Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Dynamic-Mockups icon

mcp

by Dynamic-Mockups

Sec9

Generate product mockups programmatically using an API, facilitating integration with AI assistants for design and product customization workflows.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher to run.
  • ⚠️Requires a Dynamic Mockups API key for most functionality (set as DYNAMIC_MOCKUPS_API_KEY environment variable or 'x-api-key' header).
  • ⚠️Dependent on the external Dynamic Mockups API (https://app.dynamicmockups.com/api/v1) for all core functionality.
Verified SafeView Analysis
The server correctly retrieves API keys from environment variables or request headers. External API calls use `axios` with a timeout and reasonable status validation. CORS is configured, by default allowing all origins, which is common for public APIs but can be narrowed. A direct `eval()` call is present in the source code, but it is part of a static 'knowledge base' object (`EMBED_EDITOR_KNOWLEDGE_BASE`) which is returned as a string to the client as documentation/examples for client-side integration. The server itself does not execute this `eval()` with untrusted input, therefore it does not pose a direct server-side code injection vulnerability.
Updated: 2025-12-30GitHub
0
0
Low Cost
vinayak-556 icon

mcp_server

by vinayak-556

Sec9

An AI-powered server providing semantic search capabilities over various documentation sources (LangChain/LangGraph, RetellAI, Make.com) using OpenAI embeddings and Pinecone vector databases, exposed as an MCP (Multi-tool Coordination Protocol) server.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid service for embeddings)
  • ⚠️Requires Pinecone API Key (Pinecone account needed)
  • ⚠️Requires Python dependencies (openai, pinecone, fastmcp, python-dotenv)
Verified SafeView Analysis
API keys are loaded from environment variables, preventing hardcoding. No use of dangerous functions like 'eval' or 'exec' was found. The interaction with external services (OpenAI, Pinecone) is through well-defined SDKs, and user input is processed safely for embeddings and vector database queries.
Updated: 2025-12-23GitHub
0
0
Low Cost
Yitz4 icon
Sec1

This server manages questions and rules for a 'Biblical Fencing' competition, providing tools to list and read markdown files containing game content.

Setup Requirements

  • ⚠️Requires Python environment.
  • ⚠️The Python `mcp` (Model Context Protocol) SDK needs to be installed (e.g., `pip install mcp`).
  • ⚠️The server expects a `mis_archivos` directory to exist in the same location as `server.py`, containing markdown files.
  • ⚠️The presence of `package.json` and `package-lock.json` indicating a Node.js project with `server.js` as the main entry point, while `server.py` is provided, creates confusion about the intended runtime environment or project structure.
Review RequiredView Analysis
The `leer_archivo` tool is critically vulnerable to path traversal. It directly concatenates user-provided input (`nombre`) with `CARPETA_MD` without any sanitization or validation (e.g., checking for `../`). This allows a malicious actor to read arbitrary files on the server (e.g., `/etc/passwd`, sensitive configuration files, or other application data) by crafting the `nombre` parameter. This is a high-severity vulnerability.
Updated: 2025-11-28GitHub
0
0
High Cost
JJAMAWAVE icon

ashen-mcp-server

by JJAMAWAVE

Sec1

The server provides a Meta-Controller Protocol (MCP) compliant API to interact with local Ollama language models, offering text analysis, arbitrary model calls, and file summarization capabilities.

Setup Requirements

  • ⚠️Requires Ollama CLI installed and accessible in the system's PATH.
  • ⚠️Requires Ollama models (e.g., 'qwen2.5:7b-instruct' or 'qwen2.5:7b') to be downloaded locally via Ollama.
  • ⚠️Requires Python 3.x with FastAPI, Uvicorn, and other dependencies installed.
Review RequiredView Analysis
CRITICAL COMMAND INJECTION VULNERABILITY: The server uses `subprocess.run` and `subprocess.check_output` to execute the `ollama` CLI tool. Parameters like `model` and `prompt` are taken directly from user-supplied RPC requests without apparent sanitization, making the server highly vulnerable to command injection. A malicious user could craft inputs to execute arbitrary commands on the host system (e.g., via the `call_ollama` or `analyze_text` methods). Additionally, `summarize_file` allows reading arbitrary file paths, although existence is checked, it still poses a potential information disclosure risk if combined with command injection to execute other tools.
Updated: 2025-11-19GitHub
0
0
Low Cost
hatanoyoshihiko icon

aws_knowledge_mcp_server

by hatanoyoshihiko

Sec9

Provides a serverless web UI and proxy for interacting with the AWS Knowledge MCP Server to access documentation, recommendations, and regional availability information.

