Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
toms74209200 icon

mcp-maxima

by toms74209200

Sec1

Provides a Model Context Protocol (MCP) interface for the Maxima symbolic mathematics system, allowing clients to execute Maxima commands.

Setup Requirements

  • ⚠️Requires Maxima symbolic mathematics software to be installed and accessible in the system's PATH.
  • ⚠️Requires Deno 2.0.0+ or Node.js 24+ runtime environment for local execution.
Review RequiredView Analysis
The server directly embeds user-provided 'command' input (from the 'execute-maxima' tool) into a shell command for Maxima's '--batch-string' argument without explicit sanitization or escaping. This creates a critical command injection vulnerability. An attacker could potentially inject arbitrary shell commands or Maxima commands that invoke system calls (e.g., using Maxima's `system()` function) to execute arbitrary code on the host machine. This is a severe security risk.
Updated: 2026-01-15GitHub
0
0
Low Cost
ohadive icon

kit-mcp-server

by ohadive

Sec9

Enables AI assistants like Claude to securely manage email broadcasts, subscribers, and tags in Kit.com with a local-first, approval-based workflow.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher and the Claude Desktop application for integration.
  • ⚠️Manual configuration of Kit API Key and Secret (as environment variables) is required within Claude Desktop's `claude_desktop_config.json` file.
  • ⚠️The designated `DRAFTS_PATH` directory must exist on the local filesystem if local draft functionality is used (e.g., for `create_local_draft`).
Verified SafeView Analysis
The server demonstrates a strong 'security-first' approach. All write operations (creating broadcasts, adding subscribers, creating tags/tagging) require explicit user approval via an internal approval queue. Critically, 'delete_broadcast' and 'unsubscribe' operations are explicitly forbidden. API keys are loaded from environment variables (recommended to be configured in Claude Desktop config), preventing hardcoding. The 'local-first' workflow for email drafts ensures content review before any external API calls. The server runs entirely on the user's machine, limiting network exposure. No 'eval' or other dynamic code execution that could be exploited was found. The code relies on the `@modelcontextprotocol/sdk` for safe tool invocation.
Updated: 2025-11-18GitHub
0
0
Medium Cost
benitocabrerar icon

jobnimbus-mcp-remote

by benitocabrerar

Sec9

Provides an enhanced API layer for JobNimbus, offering analytics, optimization, and improved data access across various modules like CRM, financials, attachments, and project management.

Setup Requirements

  • ⚠️Requires a Redis server for caching and rate limiting (recommended for production).
  • ⚠️Requires JobNimbus API Keys (JOBNIMBUS_API_KEY_STAMFORD or JOBNIMBUS_API_KEY_GUILFORD) configured as environment variables.
  • ⚠️E2E tests require additional environment variables (TEST_JOB_ID, TEST_CONTACT_ID, RUN_E2E_TESTS=true) and are skipped by default.
Verified SafeView Analysis
The server uses standard Express security middleware (helmet, cors). API keys are extracted from headers and explicitly not stored, only passed through the request context. Rate limiting is implemented. Error handling logs are sanitized for production environments, preventing stack traces in public responses. No obvious malicious patterns, obfuscation, or direct command injections were found.
Updated: 2025-12-05GitHub
0
0
Medium Cost
povesma icon
Sec9

This server tracks and logs usage data for a Multi-Cloud Platform (MCP) into a PostgreSQL database, utilizing Claude AI for potential analysis or processing of this usage data, and exposes this functionality via a RESTful API.

Setup Requirements

  • ⚠️Requires a PostgreSQL 12+ database server.
  • ⚠️Requires a Redis server for session management.
  • ⚠️Requires an Anthropic API Key (Paid service) for AI integration.
  • ⚠️Requires proper configuration of environment variables (e.g., via a .env file).
Verified SafeView Analysis
The code itself implements common security practices, including JWT for authentication, bcrypt for password hashing, parameterized queries to prevent SQL injection, and input validation with Yup. Sensitive configurations are correctly handled via environment variables. The overall security in production will depend on the secure management of these environment variables (e.g., JWT_SECRET, ANTHROPIC_API_KEY, DATABASE_URL) and proper CORS configuration.
Updated: 2025-12-02GitHub
0
0
Medium Cost
zerovizboss icon

CVMA20-7

by zerovizboss

Sec1

A mobile Android application that facilitates remote approval of prompts and decisions generated by Claude Code sessions via a local WebSocket bridge, enhancing the developer's AI coding workflow.

