Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
cbuntingde icon

supabase-memory-mcp

by cbuntingde

Sec9

Provides AI assistants with a multi-layered memory system (semantic, graph, structured, short-term) using Supabase and pgvector for persistent and fast retrieval, enhancing cognitive capabilities.

Setup Requirements

  • ⚠️Requires an existing Supabase project and associated API key (Anon/Public or Service Role) for database connectivity.
  • ⚠️Initial database schema setup may require manual execution of `schema.sql` within the Supabase SQL Editor if the automated `npx ... setup` command encounters permission issues or existing schema conflicts.
  • ⚠️For compatible AI clients (e.g., Cline, Roo Code, Kilo Code), all tool permissions must be explicitly enabled upon initialization as stated in the prerequisites.
Verified SafeView Analysis
The server uses local embedding models (@xenova/transformers), eliminating the need for external API calls for embeddings and improving data privacy. Configuration is loaded securely from environment variables or a local file with restricted permissions (0o600). Database interactions are handled through the Supabase client library, which helps mitigate direct SQL injection risks. The README emphasizes enabling all tool permissions for client-side extensions, which implies a high degree of trust in the consuming AI agent, a common pattern for such systems.
Updated: 2026-01-17GitHub
0
0
Medium Cost
Kcao3034 icon
Sec9

The MCP server enables programmatic, structural, and semantic editing of Markdown documents, including file system operations and YAML frontmatter management, primarily for use by AI agents.

Setup Requirements

  • ⚠️Requires Python 3.10 or newer.
  • ⚠️Requires a local Ollama instance running with a compatible model (e.g., qwen3:14b or qwen3:8b) for AI capabilities.
Verified SafeView Analysis
The codebase demonstrates good security practices for file system operations, particularly with the `PathResolver`'s `is_safe_path` function to prevent directory traversal attacks. File writes use an atomic temporary file approach. No 'eval' or obvious malicious patterns were found. Network connections for LLM are outbound and configurable.
Updated: 2026-01-19GitHub
0
0
Medium Cost
ytwei3 icon
Sec9

Enables AI agents to query Ethereum balances, token prices, and simulate token swaps via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Rust 1.70 or higher toolchain to build and run.
  • ⚠️Requires an Ethereum RPC URL configured in a `.env` file or as an environment variable.
  • ⚠️Integration with AI agents like Claude Desktop requires manual modification of a client-side JSON configuration file.
Verified SafeView Analysis
The server's core functionality is simulation-only, meaning no on-chain transactions are executed and no private keys are handled by the server itself. Input parsing uses `serde_json` and `ethers-rs` address parsing, which are generally safe. External dependencies include an Ethereum RPC endpoint and CoinGecko API for price feeds, which introduce standard network risks. The code does not use dangerous functions like `eval` or rely on obfuscation. Logging to stderr prevents interference with the stdio communication channel.
Updated: 2025-11-22GitHub
0
0
High Cost
godwinraj-ai icon

FastApply-MCP

by godwinraj-ai

Sec8

An AI-powered Multi-tool Code Processing (MCP) server designed for comprehensive code editing, analysis, and refactoring across multiple programming languages, leveraging LLMs and AST-based tools.

Setup Requirements

  • ⚠️Requires a compatible LLM server (e.g., LM Studio with a Fast Apply model) running and configured via FAST_APPLY_URL.
  • ⚠️Requires external CLI tools (`ast-grep`, `ripgrep`, `ruff`, `eslint`) to be installed in the system's PATH for full functionality.
  • ⚠️The Qdrant vector database is required for 'collective consciousness' and enhanced learning features, though it has fallback mechanisms if unavailable.
Verified SafeView Analysis
The server implements robust security measures including path validation (`_secure_resolve`) to prevent directory traversal, file size limits to mitigate resource exhaustion, and atomic writes for file modifications. It also uses temporary files for external tool inputs to reduce command injection risk. However, it relies heavily on executing external CLI tools (`ast-grep`, `ripgrep`, `ruff`, `eslint`) via `subprocess.run` and performs extensive file system operations for code editing. While inputs are processed with security in mind, the broad attack surface of these capabilities necessitates careful management of the `WORKSPACE_ROOT` environment variable and an understanding of the tools' invocation context.
Updated: 2026-01-19GitHub
0
0
Low Cost
Tommertom icon

pdf_mcp_chromadb

by Tommertom

Sec7

Provides a Model Context Protocol (MCP) server for processing PDF documents, generating local embeddings, and performing semantic search.

