Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Lovee93 icon
Sec7

An AI agent that provides weather forecasts for US locations by geocoding user input, fetching weather data, and optionally sending activity recommendations to an AWS SNS topic.

Setup Requirements

  • ⚠️Requires `GOOGLE_MAPS_API_KEY` environment variable set (Google Maps API is typically a paid service).
  • ⚠️Requires AWS credentials configured for the `personal` profile with permissions to publish to `arn:aws:sns:ap-southeast-2:123456789:weather` (or a similar SNS topic).
  • ⚠️The Node.js-based `weather_mcp_server` must be built (`npm install && npm run build` in `weather_mcp_server` directory) and its `build/index.js` path correctly specified in `weather_adk_python/agent.py`.
  • ⚠️Requires Node.js, npm/uvx/npx to be installed on the host system to run the MCP servers.
Verified SafeView Analysis
The agent relies on `npx` and `uvx` to download and execute external MCP servers (`@modelcontextprotocol/server-google-maps` and `awslabs.amazon-sns-sqs-mcp-server@latest`) at runtime. While these appear to be official sources, dynamically executing external packages always carries a supply chain risk if the packages themselves were to be compromised. Input validation for latitude/longitude is performed using Zod in the local weather server. Environment variables are used for sensitive keys, which is good practice. The `AWS_PROFILE` is hardcoded to 'personal', relying on pre-configured AWS credentials on the host machine.
Updated: 2026-01-19GitHub
0
0
Low Cost
waleedkhanbaloch icon

claude-code-safety-net

by waleedkhanbaloch

Sec9

The application acts as a safety shield for AI coding agents, preventing the execution of harmful Git and filesystem commands to protect user data and systems.

Setup Requirements

  • ⚠️Requires Bun runtime and package manager for development and local execution of scripts.
  • ⚠️Requires Node.js and npm/npx for `cc-safety-net` CLI wrapper execution (e.g., within Claude Code hooks).
  • ⚠️Designed to run as a plugin/hook within AI coding environments like Claude Code or OpenCode.
Verified SafeView Analysis
The project is explicitly designed for security, implementing defense-in-depth measures such as strict and paranoid modes, recursive command analysis for nested shell calls (e.g., `bash -c`), detection of dangerous interpreter one-liners, and audit logging with secret redaction. Input parsing for hooks uses `JSON.parse` and tokenization relies on `shell-quote`, which is used with precautions (e.g., `ENV_PROXY` to prevent premature variable expansion). Path sanitization is performed for audit log filenames. While shell parsing is inherently complex and can hide subtle bypasses, the comprehensive set of rules and defensive coding practices indicate a strong focus on safety. The plugin operates locally and does not introduce external network risks during command analysis.
Updated: 2026-01-19GitHub
0
0
Medium Cost
changju784 icon

chi311-mcp-server

by changju784

Sec3

Automate the submission of Chicago 311 service requests via web browser automation, exposed as an API for LLM agents.

Setup Requirements

  • ⚠️Requires Python 3.12+ and Playwright browser installation (`python -m playwright install`).
  • ⚠️By default, form submissions run in 'dry-run' mode; enabling full submission requires setting specific environment variables (`CHI311_FULL_SUBMIT=true`), which is explicitly warned as dangerous without further security measures.
  • ⚠️Default CORS policy (`allow_origins=["*"]`) makes the server unsafe for public exposure without modification and adding API key protection.
Review RequiredView Analysis
The server uses `allow_origins=["*"]` for CORS, which is a significant security risk for public deployment. Critical endpoints like `/mcp/submit_311_request`, `/mcp/tools/fetch`, and `/sse/broadcast` are unauthenticated by default. The `/mcp/tools/fetch` endpoint can expose module source code and JSON schemas publicly. The `submit_311_request` endpoint, if `CHI311_FULL_SUBMIT` is enabled, can trigger actual form submissions without default authentication or rate-limiting, posing a risk of abuse. The README explicitly warns about these risks but the default configuration does not mitigate them.
Updated: 2025-12-12GitHub
0
0
Medium Cost
Steve-651 icon

mcp-youtube

by Steve-651

Sec8

Extracts YouTube video transcripts and metadata for AI analysis within Claude Desktop.

