Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
snorlak1 icon

mem0-server-mcp

by snorlak1

Sec7

Provides intelligent memory and knowledge graph capabilities for Claude Code and other AI agents, managing coding preferences, context, and architectural decisions.

Setup Requirements

  • ⚠️Requires Docker installed and running for the full stack.
  • ⚠️Using Ollama as the LLM provider requires a local Ollama server running (e.g., at `http://192.168.1.2:11434`) and specific models (e.g., `qwen3:8b`, `qwen3-embedding:8b`) to be pulled.
  • ⚠️Default database (PostgreSQL, Neo4j) credentials are weak and MUST be changed for production environments to avoid security risks.
  • ⚠️Claude Code (or other MCP clients) requires specific configuration including `X-MCP-Token` and `X-MCP-UserID` headers for authentication.
Verified SafeView Analysis
The default configuration of the Docker Compose stack exposes several services (PostgreSQL, Neo4j, Mem0 API, MCP Server) on default ports to the host, and uses weak default credentials ('postgres', 'mem0graph'). The core Mem0 API (port 8000) does not enforce authentication by default, making it vulnerable if exposed without a reverse proxy or custom API key implementation. However, the documentation (AUTHENTICATION.md, SECURITY.md) explicitly highlights these risks and provides comprehensive guidance and scripts for: token-based authentication for the MCP server, securing default passwords, restricting network access, enabling HTTPS, implementing custom API keys, and audit logging. While the defaults are insecure for production, the project's explicit security awareness and provided solutions mitigate these to a large extent for informed users.
Updated: 2026-01-19GitHub
0
0
High Cost
ramgeart icon

llm-mcp-bridge

by ramgeart

Sec9

An agnostic MCP server that bridges various OpenAI-compatible LLM APIs, providing tools for LLM model analysis, benchmarking, and quality evaluation.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Needs an external LLM server (e.g., LM Studio, Ollama, vLLM) with an OpenAI-compatible API running and accessible.
  • ⚠️An API key (LLM_API_KEY) is required in the environment or as a tool argument when connecting to commercial cloud LLM services (e.g., OpenAI, Groq, Azure OpenAI).
  • ⚠️When configuring for VS Code, the exact absolute path to the compiled 'dist/index.js' script needs to be specified.
Verified SafeView Analysis
The server correctly handles API keys via environment variables or explicit arguments, avoiding hardcoding. Input validation for tool arguments is implemented using Zod, which helps prevent common injection vulnerabilities. The design allows overriding the LLM base URL and API key per tool call, which is a powerful feature but implies that the calling client needs to be trusted to prevent redirection to malicious endpoints, though this is a characteristic of the MCP protocol itself and not a flaw in the bridge's implementation. No 'eval' or other directly exploitable patterns were found in the provided source.
Updated: 2025-12-06GitHub
0
0
Medium Cost
lukas-bekr icon

fathom-mcp

by lukas-bekr

Sec9

Enables LLMs to interact with the Fathom.video API for meeting recording management, transcripts, summaries, and analytics.

Setup Requirements

  • ⚠️Requires FATHOM_API_KEY environment variable, which must be obtained from Fathom.video settings.
  • ⚠️Requires Node.js (>=18) and npm for installation and build steps.
  • ⚠️Potential for large responses (transcripts, detailed meeting lists) that may be truncated to a CHARACTER_LIMIT of 25000 characters.
Verified SafeView Analysis
The server uses Zod for robust input validation, which is excellent for security. API keys are loaded from environment variables, avoiding hardcoding. Error handling explicitly covers common API errors including authentication (401) and rate limiting (429). There are no 'eval' statements, code obfuscation, or obvious malicious patterns. The main security concern would be ensuring the Fathom API key is kept secure and that the server's network access is properly configured, as it makes external API calls.
Updated: 2025-11-30GitHub
0
0
Low Cost
NaokiTest icon
Sec5

Provides an API server for simple arithmetic calculations, intended for multi-client access.

Review RequiredView Analysis
Source code was not provided for analysis. Therefore, a thorough check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns could not be performed. The score reflects a conservative estimate due to lack of verification; actual security cannot be assessed.
Updated: 2025-11-27GitHub
0
0
Medium Cost
ecdeng icon
Sec8

Allows ChatGPT to persistently store, retrieve, and organize recipe files as human-readable Markdown with YAML frontmatter.