Setup Requirements

  • ⚠️Requires 'uv' to be installed for 'uvx' command: 'pip install uv'.
  • ⚠️On first run, the embedding model (~80MB for 'all-MiniLM-L6-v2') will be downloaded, requiring internet connectivity.
  • ⚠️Requires Python 3.10+.
Verified SafeView Analysis
The server downloads PDFs from arbitrary URLs provided by the user, which introduces a potential Server-Side Request Forgery (SSRF) risk and resource consumption vulnerability if exposed to untrusted input without proper network segmentation. While it has file size limits and URL validation, a malicious actor could still attempt to download large files repeatedly or target internal network resources. There are no obvious hardcoded secrets, 'eval' usage, or other direct code execution vulnerabilities. The embedding model runs locally, avoiding external API security concerns.
Updated: 2025-12-14GitHub
0
0
Low Cost
annmalavet icon

MCP-SERVER-DB

by annmalavet

Sec8

This server provides a Model Context Protocol (MCP) endpoint that exposes a 'search_database' tool for querying a PostgreSQL database for people by email or major.

Setup Requirements

  • ⚠️Requires an accessible PostgreSQL database instance.
  • ⚠️Critical environment variables (DB_USER, DB_PASS, DB_NAME, DB_HOST, DB_PORT) for PostgreSQL connection must be configured. Note that the default DB_PORT value (8080) in the code is unlikely to be the correct PostgreSQL port and will conflict with the application's default listening port.
  • ⚠️Node.js runtime version 18 or higher is required.
Verified SafeView Analysis
The server uses parameterized SQL queries to interact with the database, effectively preventing SQL injection vulnerabilities. However, it directly exposes raw database error messages to the client, which can be an information disclosure risk, potentially revealing internal database structure or query failures.
Updated: 2026-01-11GitHub
0
0
Low Cost
zuologio icon

McpWeatherServer

by zuologio

Sec6

A server application designed to provide weather information to connected clients, likely within a Minecraft Coder Pack (MCP) environment.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) 8+ to compile and run.
  • ⚠️Requires an available network port for the server to listen on.
Verified SafeView Analysis
The server appears to lack explicit authentication, authorization, or encryption for network communication, which are common risks for networked services. Input validation in ServerHandler.java is assumed but not confirmed, potentially leading to malformed request vulnerabilities. No 'eval' or obvious malicious patterns are evident from the provided summary. It is likely intended for controlled or local environments, which mitigates some public exposure risks.
Updated: 2025-12-01GitHub
0
0
High Cost
madking2099 icon

grok_mcp_setup

by madking2099

Sec8

Integrate Grok (via CodeGPT) with local Git repositories, self-hosted web search, and a local document library through Dockerized Model Context Protocol (MCP) servers.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose (v2+) installed.
  • ⚠️Requires CodeGPT plugin in PyCharm with an xAI API key for Grok integration.
  • ⚠️Requires manual creation and provisioning of `pdf_server.py` for full PDF extraction functionality within the library service. The provided setup only includes a stub.
  • ⚠️Local directories (`PROJECTS_PATH`, `LIBRARY_PATH`) must be mounted to containers for data access.
Verified SafeView Analysis
The setup employs good security practices like read-only volumes (`:ro`) for mounted directories (`/projects`, `/ebooks`) and whitelisting of allowed paths (`--allowed-paths`). It avoids direct `eval` or `os.system` with shell=True in the provided scripts. However, the `mcp-lib` service's PDF extraction relies on a user-provided `pdf_server.py` script; its security is dependent on the user's implementation, which could introduce vulnerabilities if not carefully written. The `BRAVE_API_KEY` is a placeholder, indicating a sensitive variable that needs secure management if enabled for the bundled version.
Updated: 2025-11-30GitHub
0
0
Low Cost
skylukas1 icon

claude.mcp.test

by skylukas1

Sec1

Acts as a Master Control Program (MCP) server designed to execute custom commands, typically exposed via a network tunnel.

