Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
oshin-prakash icon
Sec7

Integrates Azure AI Agents with the Microsoft Learn MCP server to search documentation and provide tool-enhanced responses.

Setup Requirements

  • ⚠️Requires an Azure subscription with AI Agents enabled (potentially paid).
  • ⚠️Requires access to the Microsoft Learn MCP server.
  • ⚠️Requires Azure CLI or VS Code logged-in identity for authentication.
Verified SafeView Analysis
The project uses a .env file for sensitive credentials, which is good practice. However, a full security audit is impossible due to heavily truncated source code. Interactions with external Azure AI services and the Microsoft Learn MCP server imply network dependencies, which carry inherent risks, but no obvious malicious patterns or glaring vulnerabilities are present in the provided description.
Updated: 2025-11-27GitHub
0
0
Medium Cost
Dellos12 icon
Sec9

Implements a Retrieval-Augmented Generation (RAG) engine leveraging geometric and statistical principles for advanced information retrieval, particularly for business data.

Setup Requirements

  • ⚠️Docker is required for easy setup.
  • ⚠️Requires Python 3.8+.
  • ⚠️Initial run will download Sentence Transformers and Cross-Encoder models (all-MiniLM-L6-v2 and ms-marco-MiniLM-L-6-v2) to a local cache, which might take time and disk space.
Verified SafeView Analysis
The application is a standard FastAPI server exposing endpoints. It uses local ChromaDB for vector storage and pre-trained Sentence Transformers models. No 'eval' or obvious malicious patterns were found. Standard web API security practices should be followed when deploying in production (e.g., access control, input validation).
Updated: 2026-01-17GitHub
0
0
High Cost
sathyakutti icon

mcp-yt-client

by sathyakutti

Sec2

A comprehensive market research framework that orchestrates multiple Model Context Protocol (MCP) data sources to gather and analyze information on any topic, generating structured reports.

Setup Requirements

  • ⚠️Requires Docker Desktop with MCP Toolkit installed.
  • ⚠️Requires a GitHub Personal Access Token (GITHUB_PERSONAL_ACCESS_TOKEN) for GitHub MCP functionality.
  • ⚠️Requires an Exa (Metaphor) API Key (EXA_API_KEY) (note: exposed in documentation, requires immediate rotation).
Review RequiredView Analysis
A real `EXA_API_KEY` (`8f6c31d9-16be-4b35-8721-186fe4f62bb5`) is hardcoded in `FINAL-SUMMARY.md` and `EXA-QUICK-START.md`, representing a critical information disclosure vulnerability requiring immediate key rotation. The system extensively uses `child_process.spawn` to run Docker containers, which requires elevated privileges and, if compromised, could allow arbitrary command execution. The LinkedIn client also explicitly notes potential Terms of Service violations and account suspension risk if used for automated research, although it is not directly implemented in the code provided.
Updated: 2025-11-24GitHub
0
0
Low Cost
juliendoutre icon

protoc-gen-go-mcp

by juliendoutre

Sec9

Generates Go code for gRPC services, allowing them to be exposed as tools for Large Language Models (LLMs) via the Model-Client Protocol (MCP).

Setup Requirements

  • ⚠️Requires a Go development environment for compilation and execution.
  • ⚠️Requires `protoc` (Protocol Buffers compiler) and its Go plugins (`protoc-gen-go`, `protoc-gen-go-grpc`) to generate base gRPC code.
  • ⚠️Manual IDE configuration (e.g., editing `~/.cursor/mcp.json`) is needed to integrate the generated MCP server with an LLM client.
Verified SafeView Analysis
The project is a code generator, processing .proto files to create Go code. The generated code (`api_mcp.pb.go` in the example) acts as a proxy, mapping MCP tool calls to gRPC service methods. Input validation primarily relies on the MCP framework ensuring correct type conversion (e.g., `.(string)`). The example gRPC server uses insecure credentials, which is acceptable for local development but would require TLS in a production environment. No `eval` or similar dynamic code execution, nor any hardcoded secrets were found in the provided source code.
Updated: 2026-01-19GitHub
0
0
Medium Cost
pedrocr83 icon

mcp_servers

by pedrocr83

Sec4

A comprehensive multi-tool MCP server suite offering advanced web search (Brave API), robust local file system management, document content extraction, and database interaction, designed for AI agent integration.

