Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
avinash221988 icon

prometheus-mcp-server

by avinash221988

Sec7

Enables AI assistants to interact with Prometheus and Alertmanager for intelligent monitoring and incident response through Model Context Protocol (MCP) tools, resources, and prompts.

Setup Requirements

  • ⚠️Requires Python 3.9+ (Python 3.13 is specifically referenced in setup scripts for FastMCP compatibility).
  • ⚠️Requires a running Prometheus instance and optionally an Alertmanager instance, accessible from where the MCP server is deployed.
  • ⚠️Using the MCP Inspector for testing requires Node.js 22.7.5+ and npm.
Verified SafeView Analysis
The server exposes a `prometheus_query` tool that directly executes arbitrary PromQL queries provided by the AI. If the AI or the MCP server itself were compromised, this could lead to resource exhaustion on the Prometheus server or unauthorized data access. The `--no-verify-ssl` option, configurable via an environment variable, can also introduce security vulnerabilities if used improperly in production environments. No explicit hardcoded secrets or malicious patterns were found in the provided source code.
Updated: 2025-12-05GitHub
0
0
Low Cost
cool-man-vk icon
Sec3

A Model Context Protocol server for managing Amazon DynamoDB resources, including table, index, capacity, and data operations.

Setup Requirements

  • ⚠️Requires AWS credentials (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION) configured as environment variables to interact with DynamoDB.
  • ⚠️Requires Node.js (>=18.0.0) and npm for execution.
  • ⚠️Lacks built-in authentication/authorization for remote client connections, necessitating robust external security measures (e.g., VPN, VPC firewall rules, API Gateway with authentication) for secure production deployment, as the server provides `Access-Control-Allow-Origin: *`.
Review RequiredView Analysis
The server accesses AWS credentials directly from environment variables, which is standard but relies heavily on the deployment environment's security. A critical vulnerability is the lack of built-in authentication and authorization for client connections over the remote HTTP/SSE transport. The server enables `Access-Control-Allow-Origin: *`, allowing requests from any domain, making it highly susceptible to unauthorized access and command execution if exposed publicly. While delete operations are intentionally not supported, other destructive or costly operations (e.g., creating tables, updating capacity to high values) can be performed by any client successfully connecting. Error logging to `console.error` might expose internal details. The `create_lsi` tool creates a new table with an LSI, rather than adding an LSI to an existing table, which is a functional quirk but not a security risk.
Updated: 2025-11-20GitHub
0
0
Medium Cost
shayrylmae icon
Sec9

Provides secure, read-only database access to an Agri-Geo Supabase database for AI assistants via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires manual application of SQL migration files (001_create_crop_requirements.sql, 002_seed_crop_requirements.sql) to the Supabase database via its dashboard.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Critical environment variables (SUPABASE_URL, SUPABASE_ANON_KEY) must be configured in a .env file or deployment environment.
Verified SafeView Analysis
The server uses Supabase client for database interactions, ensuring parameterized queries and preventing SQL injection. All tool arguments are validated using Zod schemas. It is designed for read-only access, with no INSERT/UPDATE/DELETE operations implemented. Environment variables are loaded via dotenv, preventing hardcoded secrets. Error handling appears to be safe, avoiding database schema leaks. No use of dangerous functions like 'eval' or direct child_process execution is observed. The SSE transport implements a connection registry with cleanup for stale sessions. The only minor point is the default permissive CORS for SSE ('Access-Control-Allow-Origin', '*') which should be restricted in production, as noted in the DEPLOYMENT.md.
Updated: 2025-11-25GitHub
0
0
Medium Cost
ayoub9312 icon
Sec8

This application acts as a Rails-native development partner, simplifying workflows by transforming Claude Code into Rails-native patterns and providing an AI-assisted development infrastructure for a Rails project.

Setup Requirements

  • ⚠️Requires a Ruby on Rails development environment (Ruby 3.3.10, Node.js for JS assets, Bundler)
  • ⚠️Requires interaction with or integration of 'Claude Code' (claude.ai/code) as a development partner
  • ⚠️Managing `config/master.key` for encrypted credentials is essential for full application setup
Verified SafeView Analysis
The Rails application framework utilizes standard security practices, including Devise for authentication, encrypted credentials (master.key is gitignored), and recommended security scanning tools like Brakeman and bundle-audit. The Claude integration includes a 'hooks' system that involves executable scripts. While these scripts are for automation and described with best practices (e.g., modularity), their specific content is not provided, meaning potential risks could exist if these are improperly modified. No direct malicious patterns, obfuscation, or hardcoded secrets are evident in the provided documentation.
Updated: 2025-12-15GitHub
0
0
Low Cost
kaibruell icon
Sec1

Provides tools to download, list, and extract paragraphs from German law XML files, integrated as an MCP server.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for easy setup.
  • ⚠️Requires `libxml2-utils`, `xmlstarlet`, `curl`, and `unzip` to be installed (handled by Dockerfile).
Review RequiredView Analysis
CRITICAL: The server is highly vulnerable to command injection. The `lawName` parameter is directly concatenated into shell commands executed via `child_process.execSync` in `mcp/src/index.js` without proper sanitization or quoting. For example, providing `estg; rm -rf /` as `lawName` will execute `rm -rf /` within the Docker container, leading to arbitrary code execution and potential data loss. This is present in `downloadLaw`, `getParagraph`, and `listContents` methods.
Updated: 2025-11-18GitHub
0
0
Medium Cost
AlexSchardin icon