Setup Requirements

  • ⚠️Requires manual setup and running of a Node.js WebSocket bridge server.
  • ⚠️Android app requires manual local IP configuration and potentially firewall adjustments for the WebSocket connection.
  • ⚠️Building the Android application from source can be complex due to Java SDK, Gradle, and Android Studio environment setup differences.
Review RequiredView Analysis
CRITICAL VULNERABILITY: The `src/lwc/queryExecutorMVP/queryExecutorMVP.js` Salesforce Lightning Web Component allows users to input and execute arbitrary JavaScript code using `new Function()`. While there are regex-based sanitization attempts (e.g., blocking `eval`, `window`, `document`), these are highly insufficient and easily bypassable. This presents a severe remote code execution vulnerability, allowing potential data exfiltration, UI manipulation, or other breaches within the Salesforce Lightning environment. Additionally, a Firebase API key is hardcoded in `firebase-config.json`, which is a security anti-pattern.
Updated: 2025-11-20GitHub
0
0
Medium Cost
Labskraft-user-create icon

AI_case_study_1

by Labskraft-user-create

Sec9

This project implements an automated, data-driven end-to-end (E2E) testing framework for an e-commerce application using Playwright and Excel for test data management.

Setup Requirements

  • ⚠️Requires Node.js (v18+)
  • ⚠️Requires Playwright browser binaries (e.g., Chromium, Firefox, WebKit) to be installed via `npx playwright install`.
  • ⚠️Requires an external Excel editor to conveniently manage test data in `testData.xlsx`.
Verified SafeView Analysis
The code uses Playwright for browser automation, including `page.evaluate()` to extract client-side context (localStorage, performance metrics). This is standard for testing frameworks and does not pose a direct server-side security risk within the framework itself. There are no hardcoded secrets, 'eval' of arbitrary user input, or suspicious network calls. File paths for Excel operations are constructed safely with `path.join`. The primary 'risk' is inherent to E2E testing, which interacts with an external (potentially untrusted) web application, but this risk is isolated to the browser context managed by Playwright during test execution and does not compromise the testing framework's host environment.
Updated: 2025-12-01GitHub
0
0
High Cost
syw2014 icon

mcp-use

by syw2014

Sec4

A full-stack framework for building Model Context Protocol (MCP) servers, clients, and AI agents in Python and TypeScript.

Setup Requirements

  • ⚠️Requires Node.js (v20+)
  • ⚠️Requires Python (v3.11+)
  • ⚠️Requires pnpm (v9+)
  • ⚠️Requires API key for LLM (e.g., OpenAI, Anthropic, Google) (Paid service)
  • ⚠️MCP Server commands can execute arbitrary Node.js packages via npx, necessitating careful sandboxing for security
Review RequiredView Analysis
The framework is designed to execute arbitrary commands (via `npx` or direct process spawning) on the host machine as part of its `MCPClient` configuration (e.g., `command` and `args` in server configs). This functionality, while core to dynamic server loading, presents a significant command injection and sandbox escape risk if the client configuration or inputs to an AI agent are not strictly validated, sanitized, and run within a highly isolated environment. The `inspector` also includes proxy capabilities that could be misused if not properly secured. Hardcoded secrets are not evident; environment variables are used for sensitive information.
Updated: 2026-01-18GitHub
0
0
Low Cost
Abhisrajput icon
Sec7

Deploys a remote Model Context Protocol (MCP) server on Cloudflare Workers, providing basic calculator functionalities without requiring authentication.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment.
  • ⚠️Requires the Cloudflare `wrangler` CLI for local development and deployment.
  • ⚠️Relies on a Cloudflare Durable Object namespace (`MCP_OBJECT`) which must be provisioned.
Verified SafeView Analysis
The server is explicitly designed 'without auth' as a demo, which inherently exposes its endpoints to the public internet. While the current calculator tools are simple and pose minimal direct risk from their logic, deploying any service without authentication carries risks of abuse, resource exhaustion, or unintended access if more sensitive tools are added later without modifying the authentication scheme. The underlying SDK might offer rate limiting, but it's not explicitly configured in the provided `src/index.ts`.
Updated: 2025-12-03GitHub
0
0
Medium Cost
babydoll1110 icon

mcp-learning-adapter

by babydoll1110

Sec7

Optimizes Model Context Protocol (MCP) server interactions by acting as a proxy that learns to filter API responses, thereby reducing token usage (up to 80%) and improving efficiency for downstream LLM clients.

