Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
HafsaMudassar icon

apifox-mcp

by HafsaMudassar

Sec9

Simplifies Apifox project management by allowing AI assistants to create, update, and audit API interfaces and data models.

Setup Requirements

  • ⚠️Requires an Apifox API Token (APIFOX_TOKEN) with sufficient permissions for the target project.
  • ⚠️Requires an Apifox Project ID (APIFOX_PROJECT_ID) to specify which project to manage.
  • ⚠️Requires Python 3.10 or newer.
Verified SafeView Analysis
The server correctly uses environment variables for sensitive API tokens (`APIFOX_TOKEN`, `APIFOX_PROJECT_ID`), avoiding hardcoding. It leverages the `requests` library for external HTTP communication to the Apifox API. No `eval()` or explicit command injection points from user input were found in the provided code snippets. The tool's operations involve importing OpenAPI specifications, which are constructed internally as Python dictionaries and then serialized to JSON, mitigating risks associated with arbitrary string execution. The security score reflects confidence in the provided code, assuming the Apifox platform itself is secure and credentials are handled appropriately by the user and underlying system.
Updated: 2026-01-19GitHub
0
0
Medium Cost
getlokiui icon
Sec9

An MCP server for AI assistants to grade, generate, and validate UI components against the components.build specification.

Setup Requirements

  • ⚠️Requires integration with a Claude client (e.g., Claude Desktop, Claude Code) via a specific JSON configuration file.
  • ⚠️Component generation templates are currently limited to React + TypeScript.
Verified SafeView Analysis
The server's core functionality involves analyzing and generating code. Critical analysis confirms that `gradeComponent` performs static code analysis using regular expressions and string operations, not dynamic code execution. `generateComponent` functions return hardcoded string templates. No use of `eval` or similar dangerous functions was found. The public HTTP API, while having CORS enabled with `*`, exposes operations that are inherently safe for arbitrary user-provided code.
Updated: 2025-12-03GitHub
0
0
Low Cost
liruiying728 icon

mcd-coupon-assistant

by liruiying728

Sec8

A modern web application for managing and claiming McDonald's discount coupons via the official McDonald's Platform (MCP) Server.

Setup Requirements

  • ⚠️Requires a manual, multi-step process to obtain a McDonald's MCP Token from the official MCP website.
  • ⚠️Requires Node.js (>=16.0.0) and npm (>=7.0.0) for local development and setup.
  • ⚠️The MCP Token is stored in the browser's local storage, which means its security is tied to the browser's security and client-side practices.
Verified SafeView Analysis
The application uses a Netlify Function as a proxy to forward requests to the McDonald's MCP Server, addressing CORS issues. API requests and responses are handled over HTTPS using JSON-RPC, with appropriate error handling for status codes like 401 (invalid token) and 429 (rate limit). The user-provided MCP Token is stored in the browser's local storage, which is a common client-side storage mechanism. The README explicitly warns users to keep their token safe, highlighting the client-side security responsibility. No hardcoded secrets, `eval` usage, or overt malicious patterns were detected in the provided source code.
Updated: 2026-01-17GitHub
0
0
Low Cost
adefemi171 icon

yaml2mcp

by adefemi171

Sec9

Manage Model Context Protocol (MCP) servers using YAML configuration files within VS Code, automatically transpiling to JSON for IDE compatibility.

Setup Requirements

  • ⚠️Requires an open VS Code workspace folder to function, as configuration paths are workspace-relative.
  • ⚠️Relies on system commands (e.g., `node`, `python`) being installed and available in the environment's PATH for 'stdio' type servers specified in `mcp.yaml`.
  • ⚠️The `mcp.yaml` configuration file needs to be present in the configured path (`${workspaceFolder}/mcp.yaml` by default), or a new default file will be created upon opening/refreshing the config.
Verified SafeView Analysis
The extension's core functionality involves executing user-defined commands from the `mcp.yaml` file via `child_process.spawn`. This design inherently allows for arbitrary code execution if the `mcp.yaml` file is maliciously crafted or untrusted. However, for a developer tool that explicitly aims to manage and run local processes, this is an expected and necessary feature, not a vulnerability in the extension's code itself. There are no indications of direct `eval`, obfuscation, hardcoded secrets, or unintended network risks in the provided source code. The security posture relies on the user trusting their own configuration files.
Updated: 2025-12-05GitHub
0
0
Medium Cost
hil-basne-bragan icon

protocol18

by hil-basne-bragan

Sec4

An MCP server for AI-assisted MySQL database management, monitoring, and SQL execution with resumability features.