Setup Requirements

  • ⚠️Requires AWS SAM CLI for deployment.
  • ⚠️A shared secret (`OriginVerifySecret`) must be provided during deployment to enforce connection restrictions from CloudFront to API Gateway.
  • ⚠️The UI assets (index.html, etc.) must be manually uploaded to the S3 bucket after deployment.
Verified SafeView Analysis
The server employs a shared secret (`OriginVerifySecret`) for CloudFront-to-API Gateway communication, which helps prevent direct API access. Robust input validation is implemented for all API endpoints, explicitly rejecting potentially dangerous nested object structures for some inputs (e.g., `get_regional_availability`). The upstream MCP endpoint is hardcoded and not user-controlled, mitigating SSRF risks. CORS is permissively set to `*` for the API Gateway. No 'eval' or similar dangerous patterns were found in the provided Python code. Error handling is structured to catch exceptions and truncate error messages, preventing excessive information leakage.
Updated: 2025-12-17GitHub
0
0
Medium Cost
acidsolution icon

schwab-mcp-server

by acidsolution

Sec9

A read-only Model Context Protocol (MCP) server for Charles Schwab API, enabling AI assistants to access financial data for portfolio analysis, real-time quotes, options data, and price history.

Setup Requirements

  • ⚠️Requires a Charles Schwab Developer account with App Key (Client ID), App Secret (Client Secret), and a valid (7-day expiring) Refresh Token.
  • ⚠️Manual OAuth flow is required to obtain the initial refresh token, involving running a Python script (`get_token.py`), browser interaction, and pasting a redirect URL.
  • ⚠️Requires local configuration of the AI client (e.g., Claude Desktop, ChatGPT Desktop) with specific paths to the Python environment and the repository's working directory.
Verified SafeView Analysis
The server is explicitly designed as 'READ-ONLY', preventing any trading or account modification. API credentials (client ID/secret) and refresh tokens are loaded from environment variables or a secure local file, not hardcoded. The `auth.py` module uses `os.chmod` to set secure file permissions (owner read/write only) on the token file. The `storage.py` module uses `sqlglot` to strictly validate SQL queries, ensuring only `SELECT` statements are executed against the in-memory DuckDB, which prevents SQL injection and unauthorized data manipulation. No 'eval' or similar dangerous functions were found.
Updated: 2025-12-07GitHub
0
0
Low Cost
theanirudhvyas icon

ezbookkeeping_mcp_server

by theanirudhvyas

Sec9

Integrates AI assistants like Claude with EzBookkeeping for natural language personal finance management.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires 'uv' package manager to be installed for dependency management and running.
  • ⚠️Needs an existing, self-hosted EzBookkeeping instance with a generated API token (EZBOOKKEEPING_URL and EZBOOKKEEPING_TOKEN environment variables must be configured).
Verified SafeView Analysis
The server loads sensitive configurations (EzBookkeeping URL and API token) from environment variables, which is a good practice to avoid hardcoding secrets. It uses `httpx` for API communication with proper authorization headers. No `eval` or similar dangerous dynamic code execution patterns were found. The primary security responsibility lies with the user to securely configure their EzBookkeeping instance and protect the API token.
Updated: 2025-11-18GitHub
0
0
Medium Cost
joelanford icon

mcp

by joelanford

Sec9

Provides read-only access to Google Workspace APIs (Docs, Calendar, Gmail) as an MCP server for AI models.

Setup Requirements

  • ⚠️Requires Google Application Default Credentials setup via `gcloud auth application-default login` with specified read-only scopes.
  • ⚠️Requires Go language environment to build and run the binary.
  • ⚠️Designed to be used with an MCP-compatible client (e.g., Claude Desktop) rather than as a standalone application.
Verified SafeView Analysis
No hardcoded secrets were found. The server explicitly uses Google Application Default Credentials (ADC) for authentication, which is a secure practice. All Google API access is strictly read-only, significantly limiting the potential impact of any hypothetical vulnerabilities. The server communicates over standard I/O (stdio), reducing its direct network attack surface. The `docs_search` handler includes explicit query sanitization to prevent injection vulnerabilities in Drive API calls.
Updated: 2026-01-17GitHub
0
0
Medium Cost
bintang-aswam icon

fastAPI-MCP-server

by bintang-aswam

Sec7

This server provides image processing functionalities, specifically OCR and barcode/QR code scanning, through a standardized Model Context Protocol (MCP) interface for integration with AI agents in business automation scenarios.