Setup Requirements

  • ⚠️Requires persistent disk storage mounted at `/app/recipes` for data retention, especially critical for Docker and Render deployments.
  • ⚠️Authentication relies on a unique UUID in the URL path; this UUID acts as the primary access token and must be kept secret and correctly used in all API calls.
  • ⚠️Deployment to Render requires a Render account and meticulous configuration of a persistent disk at the specified mount path.
Verified SafeView Analysis
The server implements strong filename validation and sanitization to prevent path traversal attacks and enforce file type constraints, which is crucial for file-based storage. Authentication relies on a randomly generated or user-defined UUID embedded in the URL path ('security by obscurity'). While this is explicitly warned against for public sharing, it is deemed acceptable for its intended personal use case where the URL is kept private. No other authentication/authorization layers are present. The server relies on the deployment platform (e.g., Render) to provide HTTPS.
Updated: 2025-12-13GitHub
0
0
Medium Cost
janjic-portside icon

pervasive-sql-mcp

by janjic-portside

Sec8

Provides a Model Context Protocol (MCP) server for interacting with Pervasive SQL databases via ODBC.

Setup Requirements

  • ⚠️Requires Pervasive ODBC Driver installed and configured on a Windows system.
  • ⚠️Requires DSN (Data Source Name) configured via ODBC Data Source Administrator.
  • ⚠️Requires Visual Studio Build Tools (C++ workload) for compiling the `odbc` native module.
Verified SafeView Analysis
The server runs locally and communicates via stdio, limiting network exposure. Connection credentials can be passed via environment variables or per-tool call, which is standard for local tools. The `query` and `execute_batch` tools allow arbitrary SQL execution, which is a powerful feature and correctly flagged in the README as potentially dangerous if misused (e.g., DELETE/DROP statements). However, SQL queries using parameters are handled securely by `conn.query(sql, params)` preventing SQL injection for parameterized queries. No direct `eval` or intentional obfuscation was found in the provided source code.
Updated: 2025-12-10GitHub
0
0
Low Cost
Piotr1215 icon

agents-mcp-server

by Piotr1215

Sec3

Facilitates real-time agent-to-agent communication and coordination, leveraging DuckDB for message persistence and `snd` for tmux message injection.

Setup Requirements

  • ⚠️Requires DuckDB CLI to be installed and in the system PATH (not a library, but the command-line tool).
  • ⚠️Requires a custom `snd` script (likely from `~/.claude/scripts/snd`) to be in the system PATH, which is not a standard utility.
  • ⚠️Requires Node.js >= 18.
Review RequiredView Analysis
The server uses `child_process.execSync` to run DuckDB CLI commands, with SQL queries constructed by string concatenation using a custom, manual escaping function (`esc`). This approach is highly vulnerable to SQL injection if the escaping mechanism is flawed or incomplete, allowing malicious input to execute arbitrary DuckDB commands. Additionally, the `snd` command is executed via `spawn`, which could pose an injection risk if the message content or pane ID is not adequately sanitized before being passed to the external `snd` script.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Thamizh-02 icon
Sec9

A knowledge-powered Q&A and action chatbot integrated with GitHub for automated tasks and document management.

Setup Requirements

  • ⚠️Requires a separate backend API server (not provided in this repository) to handle LLM interactions, database operations, and GitHub API calls.
  • ⚠️Requires a GitHub Personal Access Token with appropriate permissions (e.g., for creating issues, PRs, deployments) to be configured.
  • ⚠️Requires a configured database to store users, knowledge sources, conversations, and activity logs.
Verified SafeView Analysis
The application explicitly uses environment variables for sensitive data like API URLs, GitHub tokens, and database credentials, preventing hardcoded secrets. It implements JWT for session management, bcrypt for password encryption, and features role-based access control with tool-level permission checks. An audit trail tracks user actions and tool executions, enhancing accountability. The security of the backend API, which is not provided, would be crucial for overall system security.
Updated: 2025-12-14GitHub
0
0
Medium Cost
nggocnn icon