Setup Requirements

  • ⚠️Requires Brave Search API Key, with paid Pro plans necessary for full features like local search and AI summarization.
  • ⚠️File system write operations require both the `--allow-write` CLI flag (or `ALLOW_WRITE` environment variable) and writable Docker volume mounts; default mounts for `filesystem-mcp-server` and `document-reader-mcp-server` are read-only (`:ro`).
  • ⚠️The hardcoded PostgreSQL credentials (`misterios:misteriospassword`) in `docker-compose.yml` for `mcp-db-server` must be changed for any production or secure environment.
  • ⚠️The `rust-mcp-filesystem` server requires specific `ALLOWED_DIRECTORIES` arguments on startup or the `--enable-roots` CLI option for dynamic directory access control to function correctly.
Review RequiredView Analysis
The `mcp-db-server` in `docker-compose.yml` contains hardcoded PostgreSQL credentials (`misterios:misteriospassword`) for `DATABASE_URL`. This is a critical security risk as these credentials could be exposed. While `rust-mcp-filesystem` employs strong path validation, `ro` (read-only) Docker mounts by default limit write operations even if `ALLOW_WRITE` is set. Input validation and container security configurations are generally good.
Updated: 2025-12-07GitHub
0
0
High Cost
karthik-s092003 icon

MY_FIRST_MCP_SERVER

by karthik-s092003

Sec4

An AI-powered system for generating software project structures and code in various languages, and converting code between languages.

Setup Requirements

  • ⚠️Requires API keys for OpenAI and/or Groq (paid services)
  • ⚠️Requires a Python environment with specific 'autogen' libraries and dependencies
  • ⚠️Relies on access to specific LLM models (e.g., gemini-2.0-flash-lite, gpt-oss-120b, llama-3.1-8b-instant)
Review RequiredView Analysis
The `create_folders` and `generate_and_write_files` tools directly interact with the filesystem (`os.makedirs`, `open`) using paths and content generated by LLM agents. This poses a critical risk of arbitrary file creation, modification, or deletion, including overwriting sensitive system files or injecting malicious code, if an adversarial prompt is used. There is no explicit sanitization or sandboxing of LLM-generated paths or file content. The `get_current_weather` tool also makes an external HTTP request with an LLM-provided parameter, which could be a minor vector.
Updated: 2026-01-04GitHub
0
0
Low Cost
maguerrieri icon

expensify-heist-mcp

by maguerrieri

Sec7

Automates fetching and parsing Expensify CSV exports via Safari web automation on macOS, and can convert them to YNAB transaction format.

Setup Requirements

  • ⚠️Requires macOS
  • ⚠️Requires macOS System Settings → Privacy & Security → Automation permissions for the terminal/VS Code to control Safari
  • ⚠️Python 3.11+
  • ⚠️Safari browser must be installed and active
Verified SafeView Analysis
The server uses AppleScript to control Safari and inject JavaScript for web automation. The JavaScript snippets are hardcoded in `heist.py` to interact with expensify.com for login and report export. While this provides powerful control over the browser, the specific hardcoded actions appear benign. `subprocess.run` is used for AppleScript execution, which is a direct command execution. There are no clear indications of arbitrary code execution from untrusted input (e.g., `eval` on user-controlled data) or hardcoded secrets. Requires explicit macOS automation permissions, which acts as a user-controlled gate. A significant discrepancy exists between the provided source code (expensify-heist-mcp, using Safari) and the provided README (expensify-mail-mcp, describing Mail.app automation), which might cause confusion regarding its operational mechanism.
Updated: 2026-01-16GitHub
0
0
High Cost
WouterArtsRecruitin icon

recruitin-mcp-servers

by WouterArtsRecruitin

Sec2

Automating Recruitin's complete sales and recruitment workflow, including labor market analysis, fee calculation, Pipedrive CRM integration, email/pitch generation, company insights, salary benchmarking, news gathering, and AI-powered document analysis for recruitment assessments.