Setup Requirements

  • ⚠️Requires a running MySQL server.
  • ⚠️Requires careful configuration of database connection details (`db_config`) to avoid using default root access with no password.
  • ⚠️Python environment with `mysql-connector-python`, `sqlalchemy`, and `mcp` libraries.
  • ⚠️Implied integration with an LLM for full prompt functionality, potentially requiring an API key or local LLM setup.
Review RequiredView Analysis
The server executes user-provided SQL queries directly after performing regex-based permission checks. Regex parsing of SQL for security is prone to bypasses and potential SQL injection, allowing unauthorized actions. Default database connection parameters (e.g., 'root' user, empty password) in `create_mysql_pool` if external configuration is missing pose a significant risk.
Updated: 2025-11-26GitHub
0
0
Medium Cost
HuangJingwang icon

ChatBot-MCP

by HuangJingwang

Sec4

A frontend AI chatbot application supporting multiple AI models and tool integration via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a paid API key for OpenAI, Claude, or a custom/local/MCP AI service.
  • ⚠️Requires external MCP (Model Context Protocol) server and/or server-side memory service to be running for full functionality.
  • ⚠️The `VITE_MCP_COOKIE_ID` environment variable is critical for authentication with MCP and server memory, and a hardcoded default exists which may pose a security risk if not overridden or properly handled.
Review RequiredView Analysis
The `src/services/authService.js` file contains a hardcoded default `cookieId` ('65921143afdf8e07dbf16189') which is used if `localStorage` doesn't provide one. This ID is crucial for authentication with MCP and server memory services, and hardcoding a default authentication identifier is a significant security vulnerability, potentially allowing unauthorized access or session hijacking if not properly managed or if the backend accepts this default as valid for multiple users. Additionally, while `JSON.parse` itself is not inherently dangerous, its extensive use on `toolCall.function.arguments` (from AI responses) and extracted user message values (`extractValueFromMessage`) requires rigorous server-side validation on the MCP service to prevent malformed JSON inputs from causing unexpected behavior or denial of service.
Updated: 2025-11-27GitHub
0
0
Low Cost
featureflow icon

featureflow-mcp

by featureflow

Sec9

This server enables AI assistants to manage Featureflow feature flags, projects, environments, and other configurations through the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a Featureflow account and a Personal Access Token or JWT.
  • ⚠️Requires Node.js version 18 or higher to run.
Verified SafeView Analysis
The server correctly retrieves API keys from environment variables. API interactions are confined to predefined Featureflow API endpoints. No 'eval' or similar dynamic code execution is observed. Arguments are passed directly to API calls; while the input schema provides some validation, the server itself doesn't implement extensive sanitization beyond what the Featureflow API expects, which is standard for an API client.
Updated: 2026-01-11GitHub
0
0
Low Cost
Harikrishnan46624 icon

WHATSAPP-MCP-SERVER

by Harikrishnan46624

Sec8

A production-grade Model Context Protocol (MCP) server for the WhatsApp Cloud API, designed for agent-first workflows.

Setup Requirements

  • ⚠️Python >= 3.14 required
  • ⚠️Requires WhatsApp Cloud API credentials (Phone Number ID, Access Token)
  • ⚠️Requires MCP API Token for server authentication
Verified SafeView Analysis
The server correctly loads `MCP_API_TOKEN` from environment variables. WhatsApp credentials are passed via request headers and stored in a session-scoped dictionary in memory (`_session_creds`), which is appropriate for per-request authentication and multi-tenancy. No `eval` or other dangerous functions were found. The use of `httpx` for external API calls is standard. Assuming FastMCP's session ID management is robust, the in-memory storage of WhatsApp credentials within a session context is acceptable.
Updated: 2026-01-19GitHub
0
0
High Cost
Cronos402 icon

openapi-mcp

by Cronos402

Sec3

Converts OpenAPI specifications into MCP-compatible API endpoints, providing a universal adapter for AI agents to interact with any HTTP API.