Setup Requirements

  • ⚠️Requires an OpenAI API Key (Paid service) for the self-learning functionality, which must be configured in `config/servers.json`.
  • ⚠️A `config/servers.json` file needs to be manually created and configured to specify the upstream MCP server(s) the adapter should proxy.
  • ⚠️A compatible Model Context Protocol (MCP) server must be running and accessible for the adapter to connect to and optimize.
Verified SafeView Analysis
The server spawns external MCP server processes based on commands and arguments specified in `config/servers.json`. This introduces a security risk if the `servers.json` file is compromised or controlled by untrusted entities, potentially leading to arbitrary command execution. Sensitive API response data, albeit truncated to 20,000 characters, is sent to OpenAI's API for schema learning, which raises data privacy concerns for users. The OpenAI API key is currently read from `config/servers.json` rather than environment variables, which is generally less secure for managing API keys in production environments. No explicit `eval` or obvious malicious code patterns were found on untrusted input.
Updated: 2026-01-19GitHub
0
0
High Cost
Sec2

The Freebird MCP server connects Claude Desktop to Microsoft Dynamics GP via the Freebird REST API, enabling AI-powered access to ERP data like sales orders, customers, and inventory.

Setup Requirements

  • ⚠️Requires Python 3.10+ to run.
  • ⚠️Mandates specific API credentials (username/password, application ID, API key) to be configured in `~/.freebird_credentials` or environment variables.
  • ⚠️Requires manual configuration of Claude Desktop by editing `claude_desktop_config.json` (though an installer attempts to automate this).
  • ⚠️Disables SSL certificate verification for API connections, potentially exposing data to interception.
Review RequiredView Analysis
The server has critical security vulnerabilities: 1. It explicitly disables SSL/TLS certificate verification (verify=False and ssl.CERT_NONE) for all HTTPs requests via a custom TLSAdapter, making it highly susceptible to Man-in-the-Middle (MitM) attacks, even when using the production API endpoint. This is a severe risk. 2. Default API keys (X-Rincon-Application-Id, X-Rincon-REST-API-Key) are hardcoded within `freebird_client.py` and `gp_server_integration.py`, which is poor practice even if meant for a test environment, as they could be accidentally exposed or used inappropriately. The installer's prompt for `FREEBIRD_APPLICATION_ID` and `FREEBIRD_API_KEY` for `~/.freebird_credentials` does not appear to override these hardcoded values in `freebird_client.py`.
Updated: 2025-11-26GitHub
0
0
Low Cost
Michael-Obele icon

mcp-showcase

by Michael-Obele

Sec9

A SvelteKit web application showcasing Model Context Protocol (MCP) servers, providing installation commands, and tracking submission status across various registries.

Setup Requirements

  • ⚠️Requires Node.js 18+.
  • ⚠️Requires a PostgreSQL database.
  • ⚠️Environment variables `DATABASE_URL` and `ADMIN_PASSWORD` must be set.
Verified SafeView Analysis
The server uses `valibot` for input validation on its remote functions, which is good practice for preventing injection attacks. Environment variables (`ADMIN_PASSWORD`, `DATABASE_URL`) are correctly used for sensitive information, preventing hardcoding. Session management for admin access uses `httpOnly` and `secure` cookies in production, which is appropriate. No `eval` or direct command execution is observed within the server's logic. The core functionality involves displaying data and simple CRUD operations, which does not inherently present high security risks beyond standard web application vulnerabilities, which appear to be reasonably addressed.
Updated: 2026-01-16GitHub
0
0
High Cost
fwornle icon
Sec7

Performs comprehensive semantic analysis of code repositories and development activities, generating patterns and insights to build a unified knowledge base.

Setup Requirements

  • ⚠️Requires at least one LLM API key (e.g., GROQ_API_KEY, ANTHROPIC_API_KEY, OPENAI_API_KEY, GOOGLE_API_KEY) or a local Ollama instance running.
  • ⚠️Requires PlantUML executable for diagram generation.
  • ⚠️Requires Memgraph database and the `uv` (code-graph-rag) command-line tool for advanced code graph features.
Review RequiredView Analysis
The server makes extensive use of file system operations (`fs` module) and executes child processes (`git`, `plantuml`, `node workflow-runner.js`, `uv` for code-graph-rag). This is inherent to its function (analyzing local repositories) but implies significant privileges. If `repositoryPath` or workflow definitions are manipulated, this could lead to privilege escalation or arbitrary code execution. It relies on external LLM APIs and local services like Ollama/Memgraph, which may have their own security considerations (rate limiting, data privacy, unexpected responses). Internal workflow conditions use `new Function()` (similar to `eval`), which is generally risky but used within trusted configuration.
Updated: 2026-01-15GitHub
PreviousPage 396 of 713Next