Setup Requirements

  • ⚠️Numerous API Keys Required (Pipedrive, Brave Search, Notion, Typeform, Email SMTP credentials, Claude, Leonardo.ai, WhatsApp, Jotform, Figma). Many of these are hardcoded in provided scripts.
  • ⚠️Extensive Pipedrive CRM configuration (pipelines, stages, custom fields, native automations, webhooks) is required for full functionality, as detailed in multiple setup scripts and documentation.
  • ⚠️Requires Node.js 18.0.0+ runtime environment and `npm install` for various Node.js-based services.
  • ⚠️Requires manual cloud deployment (Vercel/Render) for specific webhook handlers and serverless functions to integrate with external services like Pipedrive webhooks.
Review RequiredView Analysis
CRITICAL: Multiple Pipedrive API tokens are hardcoded in test/setup scripts, and most critically, one is hardcoded as a fallback in a Vercel serverless function (`elite-email-composer-mcp/api/webhook/new-deal.js`) which is exposed to the internet. This grants full programmatic access to the CRM data. Several Notion API keys are also hardcoded in various Notion-related scripts. Brave API keys are hardcoded in some agents or provided as insecure fallbacks. Running this system without addressing these hardcoded secrets is extremely dangerous as it exposes sensitive API keys and potentially Pipedrive CRM data to unauthorized access.
Updated: 2026-01-17GitHub
0
0
Medium Cost

mcp-server-library

by pramod-c-morn

Sec1

Provides a library or server implementation for a communication protocol, likely related to Minecraft, to enable custom server development or interaction.

Review RequiredView Analysis
Cannot perform a security audit as the source code was not provided for analysis. Without access to the code, it is impossible to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns, making a reliable safety assessment impossible.
Updated: 2025-11-24GitHub
0
0
Medium Cost
techmad220 icon

claude-code-mcp

by techmad220

Sec9

Exposes Claude Code CLI session history to Claude.ai or any MCP client for search and reference.

Setup Requirements

  • ⚠️Requires Claude Code CLI to be installed and used at least once to generate session history.
  • ⚠️Requires Rust toolchain (cargo) for compilation.
  • ⚠️Requires manual configuration in Claude Desktop's `claude_desktop_config.json`.
Verified SafeView Analysis
The server primarily operates locally, reading user session data from ~/.claude/. It uses SQLite with parameterized queries for indexing, preventing SQL injection. JSON-RPC tool calls are handled by predefined functions with argument validation, avoiding dynamic code execution. The SSE transport binds to 127.0.0.1 by default, limiting external exposure. The CORS policy is permissive ('Any') but is mitigated by the default local binding. No hardcoded secrets or obvious malicious patterns were found. File system access is scoped to user's .claude directory.
Updated: 2025-12-14GitHub
0
0
Low Cost
jmcdice icon

superpower-mcp

by jmcdice

Sec9

Integrates the Superpowers skills library as tools for the Augment CLI, providing expert-crafted workflows to an AI coding assistant.

Setup Requirements

  • ⚠️Requires Node.js v18 or higher
  • ⚠️Requires Git installed
  • ⚠️Modifies user's Augment CLI configuration file (~/.augment/settings.json) during installation, with a backup created.
  • ⚠️Clones the Superpowers repository to ~/.augment/superpowers.
Verified SafeView Analysis
The server uses `StdioServerTransport`, meaning it communicates via standard input/output with the Augment CLI, not over a network, which minimizes network attack surfaces. The `install.sh` script performs file system operations (cloning a Git repository, creating directories, installing npm dependencies) and modifies the user's Augment settings JSON, but it includes backups and uses embedded Python for safer JSON manipulation. It also relies on a public, well-known repository for skills. No explicit `eval` or hardcoded secrets were found in the provided source.
Updated: 2025-11-27GitHub
0
0
Low Cost
Imaginationfinagler591 icon

mcp-hello-world

by Imaginationfinagler591

Sec9

A minimal MCP server in Kotlin demonstrating the Model Context Protocol by exposing a simple 'greet' tool to clients via standard I/O.

Setup Requirements

  • ⚠️Requires Java Runtime Environment 8 or newer.
  • ⚠️Requires Gradle for building and running (if not using a pre-built JAR).
  • ⚠️Requires an MCP client (e.g., the provided HelloWorldClient or MCP Inspector) capable of communicating over Standard I/O.
Verified SafeView Analysis
The server implements a simple 'greet' tool with no external dependencies or dangerous operations, processing input locally. Communication is via standard I/O, typically for local process interaction. No 'eval' or hardcoded secrets were found in the server's code. The client (HelloWorldClient.kt) uses ProcessBuilder to launch the server JAR provided as a command-line argument; if the client were configured to accept untrusted input for this path, it could lead to arbitrary code execution, but this risk is on the client side, not within the server's logic itself.
Updated: 2026-01-19GitHub
PreviousPage 406 of 713Next