sonarqube-mcp

by nggocnn

Sec9

Enables AI Agent applications to manage and retrieve code quality and analysis data from a SonarQube server.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Requires a running SonarQube server instance.
  • ⚠️Requires SonarQube authentication (SONARQUBE_TOKEN or SONARQUBE_USERNAME/SONARQUBE_PASSWORD environment variables must be set).
Verified SafeView Analysis
The server correctly handles sensitive information by requiring it via environment variables (SONARQUBE_TOKEN, SONARQUBE_USERNAME/PASSWORD). It performs input validation for API parameters (e.g., positive page numbers, non-empty strings). The underlying HTTP client (`httpx`) includes timeouts and connection limits, and error handling for network issues. The server binds to '0.0.0.0', which is standard but requires appropriate network configuration (e.g., firewalls) in production environments. No 'eval' or other direct arbitrary code execution patterns were found.
Updated: 2025-11-28GitHub
0
0
Medium Cost
timduly4 icon

mcp-server

by timduly4

Sec8

Exposes GitHub starred repositories as Model Context Protocol (MCP) resources for LLM applications.

Setup Requirements

  • ⚠️Requires Bazel 8.4+ for the recommended build and run workflow.
  • ⚠️Requires a GitHub Personal Access Token with `public_repo` and `read:user` scopes.
  • ⚠️Interactive testing with the MCP Inspector requires Node.js and npm/npx.
Verified SafeView Analysis
The project avoids hardcoding secrets by requiring a GitHub Personal Access Token via environment variable. It uses OAuth2 for GitHub API authentication. The MCP server runs over stdio (standard input/output), reducing direct network exposure for the core MCP protocol. Simple URI parsing is in place, with awareness of potential routing conflicts documented in tests. No 'eval' or similar dangerous patterns are used, and there is no visible code obfuscation.
Updated: 2025-12-08GitHub
0
0
Medium Cost
bramburn icon

mcp-fs-server

by bramburn

Sec4

Provides a Model Context Protocol (MCP) server that indexes code repositories for real-time semantic search, leveraging Ollama embeddings and Qdrant for vector storage.

Setup Requirements

  • ⚠️Requires a running Qdrant instance (default: http://localhost:6333).
  • ⚠️Requires Ollama to be installed and running locally, with a compatible embedding model downloaded (default: 'nomic-embed-text').
  • ⚠️Requires Tree-sitter WASM grammar files to be downloaded via `npm run setup` after cloning.
Review RequiredView Analysis
Hardcoded PostHog API key is present in both the MCP server and the VS Code extension's analytics services. This exposes a private API key, although it's for analytics. A more significant concern is the `FileHandler.handleExecuteCommand` in the VS Code extension, which executes arbitrary VS Code commands (`vscode.commands.executeCommand`) based on webview input without apparent whitelisting. This poses a critical vulnerability, as a malicious webview could trigger arbitrary code execution or system modifications within the VS Code environment. While the `ClipboardManager` has a `SENSITIVE_FILE_BLOCKLIST`, this arbitrary command execution could potentially bypass such file-based security checks.
Updated: 2025-12-17GitHub
0
0
Medium Cost
MicahBly icon

rapport-mcp

by MicahBly

Sec4

Enables AI agents to create, modify, and query visual SVG canvases for Rapport.dev.

Setup Requirements

  • ⚠️Requires Node.js v18.0.0 or higher.
  • ⚠️Initial authentication requires a browser to open for an OAuth login flow, which can be a friction point on headless servers.
  • ⚠️Critical security vulnerabilities are present in the default configuration (insecure file permissions, SSRF, XXE, security bypass) that require immediate fixes post-setup for safe operation.
Review RequiredView Analysis
Critical vulnerabilities identified in a comprehensive security audit. These include insecure file permissions for authentication tokens (making them world-readable by any local user), a Server-Side Request Forgery (SSRF) vulnerability in API requests, and a potential XML External Entity (XXE) vulnerability in XML parsing. There's also a bypass mechanism ('skip_validation' flag) for crucial SVG security checks, incomplete SVG validation patterns, and sensitive data exposure in error messages. Additionally, HTTPS enforcement is missing, and authentication polling lacks robust rate limiting/exponential backoff. Immediate remediation of HIGH and MEDIUM severity issues is strongly recommended.
Updated: 2025-12-11GitHub
PreviousPage 382 of 713Next