mcp-spotify-render

by AlexSchardin

Sec9

Enables AI assistants to control Spotify playback and manage playlists through a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires a Spotify Premium account for full playback control.
  • ⚠️Requires manual creation and configuration of a Spotify Developer application (Client ID, Client Secret, Redirect URI).
  • ⚠️Requires an initial `npm run auth` step to obtain and save Spotify access and refresh tokens locally.
Verified SafeView Analysis
The server utilizes OAuth 2.0 for Spotify authentication, requiring users to configure `clientId`, `clientSecret`, and a `redirectUri` in a `spotify-config.json` file. The authentication flow involves a temporary local HTTP server (`127.0.0.1`) for exchanging authorization codes for tokens, which are then saved locally. No hardcoded secrets are found. The primary Node.js server does not directly expose any network listeners other than the temporary one for OAuth. Both implementations (Node.js and an alternative Python server for multi-tenant HTTP deployments) use standard, well-maintained libraries for API interaction. No `eval` or code obfuscation is present.
Updated: 2025-12-12GitHub
0
0
Low Cost
yechan-EEEEE icon
Sec9

This server provides a tool to fetch current weather data for a specified geographical location using an external, public API.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Dependencies 'httpx' and 'mcp[cli]' must be installed.
Verified SafeView Analysis
The server wraps a public, keyless weather API (Open-Meteo) using httpx. There are no identifiable patterns for eval, hardcoded secrets, or dynamic URL construction that could lead to SSRF. Input types are explicitly floats, and output is a string representation of the API's JSON response, minimizing direct injection risks. The lack of any sensitive operations contributes to a high security score.
Updated: 2025-12-11GitHub
0
0
Low Cost
8b-is icon

q8-caster

by 8b-is

Sec2

AI-powered display casting MCP server with comprehensive media support for various content types and network devices.

Setup Requirements

  • ⚠️Requires Rust 1.70+.
  • ⚠️Requires GStreamer 1.0 (system dependency) for media playback, needs manual installation on some systems. The `scripts/manage.sh` attempts to install it on Linux.
  • ⚠️Requires X11/Wayland for display control and screen mirroring functionality (due to `winit` and `xcap`).
Review RequiredView Analysis
CRITICAL: The HTTP API uses a hardcoded API key ('q8-caster-dev-key') for authentication, making it easily bypassable and highly insecure for production. The `elevated` flag allows running the server with `sudo` (root privileges) which is a significant security risk. Keycloak authentication is present but explicitly disabled/placeholder. The secrets management module is marked as `TODO` indicating a lack of secure secret handling. WASM execution is planned (`src/render/wasm.rs`) which introduces potential risks if not properly sandboxed in the future. PDF parsing (`pdfium-render`) can also be an attack vector if not kept updated.
Updated: 2025-12-01GitHub
0
0
Medium Cost
Deepak7595-dev icon

ADSMedia

by Deepak7595-dev

Sec8

Provides a comprehensive set of SDKs, plugins, bots, and integrations to facilitate transactional and marketing email sending via the ADSMedia Email API across various platforms and applications.

Setup Requirements

  • ⚠️Requires ADSMedia API Key, which is a paid service.
  • ⚠️Extensive external platform API keys and webhook secrets are required for each specific integration (e.g., Slack, Telegram, Discord, DatoCMS, Prismic, Cal.com, etc.), adding significant setup complexity depending on the desired integrations.
  • ⚠️Requires specific runtime environments (Node.js, Python, PHP, Ruby, .NET, Go, Java) depending on the chosen SDK, plugin, or webhook handler.
Verified SafeView Analysis
API keys are consistently sourced from environment variables, which is good practice. Webhook integrations largely include signature verification, though some example code snippets comment it out with a strong recommendation to enable in production. No instances of 'eval' or malicious code patterns were found. The main security concern would stem from user-side misconfiguration (e.g., exposing API keys in client-side code, not enabling webhook signature validation in production) rather than inherent vulnerabilities in the provided integration code examples.
Updated: 2026-01-19GitHub
0
0
Low Cost

my-mcp-server

by asgeirn

Sec10

This project provides MCP server tools for retrieving formatted date/time and performing addition operations using Quarkus.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) to build and run.
  • ⚠️Quarkus build process might take time and resources for native compilation.
Verified SafeView Analysis
The code is clean and does not use any obviously dangerous functions like 'eval'. It relies on standard Java/Kotlin libraries and the Quarkus framework, which are generally secure when used as intended. No obvious network risks or hardcoded secrets were found.
Updated: 2025-11-21GitHub
0
0
Low Cost
bryanesmith icon

kong-plugin-poc

by bryanesmith

Sec7

POC for routing a custom Wordle Model Context Protocol (MCP) server through a Kong Gateway plugin to a client like Windsurf.

Setup Requirements

  • ⚠️Docker required
  • ⚠️decK CLI required
Verified SafeView Analysis
The MCP HTTP Proxy executes the MCP server binary via `exec.Command`. While the `MCP_SERVER_PATH` is configurable, the project is designed for a known binary in a Dockerized environment, mitigating risks of arbitrary command injection under normal operation. CORS is set to `Access-Control-Allow-Origin: *`, which is permissive but common for POCs.
Updated: 2026-01-19GitHub
0
0
Low Cost
qwe707 icon
Sec9

Provides real-time weather information to AI agents (like Claude/Cursor) via a FastMCP server.

Setup Requirements

  • ⚠️Requires an OpenWeatherMap API Key (free tier available, but registration is needed).
  • ⚠️The 'OPENWEATHER_API_KEY' must be set as an environment variable.
Verified SafeView Analysis
The server uses environment variables for API keys, which is a good security practice. It does not use 'eval' or other inherently dangerous functions. All external calls are made via the httpx library to the OpenWeatherMap API. Input validation for the 'city' parameter is handled by the OpenWeatherMap API itself and httpx's secure request handling.
Updated: 2025-12-01GitHub
PreviousPage 384 of 713Next