Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Aaronxx icon
Sec1

Provides a backend service for integrating applications with the WeChat platform.

Setup Requirements

  • ⚠️Requires WeChat Developer account and application credentials (AppID, AppSecret, Token).
  • ⚠️Specific runtime environment (e.g., Node.js, Python, Java) needs to be installed, but it is not specified in the provided information.
Review RequiredView Analysis
Cannot perform a comprehensive security audit as no source code was provided for analysis. Therefore, risks like 'eval', hardcoded secrets, or network vulnerabilities could exist unbeknownst. The low score reflects the inability to verify safety due to lack of visibility into the code.
Updated: 2025-11-19GitHub
0
0
Low Cost
samaye-pro icon

mcp-server

by samaye-pro

Sec4

Demonstrates a Model Context Protocol (MCP) WebSocket server in Go for bidirectional JSON messaging and executing predefined tools.

Setup Requirements

  • ⚠️Requires Go 1.24.4+ runtime
Verified SafeView Analysis
The server's `websocket.Upgrader` is configured with `CheckOrigin: func(r *http.Request) bool { return true }`, which disables origin checking. This makes the WebSocket server vulnerable to Cross-Site WebSocket Hijacking (CSWSH) attacks if deployed in a production environment without proper remediation. While acceptable for a local demo, it's a critical security flaw for anything beyond that. There are no obvious hardcoded secrets, 'eval' equivalents, or other direct code execution vulnerabilities.
Updated: 2025-11-27GitHub
0
0
Medium Cost
moxus icon
Sec9

Provide AI agents access to Intervals.icu data for fitness tracking, activity management, and calendar events.

Setup Requirements

  • ⚠️Requires Intervals.icu API Key (obtained from Intervals.icu website)
  • ⚠️Requires Intervals.icu Athlete ID (obtained from Intervals.icu website)
  • ⚠️Requires a Node.js runtime environment (version 18+ is recommended by dependencies)
Verified SafeView Analysis
The server securely retrieves API credentials (key and athlete ID) from environment variables, preventing hardcoding. Input and output data are rigorously validated using Zod schemas, enhancing robustness and protecting against malformed requests. API interactions are handled via Axios with basic authentication, a standard and secure method for this type of API. No 'eval' or direct arbitrary code execution vectors were identified, making the core logic safe. The reliance on `cross-spawn` (indirectly via `@modelcontextprotocol/sdk`) is for process management and not for executing user-controlled input.
Updated: 2025-12-14GitHub
0
0
Medium Cost
Sunalamye icon

mcp-claude-node

by Sunalamye

Sec9

Acts as an MCP (Model Context Protocol) server wrapping the Claude Code CLI, enabling parallel and robust execution of Claude AI requests for code generation and editing tasks.

Setup Requirements

  • ⚠️Requires `claude` CLI to be installed and configured on the system.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Assumes the `claude` CLI is configured with a valid Anthropic API key for AI requests.
Verified SafeView Analysis
The server uses `node:child_process.spawn` to execute the `claude` CLI. Arguments passed to `spawn` are constructed from validated tool parameters, including specific disallowed tools to prevent certain commands. Communication is via `stdio`, limiting network exposure. The server also implements recursion depth limits (`MCP_CLAUDE_DEPTH`) to prevent infinite subprocess spawning. The `--dangerously-skip-permissions` flag is passed to the underlying `claude` CLI; while it implies broader AI permissions, it's a feature of the CLI being wrapped, not a vulnerability introduced by this server's implementation. No direct `eval` or hardcoded secrets are present.
Updated: 2025-11-30GitHub
0
0
Medium Cost
Slaycaster icon
Sec9

Extracts key frames from Loom videos or local video files to assist with debugging and analysis in Claude Code.