Setup Requirements

  • ⚠️Requires the Tesseract OCR engine to be installed separately on the host system for pytesseract to function.
  • ⚠️Requires environment variables DESCOPE_PROJECT_ID and DESCOPE_API_BASE_URL to be configured (e.g., in a .env file).
  • ⚠️All image URLs provided to the OCR and barcode scanning endpoints must be publicly accessible on the internet.
Verified SafeView Analysis
The server fetches images from arbitrary public URLs provided by clients for OCR and barcode scanning. While Pydantic's HttpUrl provides basic URL validation, there is a potential risk for Server-Side Request Forgery (SSRF) if a malicious actor provides a URL pointing to internal network resources. No explicit IP range filtering or deeper URL sanitization is implemented beyond basic HTTP(S) scheme enforcement and connection timeouts. The wide-open CORS policy (allow_origins=['*']) is noted, though potentially intended for broad integration.
Updated: 2025-12-14GitHub
0
0
Low Cost
mustafa861 icon
Sec9

This server demonstrates the creation and exposure of simple arithmetic tools via an MCP (Multi-Agent Communication Protocol) endpoint.

Setup Requirements

  • ⚠️Requires Python 3.13 or higher.
  • ⚠️Dependencies listed in pyproject.toml (mcp, openai-agents, prompt-toolkit, uvicorn) must be installed.
Verified SafeView Analysis
The provided code implements simple arithmetic functions exposed as tools. There are no 'eval' or 'exec' calls, no obvious hardcoded secrets, and no direct arbitrary code execution vectors in the exposed logic. The underlying 'mcp' library's security is assumed, but the application logic itself appears robust for its intended purpose.
Updated: 2025-11-23GitHub
0
0
Medium Cost
phasetdev icon

phaset-mcp

by phasetdev

Sec9

Generates Phaset manifest files for software repositories by analyzing source code and project structure with AI.

Setup Requirements

  • ⚠️Requires Node.js to be installed.
  • ⚠️Requires configuration within Claude Desktop, Claude Code, or CLI to register the MCP server.
  • ⚠️Primarily tested and intended for use with Claude; compatibility with other MCP-compatible tools is not guaranteed.
Verified SafeView Analysis
The server interacts with the local file system based on user-provided repository paths. It employs explicit ignore patterns for sensitive directories (`node_modules`, `.git`, `dist`, etc.), size limits (max 50KB per file, 15K total tokens for file content), and binary file detection to mitigate risks like resource exhaustion or processing of unexpected content. User input for file paths is validated to ensure it points to a directory. Regex patterns are constructed internally from glob patterns and are not directly exposed to user input. No direct use of `eval` or insecure command execution with user-controlled arguments was identified. The overall approach appears robust, but any direct file system interaction carries an inherent, albeit mitigated, risk.
Updated: 2025-11-27GitHub
0
0
Low Cost
manutej icon
Sec8

A command-line tool for researching AI sector stocks, providing real-time quotes, news, financial data, and historical analysis.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Polygon.io API Key is optional for basic functionality but required for enhanced features (real-time prices, full historical data), and the free tier has strict rate limits (5 calls/minute).
  • ⚠️Yahoo Finance (yfinance) API is actively blocking many programmatic access attempts, even with 'curl-cffi'. The tool may fail to fetch data via yfinance depending on your network/IP environment. Consider using the Polygon provider with an API key as a fallback.
Verified SafeView Analysis
The codebase implements robust input validation using Pydantic, and explicit logging with log injection prevention, which are strong security positives. There are no obvious 'eval' or direct unvalidated 'subprocess' calls with user input. However, the 'polygon_mcp.py' module executes an 'uvx' command to pull and run code from a specific GitHub repository (mcp_polygon@v0.4.1). While 'uvx' is designed for secure package execution, any dependency on external code from a remote repository introduces a supply chain risk if that repository were compromised. API keys are managed through environment variables, which is standard practice for sensitive information.
Updated: 2025-11-18GitHub
PreviousPage 411 of 713Next