Setup Requirements

  • ⚠️Requires ngrok for public exposure and tunneling.
  • ⚠️The actual server implementation code is not provided, meaning the core server logic needs to be obtained or written before it can be run.
Review RequiredView Analysis
Critical: No server source code was provided for analysis beyond the README. Therefore, a security audit cannot be performed to check for vulnerabilities such as 'eval' usage, obfuscation, network risks, hardcoded secrets, or malicious patterns. Running this server without access to and an audit of its implementation code is highly insecure as its behavior and security posture are unknown.
Updated: 2025-12-12GitHub
0
0
Medium Cost
scanady icon
Sec8

Manages engineering standards, practices, and processes, providing AI assistants with structured access to an organization's knowledge base.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0
Verified SafeView Analysis
The server uses `fs.promises` for file system operations (read, write, delete, rename) within a configurable `STANDARDS_DIR`. Input validation is performed using Zod schemas, and path/filename sanitization (`normalizeTargetPath`, `sanitizeFilename`) is implemented to mitigate path traversal risks. The `create_standard` and `update_standard` tools are explicitly marked as 'destructive'. No direct use of `eval` or similar dangerous functions, nor any obvious hardcoded secrets, was found. The Docker configuration enforces running as a non-root user (UID 1001).
Updated: 2025-12-11GitHub
0
0
High Cost
agileguy icon
Sec9

A Model Context Protocol (MCP) server that enables AI assistants to query and retrieve Google Kubernetes Engine logs from Cloud Logging.

Setup Requirements

  • ⚠️Requires Python 3.11+.
  • ⚠️Requires a Google Cloud Project with GKE clusters and appropriate IAM roles (logging.viewer, container.clusterViewer).
  • ⚠️Requires authentication to GCP (e.g., via 'gcloud auth application-default login' for local development or Workload Identity for Kubernetes deployment).
Verified SafeView Analysis
The server implements robust input validation for resource names and filter strings to prevent injection attacks. It uses minimal IAM permissions ('roles/logging.viewer', 'roles/container.clusterViewer'). Production deployments leverage Kubernetes Workload Identity, run as a non-root user with a read-only root filesystem, drop all capabilities, and include Network Policies to restrict traffic. No direct 'eval' or 'exec' with user-controlled input is present. The regex used for pod names and search text is passed to the Cloud Logging API, relying on GCP's security for filter evaluation.
Updated: 2025-11-30GitHub
0
0
High Cost
Bandwidth icon

mcp-server

by Bandwidth

Sec9

The Bandwidth Official MCP Server enables AI agents to interact with various Bandwidth APIs for communication services, allowing programmatic control over messaging, voice, MFA, and compliance operations.

Setup Requirements

  • ⚠️Requires valid Bandwidth API Credentials (BW_USERNAME, BW_PASSWORD, BW_ACCOUNT_ID). These typically imply a paid Bandwidth account.
  • ⚠️Specific functionalities require additional Bandwidth IDs (e.g., BW_MESSAGING_APPLICATION_ID, BW_VOICE_APPLICATION_ID) and a valid phone number (BW_NUMBER), which are conditionally required environment variables.
  • ⚠️Requires Python 3.10+.
  • ⚠️Requires 'uv' (a Python package installer and runner) to be installed, or manual virtual environment setup with pip.
Verified SafeView Analysis
The server follows good security practices by loading sensitive API credentials from environment variables. It fetches OpenAPI specifications from hardcoded, trusted Bandwidth URLs and includes a cleaning step to remove potentially dangerous 'callbacks' and 'x-' fields from the spec, reducing the risk of malicious spec injection. Authentication uses standard Basic HTTP authentication over HTTPS. No obvious 'eval' or malicious patterns were found in the provided source code.
Updated: 2025-12-05GitHub
PreviousPage 408 of 713Next