Setup Requirements

  • ⚠️Docker required for deployment
  • ⚠️Requires Python 3.11 or newer
  • ⚠️Requires network access to download videos from URLs
  • ⚠️Requires host directories `~/loom-videos` (read-only input) and `~/loom-frames` (read-write output) to be available
Verified SafeView Analysis
The server uses `subprocess.run` to execute external tools (`yt-dlp` and `ffmpeg`). Commands are passed as lists of arguments, which mitigates common shell injection vulnerabilities. Network access is required for downloading videos from URLs, which is inherent to the tool's functionality. Local video input directory (`~/loom-videos`) is mounted as read-only, enhancing security. The output directory (`~/loom-frames`) is read-write, as expected.
Updated: 2025-12-15GitHub
0
0
Medium Cost
mako10k icon
Sec7

Dynamically generates context-relevant instructions for LLMs to prevent attention dispersion and maintain focus during development.

Setup Requirements

  • ⚠️Node.js 18+ required.
  • ⚠️Requires a compatible MCP client (e.g., Claude Desktop, VS Code with GitHub Copilot).
  • ⚠️Existing monolithic `.github/copilot-instructions.md` will trigger 'Restricted Mode' and require an interactive `onboarding` migration process.
Verified SafeView Analysis
The server performs extensive file system operations (e.g., overwriting `.github/copilot-instructions.md`) and executes Git commands via `child_process.exec`. While current Git command arguments appear safely constructed, `exec` is a powerful primitive. Critical actions like migration and rollback require explicit user elicitation/approval. A file-based locking mechanism (`.copilot-state/.lock`) is in place to prevent concurrent modifications, enhancing integrity.
Updated: 2025-12-03GitHub
0
0
Medium Cost
andersoncarmona913 icon

Agentic-Kubernetes-CLI

by andersoncarmona913

Sec3

Translates natural language prompts into executable kubectl commands for Kubernetes cluster management.

Setup Requirements

  • ⚠️Requires AWS Account and configured AWS credentials with Bedrock access.
  • ⚠️Kubectl command-line tool must be installed and configured to access a Kubernetes cluster.
  • ⚠️Python 3.x with 'strands' and 'mcp' libraries installed.
Review RequiredView Analysis
The MCP server directly executes 'kubectl' commands generated by the AI agent based on user input. While 'shlex.split' is used to mitigate basic shell injection, the 'validate_kubectl_command' function in 'k8s_cli_mcp_server.py' explicitly allows dangerous 'delete', 'drain', and 'cordon' operations to 'pass' without actual validation or user confirmation by the tool itself. The system relies on the LLM's prompt to 'confirm the command with the user first' for destructive operations, which is not a robust security mechanism. A confused or malicious LLM could issue highly destructive commands without sufficient guardrails, posing a significant risk to the Kubernetes cluster.
Updated: 2026-01-19GitHub
0
0
Low Cost
SeanAtsatt icon

mcpManager

by SeanAtsatt

Sec6

Manages Model Context Protocol (MCP) servers dynamically and per-project within the Claude Code environment.

Setup Requirements

  • ⚠️Requires Claude Code CLI to be installed and available in PATH.
  • ⚠️Requires Docker Desktop to be running for Docker-based MCPs.
  • ⚠️Requires Python 3.x for script execution and JSON/YAML parsing.
  • ⚠️Users must manually `source ~/.config/claude-mcp/mcp-helpers.sh` in their shell configuration (`.zshrc`, `.bashrc`) to enable shell helpers.
Review RequiredView Analysis
The system's core function involves executing commands and arguments defined in configuration files (`.mcp.json`, `.docker-mcp.yaml`, `registry.json`) via external tools like `claude mcp` and `docker mcp`. If these configuration files are tampered with or if malicious MCP definitions (e.g., from an untrusted catalog source) are introduced into the `command` or `args` fields, arbitrary commands could be executed. There is no direct use of 'eval' but shell commands are constructed and executed, which poses an inherent risk if the input source is not fully trusted. The `docker-compose.yml` contains a hardcoded `POSTGRES_PASSWORD` for local development, which is not a risk for the manager itself but could be for projects using that specific configuration.
Updated: 2026-01-03GitHub
0
0
Medium Cost
Maheshnath09 icon
Sec9

