
0
0
Medium Cost
pfaeffli icon
Sec9

MCP server wrapper for the Clockodo time tracking API, offering time tracking, HR analytics, and team management with role-based access.

Setup Requirements

  • ⚠️Requires Clockodo API credentials (CLOCKODO_API_USER, CLOCKODO_API_KEY).
  • ⚠️Requires Python 3.12+ (if running directly from source).
  • ⚠️Docker is recommended for simplified setup and local client integration.
  • ⚠️The HTTP/SSE transport (CLOCKODO_MCP_TRANSPORT=sse) is experimental, has known issues, and lacks built-in authentication, making it unsuitable for direct internet exposure without external security infrastructure.
Verified SafeView Analysis
The server follows good security practices: API credentials are exclusively loaded from environment variables and not hardcoded. Sensitive information is masked in logs. The codebase is structured with clear separation of concerns, and `httpx` is used with proper error handling. Multi-stage Docker builds reduce attack surface. The project explicitly warns about the experimental HTTP/SSE transport's lack of built-in authentication, rate limiting, and audit trails, recommending it only for development or behind a robust reverse proxy with external security measures. The core code itself is well-secured.
Updated: 2026-01-19GitHub
0
0
Medium Cost
arclabs-studio icon

ARCLinearGitHub-MCP

by arclabs-studio

Sec8

Automating development workflows by integrating Linear issue tracking and GitHub repository management, enforcing ARC Labs Studio naming conventions.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️Requires Linear API Key (may be a paid service)
  • ⚠️Requires GitHub Personal Access Token
  • ⚠️Requires `uv` or `pip` for dependency management
  • ⚠️Requires specific environment variables configured in a `.env` file.
Verified SafeView Analysis
The server uses environment variables for API keys (LINEAR_API_KEY, GITHUB_TOKEN) and Pydantic for configuration and data models, which are good practices. There is no usage of 'eval' or direct arbitrary shell command execution. The `GitHubClientError` can include `response.text` in error messages, which could potentially expose sensitive information from API responses if not handled carefully in production logging.
Updated: 2026-01-19GitHub
0
0
Low Cost
mbeps icon
Sec8

Automate desktop tasks on GNOME & Fedora using AI clients by interacting with system settings and applications.

Setup Requirements

  • ⚠️Requires Python 3.12 or above.
  • ⚠️Requires UV package manager.
  • ⚠️Requires a Linux system with the GNOME desktop environment and its associated command-line utilities (e.g., gsettings, nmcli, pactl, playerctl, gtk-launch, gio, notify-send, wl-copy, dbus-send).
Verified SafeView Analysis
The server utilizes `subprocess.run` with lists of arguments to execute system commands, significantly reducing command injection risks compared to using `shell=True`. `ast.literal_eval` is used for parsing gsettings output safely. No hardcoded secrets were identified. Communication over stdio limits network exposure. Security primarily relies on the integrity of the invoked GNOME/Linux utilities and the permissions of the user running the server, as it can perform actions like file deletion or system shutdown.
Updated: 2025-12-13GitHub
0
0
Medium Cost
gufao icon
Sec9

Manages email accounts from multiple providers (Gmail, Outlook, IMAP) with a unified inbox and programmatic access via MCP tools.

Setup Requirements

  • ⚠️Requires manual setup in Google Cloud Console (for Gmail) or Azure Portal (for Outlook) to obtain OAuth credentials.
  • ⚠️Secrets (like IMAP password, Outlook client secret) must be provided via environment variables, not hardcoded in configuration files.
  • ⚠️Initial OAuth authentication for Gmail/Outlook requires a temporary local web server running on http://localhost:3000.
Verified SafeView Analysis
The server explicitly rejects plaintext secrets (e.g., IMAP passwords, Outlook client secrets) in the 'accounts.json' configuration file, enforcing the use of environment variables. It validates that these environment variables are set and not empty upon startup. When deployed with Docker, it recommends mounting the 'credentials' directory as read-only, further protecting sensitive files. OAuth flows for Gmail and Outlook follow standard practices for token management and refresh. The MCP communication itself uses stdio, reducing network attack surface for the core protocol.
Updated: 2025-12-31GitHub
0
0
Low Cost
sharjeeltanoli icon

mcp-servers-gemini

by sharjeeltanoli

Sec6

Configures a collection of modular tools for an AI agent to interact with development-related services and systems.