Setup Requirements

  • ⚠️Requires pnpm package manager for installation and execution.
  • ⚠️The server will make outbound network requests to user-provided OpenAPI specification URLs and the APIs they define, requiring appropriate network access and firewall configuration. Be aware that the `url` parameter allows fetching from arbitrary external (and potentially internal) sources.
  • ⚠️For every incoming MCP tool invocation, the server re-fetches and re-parses the entire OpenAPI specification from the provided URL, leading to significant performance overhead and increased network/CPU usage per request. This design does not cache the OpenAPI spec or generated tools.
Review RequiredView Analysis
CRITICAL: The server is vulnerable to Server-Side Request Forgery (SSRF) because it fetches arbitrary OpenAPI specification URLs provided by the user via the `url` query parameter. An attacker could use this to scan internal networks, access cloud metadata services (e.g., AWS EC2 metadata), or interact with other unauthorized internal resources from the server's perspective. The `getToolsFromOpenApi` and initial `fetch` operations are performed without validating the `url` parameter against a whitelist or restricting its scope. While internal processing uses Zod for parameter validation and some header sanitization, the initial fetching of the spec itself poses a severe risk. There are no apparent hardcoded secrets or direct command injection vulnerabilities.
Updated: 2026-01-19GitHub
0
0
Medium Cost
sycbs4t2dx-hue icon

mcp-enterprise-server

by sycbs4t2dx-hue

Sec3

The MCP Enterprise Server provides an AI-powered system for intelligent memory management, code knowledge graph generation, project context tracking, hallucination detection, and code quality assurance to assist developers in their coding workflows.

Setup Requirements

  • ⚠️Requires a MySQL database for persistent storage.
  • ⚠️Requires a Redis server for caching and short-term memory.
  • ⚠️Requires a Milvus vector database (or FAISS) for semantic search.
  • ⚠️Requires an Anthropic or OpenAI API key for AI functionalities (paid service).
  • ⚠️Requires downloading Hugging Face models (e.g., sentence-transformers) for embedding generation, which can be large.
  • ⚠️May require additional language-specific dependencies like `javalang` for Java code analysis.
  • ⚠️Python 3.9 or higher is needed (based on CI configuration).
Review RequiredView Analysis
CRITICAL: The default JWT `secret_key` in `src/mcp_core/common/config.py` is 'change-this-in-production-use-a-32-char-min-key'. This is a severe vulnerability if used in production. Replace it immediately with a strong, randomly generated key. The server uses `os.system` and `subprocess.run` calls (e.g., for database creation and Git hooks) which, while functional, introduce potential command injection risks if inputs are not meticulously sanitized. Ensure that all user-supplied paths and arguments passed to these commands are rigorously validated. The inclusion of `python3 -c "..."` in a Git hook is also a powerful execution vector that demands careful auditing and sandboxing.
Updated: 2025-11-23GitHub
0
0
Low Cost
cardmagic icon

reminders

by cardmagic

Sec8

Fuzzy search, browse, create, and complete Apple Reminders from the command line or as an MCP server on macOS.

Setup Requirements

  • ⚠️Requires macOS (uses Apple Reminders database and AppleScript)
  • ⚠️Requires Node.js 22+
  • ⚠️Requires 'Full Disk Access' permission for the terminal application to read the Reminders database
Verified SafeView Analysis
The server primarily interacts with Apple Reminders via `osascript`, which executes AppleScript. While `osascript` can be a vector for code execution, the tool carefully sanitizes user-provided input (e.g., reminder titles, notes) via `escapeAppleScript` before embedding it into the script. The core AppleScript logic is hardcoded within the application, limiting arbitrary command injection. It requires 'Full Disk Access' permission for the terminal, which is necessary to read Apple's Reminders database but represents a significant trust requirement from the user. Communication for the MCP server is over standard I/O (stdio), minimizing network attack surface. No hardcoded secrets or obvious malicious patterns were found.
Updated: 2026-01-18GitHub
0
0
Medium Cost

mcp-nextcloud

by fastbs

Sec8

Automates Nextcloud actions across notes, calendar, contacts, tables, and files via LLM integration.

Setup Requirements

  • ⚠️Requires Node.js 18+
  • ⚠️Requires access to a Nextcloud instance
  • ⚠️Requires a Nextcloud App Password for secure authentication
Verified SafeView Analysis
Interacts with an external Nextcloud instance using provided credentials. The project explicitly advises using Nextcloud app passwords for enhanced security. No explicit 'eval' or severe network risks observed in the provided context, but security relies on the Nextcloud instance's configuration and credential management.
Updated: 2025-11-20GitHub
PreviousPage 387 of 713Next