Serves as an AI-powered automation hub to manage tasks, calendars, spreadsheets, and emails across Notion and Google Workspace.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with Sheets, Calendar, and Gmail APIs enabled (manual setup is needed).
  • ⚠️Requires a Notion Integration token and a Notion Database ID (manual setup and sharing is needed).
  • ⚠️Google OAuth requires an initial interactive browser login to generate `token.json`; this file must be pre-generated for non-interactive Docker runs.
Verified SafeView Analysis
The server uses environment variables (NOTION_API_KEY, NOTION_DATABASE_ID) for Notion credentials and Google's OAuth flow with `credentials.json` and `token.json` for Google services, which is a standard and secure practice. All external API calls are made via `httpx` with proper error handling. No 'eval' or obvious obfuscation was found. Sensitive files (`credentials.json`, `token.json`, `.env`) are expected to be managed securely by the user.
Updated: 2025-11-24GitHub
0
0
Medium Cost
pengfeiJoker icon

mcp-server-chart-bach

by pengfeiJoker

Sec8

A Model Context Protocol server for generating charts and performing data analysis using AntV visualization tools.

Setup Requirements

  • ⚠️Requires access to an external AntV visualization service (default provided, but private deployment requires self-hosting AntV GPT-Vis-SSR, which does not support geographic charts).
  • ⚠️Geographic map generation is limited to data within China and relies on AMap service.
  • ⚠️Recording chart generation requires a service ID obtained via a specific Alipay mini-program, adding a non-standard setup step for full functionality.
Verified SafeView Analysis
The server uses `axios` to make outbound requests to `VIS_REQUEST_SERVER` (defaulting to AntV's service). While the default is trusted, if `VIS_REQUEST_SERVER` is configured via an environment variable to point to an untrusted endpoint, data could be sent to a malicious server. Input validation is performed using Zod, which helps mitigate injection risks for chart arguments. The streamable HTTP transport uses a wide-open CORS policy (`origin: '*'`), common for public APIs, but should be considered if deploying in a sensitive internal network without proper access control.
Updated: 2025-11-20GitHub
0
0
Low Cost
sasanka0212 icon
Sec8

A Micro-Capability Platform (MCP) server for tracking personal expenses, allowing users to add, list, and summarize expenditures through a defined API.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Expense data is stored in a temporary directory (`tempfile.gettempdir()`) and will be lost on system reboot or cleanup, making it unsuitable for persistent data storage without modification.
  • ⚠️The `pyproject.toml` lists 'aisqlite>=1.1.0' which appears to be a typo and might cause dependency resolution issues or install an unintended package, as 'aiosqlite' is also correctly listed.
Verified SafeView Analysis
The server correctly uses parameterized SQL queries to prevent SQL injection. No 'eval' statements or obvious hardcoded secrets were found. It runs on '0.0.0.0', making it externally accessible; if deployed publicly, proper network security (e.g., firewall, reverse proxy, access control) is recommended. The database path uses a temporary directory, which is safe from overwriting critical system files but means data is ephemeral.
Updated: 2025-12-01GitHub
0
0
High Cost
Cuse-AI icon
Sec8

An AI-powered music recommendation system that creates emotionally intelligent playlists by mapping songs to a 2D emotional manifold, using human-sourced comments for AI training and analysis.

Setup Requirements

  • ⚠️Requires Anthropic API Key (Paid) for Claude API, which is explicitly noted as 'EXPENSIVE - be careful!'.
  • ⚠️Requires Spotify API Client ID and Secret (free tier available, but usage limits apply).
  • ⚠️Requires Reddit API credentials (Client ID, Client Secret, User Agent).
  • ⚠️Requires Google API Key for YouTube (free tier available, but usage limits apply).
  • ⚠️Local development on Windows may encounter 'node_modules' permissions issues, as noted in internal documentation.
Verified SafeView Analysis
API keys for Spotify, Anthropic, Reddit, and Google (YouTube) are managed via environment variables, which is good practice. Input validation is performed using 'zod' for API endpoints to mitigate common injection risks. Data scraping from external sources (Reddit, YouTube) inherently carries risks related to content quality, but a 'UnifiedQualityFilter' is in place. No 'eval' or obvious malicious patterns found.
Updated: 2026-01-06GitHub
PreviousPage 391 of 713Next