Setup Requirements

  • ⚠️Requires Node.js and npm for `npx` commands.
  • ⚠️GITHUB_PERSONAL_ACCESS_TOKEN environment variable required for GitHub server.
  • ⚠️Absolute paths for `YOUR_DOCUMENTS_PATH` and `YOUR_DESKTOP_PATH` must be configured for the filesystem server.
  • ⚠️A Context7 API Key must be provided as a command-line argument for the context7 server.
  • ⚠️Vercel authentication is required for the Vercel server.
  • ⚠️The `tailwindcss-server` executable must be in the system's PATH or explicitly defined.
Verified SafeView Analysis
The 'filesystem' server grants broad read/write access to specified local directories, posing a significant risk if the agent is compromised or misused. Relying on `npx -y` introduces a minor supply chain risk from npm packages. Multiple servers require sensitive credentials (GitHub PAT, Context7 API Key, Vercel authentication) which must be securely managed by the user to prevent exposure.
Updated: 2026-01-19GitHub
0
0
Low Cost
Hydraallen icon

Weather_MCP_Server

by Hydraallen

Sec9

Provides current weather, forecast, and severe weather alerts for supported cities to Claude Desktop via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Docker is required to build and run the server.
  • ⚠️Manual configuration of Claude Desktop's `claude_desktop_config.json` file is necessary.
  • ⚠️Users must verify the Docker image name matches what `docker images` reports after building.
Verified SafeView Analysis
The server uses `httpx` to make requests to a public weather API (`api.open-meteo.com`). There are no apparent hardcoded secrets or 'eval' statements. Input validation for city names and forecast days is present. The primary security consideration is reliance on an external API, which is an inherent risk in most API integrations.
Updated: 2026-01-19GitHub
0
0
Medium Cost
raisedadead icon

outline-mcp-server

by raisedadead

Sec9

Integrates Outline wiki with LLM applications via Model Context Protocol to enable searching, reading, creating, and managing wiki documents.

Setup Requirements

  • ⚠️Requires an Outline API Key (e.g., `ol_api_xxx`) obtained from your Outline instance settings.
  • ⚠️Requires the base URL of your Outline instance (e.g., `https://your-instance.getoutline.com`).
  • ⚠️Requires Node.js version 22.14 or higher and the pnpm package manager for development and setup.
Verified SafeView Analysis
The server securely handles API keys through environment variables or a configuration file, avoiding hardcoded secrets. Input validation for tools and resources is implemented using Zod, mitigating common injection vulnerabilities. Network requests to the Outline API include retry mechanisms for robustness. No 'eval' or direct arbitrary command execution from user input was identified in the provided source code.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Amier-ge icon
Sec8

Parses PowerShell ConsoleHost_history.txt files from disk images for forensic analysis.

Setup Requirements

  • ⚠️The `README.md` states a critical dependency on a sibling `ConsoleHost_Parser` library folder (two folders must be in the same parent directory). While the provided `mcp_server.py` code appears self-contained and doesn't explicitly import from this sibling, the README's warning suggests it's essential for the full functionality.
  • ⚠️Requires `pytsk3` (Python bindings for The Sleuth Kit) and `pyewf` (Python bindings for Expert Witness Format) which might require system-level dependencies (e.g., `libtsk` and `libewf`) for successful installation.
Verified SafeView Analysis
The code uses `pytsk3` and `pyewf` for disk image parsing, which are established forensic libraries. No direct 'eval' or other obvious malicious patterns, hardcoded secrets, or command injection vulnerabilities are present in the provided source code. Input path handling uses `os.path.abspath` and passes paths to the trusted forensic libraries. The primary security considerations would be potential vulnerabilities within the underlying `pytsk3` or `pyewf` libraries themselves, rather than this application's custom logic.
Updated: 2025-12-13GitHub
0
0
Medium Cost
pharmbio icon

specs-mcp-server

by pharmbio

Sec9

The server provides a suite of tools for similarity search and analytics on a compound dataset, focusing on compound-to-compound and MOA-to-MOA relationships, gene co-occurrence, and disease rollups for drug discovery and bioinformatics.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️A `data/compound_aggregate_with_annotations.csv` file must be present at the specified path for the server to function.
  • ⚠️Docker is recommended for local execution as per the README, streamlining dependency management.
Verified SafeView Analysis
The code appears to be well-structured and minimizes obvious security risks. It primarily uses pandas for data manipulation and scikit-learn for similarity calculations. User inputs are generally sanitized (e.g., lowercased, stripped, regex=False) before being used in DataFrame queries or fuzzy matching. There are no apparent uses of `eval`, `exec`, or direct shell command injections. The dataset path is hardcoded, preventing arbitrary file access. Environment variables are used for server configuration (host, port, transport), which is a good practice. The main risk, if any, would stem from vulnerabilities in the underlying `FastMCP`, `pandas`, or `numpy` libraries, or if the `compound_aggregate_with_annotations.csv` file itself is untrusted and can be modified by an attacker in a deployment scenario, though the application itself does not facilitate arbitrary modifications to this file.
Updated: 2025-12-16GitHub
PreviousPage 380 of 713Next