Setup Requirements

  • ⚠️Requires yt-dlp to be installed and available in your system PATH.
  • ⚠️Requires Node.js v16.0.0 or later.
  • ⚠️Transcripts are saved to a local folder (defaults to `~/youtube-transcripts`), which is configurable by the user.
Verified SafeView Analysis
The server uses `child_process.execFile` to invoke `yt-dlp`. This is safer than `exec` as it prevents shell injection by design, and arguments are managed internally. No hardcoded secrets or direct 'eval' calls were found. The primary security consideration is the reliance on the externally installed `yt-dlp` utility and the user-configurable `TRANSCRIPTS_FOLDER` which could be set to a sensitive location by the user, though the application itself does not expose these files over a network.
Updated: 2025-12-15GitHub
0
0
Low Cost
hanydd icon
Sec7

A Dockerized platform for orchestrating and exposing multiple Python-based Micro-Agent servers (FastMCP tools) through a single Nginx reverse proxy.

Setup Requirements

  • ⚠️Docker required
  • ⚠️Relies on the mcp.server.fastmcp framework
  • ⚠️Dynamically modifies Python scripts and Nginx configuration at startup
Verified SafeView Analysis
The system dynamically modifies Python scripts via AST manipulation and executes them in separate processes. It also generates and runs Nginx configuration based on scanned filenames. While performed on internal, presumably trusted, source files, this dynamic execution environment requires careful management of the `/app/mcp` directory contents. Open CORS headers (`Access-Control-Allow-Origin: *`) are used. No 'eval' or hardcoded secrets found.
Updated: 2025-11-19GitHub
0
0
Low Cost
ecociel icon

mcp-app-python

by ecociel

Sec8

Develop and test custom OpenAI (ChatGPT) App Widgets, demonstrating both plain HTML and React-based UI components served by a minimal Python MCP server.

Setup Requirements

  • ⚠️Requires Python 3.x and specific packages (`mcp`, `fastmcp`, `uvicorn`, `pydantic`) installed via pip.
  • ⚠️Requires Node.js and npm for building the React widget. The `npm run build-widgets` command must be executed before running `server.py`.
  • ⚠️For testing with ChatGPT, the local server needs to be exposed to the public internet using a tool like ngrok.
Verified SafeView Analysis
The Python server code (both server.py and server-html.py) appears robust, handling file reads and HTTP requests without obvious direct vulnerabilities like `eval` or command injection. The `load_html` function in `server.py` involves string manipulation to inline JS/CSS and move script tags for self-contained widget embedding; while this carries an inherent, albeit small, risk if not perfectly implemented, it's for known build artifacts. Client-side widgets are expected to read `window.openai.toolOutput`; developers should ensure proper sanitization/escaping if rendering dynamic content directly as HTML within the widget. The example React widget uses `JSON.stringify` and direct text injection for the 'pizzaTopping', which are generally safe. The client environments (e.g., ChatGPT, MCP Inspector) are expected to sandbox these widgets.
Updated: 2025-12-23GitHub
0
0
Medium Cost
Adrie-coder icon

jlcpcb-parts-mcp

by Adrie-coder

Sec9

Assists users in finding electronic components compatible with JLCPCB PCBA services by querying a local database.

Setup Requirements

  • ⚠️Requires JLCPCB_DB_PATH environment variable to be set to a valid SQLite database file.
  • ⚠️The SQLite database needs to be populated with JLCPCB parts data, likely from the 'jlcparts' project.
  • ⚠️Requires Python 3.x and pip for dependency management.
Verified SafeView Analysis
The server uses parameterized SQL queries to prevent SQL injection vulnerabilities. The database path is loaded from an environment variable (JLCPCB_DB_PATH), which is good practice. Image fetching from external URLs relies on data stored in the database; trust in the data source (jlcparts project) is implied to prevent potential SSRF via malicious URLs.
Updated: 2026-01-19GitHub
0
0
Medium Cost
otsuboyumeto icon

line-mcp-server

by otsuboyumeto

Sec8

An MCP (Multi-Agent Communication Protocol) server for sending messages to LINE groups and personal chats, primarily for integration with an agent system like Manus.

Setup Requirements

  • ⚠️Requires a LINE Messaging API Channel setup, including obtaining a Channel Access Token.
  • ⚠️Requires a LINE Group ID or a LINE User ID for messaging targets. These IDs need to be manually retrieved.
  • ⚠️The server must be publicly accessible (e.g., deployed on Render or exposed via ngrok) for LINE webhooks to function and for an MCP client to connect.
Verified SafeView Analysis
The server properly uses environment variables for sensitive information (LINE_CHANNEL_ACCESS_TOKEN, LINE_GROUP_ID, PERSONAL_USER_ID), which is a good practice. There are no clear 'eval' calls, code injection points, or hardcoded secrets found. Input validation is present for required message parameters. The logging of webhook bodies should be handled with care in production to avoid exposing sensitive user data, though it's standard for debugging.
Updated: 2025-12-01GitHub
0
0
Low Cost

adhd-tasks-mcp

by transform-ia

Sec9

Provides a GraphQL interface for managing ADHD tasks, bridging LLM agents to a Hasura/PostgreSQL backend.

Setup Requirements

  • ⚠️Requires a running Hasura GraphQL endpoint with the 'adhd-tasks' schema.
  • ⚠️Requires a Kubernetes environment for deployment via the provided Helm chart, or manual setup of the Go application with environment variables.
  • ⚠️The HASURA_ADMIN_SECRET must be securely managed, typically via Kubernetes secrets.
Verified SafeView Analysis
The code appears to be well-structured and follows standard Go practices. No 'eval' or similar dangerous patterns were found. The primary security consideration is the secure management of the HASURA_ADMIN_SECRET, which is handled via Kubernetes secrets, a good practice. The use of standard libraries and the absence of obfuscation suggest a safe codebase.
Updated: 2025-11-22GitHub
0
0
Medium Cost
schwarztim icon

web-search-mcp

by schwarztim

Sec4

Provides web search and page content fetching capabilities using DuckDuckGo for LLM proxies via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Node.js (v18+)
  • ⚠️Requires careful network isolation (e.g., containerized environment with egress filtering) due to SSRF vulnerability in `fetch_page` tool, which can access arbitrary URLs.
Review RequiredView Analysis
The `fetch_page` tool allows fetching arbitrary user-provided URLs. This introduces a significant Server-Side Request Forgery (SSRF) risk, enabling potential access to internal network resources, port scanning, or DoS attacks if the server is not deployed in a strictly isolated environment with egress filtering. Although there is a 10-second timeout on requests, it does not mitigate the core SSRF vulnerability. The HTML scraping for search results is robust enough but relies on regex, which can be brittle to changes in DuckDuckGo's HTML structure. No 'eval' or hardcoded secrets were found.
Updated: 2026-01-16GitHub
0
0
Low Cost
nicholaswilde icon

rescue-groups-mcp

by nicholaswilde

Sec9

Provides a Model Context Protocol (MCP) server for AI assistants (like Claude) to search for adoptable pets, list breeds, and find rescue organizations using the RescueGroups.org API.

Setup Requirements

  • ⚠️Requires a RescueGroups API Key (requires registration and approval from RescueGroups.org).
  • ⚠️Requires Rust toolchain if not running via Docker.
  • ⚠️API key must be provided via environment variable (RESCUE_GROUPS_API_KEY) or a configuration file (config.toml, config.yaml, or config.json).
Verified SafeView Analysis
API keys are handled via environment variables or configuration files, not hardcoded. Optional bearer token authentication is available for HTTP mode. Uses structured logging for errors and warnings, preventing sensitive information leakage to clients. Relies on `reqwest` for secure HTTP communication. Overall robust error handling and input validation patterns.
Updated: 2026-01-18GitHub
0
0
Medium Cost
davidpham87 icon

mcp-bb-clj

by davidpham87

Sec7

Provides an MCP (Model Context Protocol) server and client, implemented in Babashka Clojure, offering a suite of code-centric tools for formatting, linting, and schema validation.

Setup Requirements

  • ⚠️Babashka must be installed on the system.
  • ⚠️The 'clj-kondo' binary must be installed and available in the system PATH for the corresponding tool to function.
Verified SafeView Analysis
The 'clj-kondo' tool relies on an external binary that must be installed and available in the system PATH, introducing a dependency on the security and trustworthiness of that binary. The server exposes functionality via HTTP, requiring standard network security practices for deployment. No 'eval' or obvious malicious patterns were identified in the provided code snippet.
Updated: 2025-11-25GitHub
PreviousPage 400 of 713Next