Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
rexfelix icon
Sec3

This server reads PDF documents, extracts text, images, and tables, and provides them to an AI agent in Markdown format.

Setup Requirements

  • ⚠️Requires 'uv' package manager to be installed.
  • ⚠️Requires Tesseract-OCR system-wide installation with 'kor' and 'eng' language packs for full functionality.
  • ⚠️Requires Python version 3.10 or higher.
  • ⚠️The 'mcpServers' configuration requires an absolute path to the project directory.
Review RequiredView Analysis
The `read_pdf_resource` tool allows reading arbitrary files from the server's filesystem via absolute paths (e.g., `pdf:///etc/passwd`). This is a critical information disclosure vulnerability. Processing untrusted PDFs from local files or URLs (via `read_pdf`) can expose the system to vulnerabilities in underlying libraries (PyMuPDF, pdfplumber, pytesseract) and potentially lead to SSRF for URL-based sources. OCR with Tesseract also involves external command execution, which could be a vector if not properly sanitized. The server does not explicitly implement input sanitization or sandboxing for untrusted PDF content or file paths.
Updated: 2025-12-13GitHub
0
0
Medium Cost
shadyvb icon

mcp-skyscanner

by shadyvb

Sec6

Expose Skyscanner flight and airport search functionality to AI assistants via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Git to clone the repository with submodules (`--recursive` flag or `git submodule update --init --recursive`).
  • ⚠️Relies on a reverse-engineered Skyscanner API client that may violate Skyscanner's Terms of Service; use at your own risk.
  • ⚠️Requires configuring an absolute path to `mcp_server.py` in your AI assistant's configuration file (e.g., `claude_desktop_config.json`).
Verified SafeView Analysis
The server code itself does not contain obvious security vulnerabilities like hardcoded secrets or 'eval' of user input. However, it relies on a reverse-engineered Skyscanner API client which may violate Skyscanner's Terms of Service, introducing significant legal and operational risks. Skyscanner could ban access or change its API, causing the server to stop functioning. Users should be aware of these external risks.
Updated: 2025-11-30GitHub
0
0
Low Cost
scopweb icon

mcp-go-mssql

by scopweb

Sec10

Provides secure Microsoft SQL Server connectivity for AI assistants via the Model Context Protocol (MCP) or a CLI tool, supporting robust security and granular access controls.

Setup Requirements

  • ⚠️Requires Microsoft SQL Server (2008+ or Azure SQL Database) instance to connect to.
  • ⚠️Requires several MSSQL_* environment variables (e.g., MSSQL_SERVER, MSSQL_DATABASE, MSSQL_USER, MSSQL_PASSWORD) to be configured for database connection.
  • ⚠️Windows Integrated Authentication (SSPI) mode is only supported on Windows operating systems.
Verified SafeView Analysis
The project demonstrates an excellent security posture. It explicitly protects against SQL injection using prepared statements, prevents command injection with a dangerous keyword blacklist, and mitigates authentication bypass via mandatory TLS encryption and strong credential handling. Sensitive data is sanitized in logs, and `DEVELOPER_MODE` ensures generic errors in production to prevent information leakage. A key feature is the granular table permissions (whitelist) that validates all tables in modification queries, enhancing AI safety. Comprehensive security testing with `govulncheck` and `gosec` confirms no known vulnerabilities in dependencies or the codebase. No 'eval'-like functions or obfuscation are present, and race conditions are actively tested for.
Updated: 2025-12-04GitHub
0
0
Medium Cost
sachinlathiya icon

Cerina-Protocol

by sachinlathiya

Sec8

Collaboratively drafts, critiques, and finalizes Cognitive Behavioral Therapy (CBT) exercises using a multi-agent LangGraph backend with a mandatory human-approval gate.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid, optional fallback to local echo model)
  • ⚠️Docker is highly recommended for quickstart/production deployment
  • ⚠️Node.js/npm required for frontend local development
Verified SafeView Analysis
The code does not use 'eval' or other direct code execution vulnerabilities. Hardcoded secrets are not present; API keys are expected via environment variables. The primary security considerations for this type of application are related to potential LLM prompt injection (where the LLM might generate undesirable content if the 'intent' is adversarial, though the system includes safety and clinical review agents to mitigate this) and the default permissive CORS setting (`allow_origins=['*']`) which should be tightened for production deployments.
Updated: 2025-12-22GitHub
0
0
Low Cost
macjunkins icon

rapid-mcp-server

by macjunkins

Sec9

A unified Model Context Protocol (MCP) server written in Zig, designed to expose 25 standardized RAPID commands to various AI clients for structured AI workflows.

Setup Requirements

  • ⚠️Requires Zig 0.15.1 or later installed locally
  • ⚠️Requires GitHub CLI (gh) authenticated locally
  • ⚠️Requires git installed locally
Verified SafeView Analysis
The project explicitly prioritizes 'Never Trust AI Input' with detailed strategies for shell injection prevention. This includes rigorous validation rules for all parameters (repo names, branch names, issue numbers, labels), ensuring safe subprocess execution via `std.process.Child.exec` with `argv`, and passing sensitive content via heredoc/stdin instead of command-line arguments. While the MVP uses hand-coded validation (not a full regex engine), this is a conscious trade-off documented in the PRD. No obvious hardcoded secrets, obfuscation, or direct `eval` usage were identified. Authentication for the GitHub CLI relies on `gh auth login`.
Updated: 2025-11-22GitHub
0
0
Medium Cost
hyqf98 icon
Sec8

Implements a custom Minecraft Protocol (MCP) server for handling game client connections and interactions.

Setup Requirements

  • ⚠️Node.js and npm/yarn are required to run this application.
  • ⚠️Requires a .env file configured with MCP_SERVER_HOST, MCP_SERVER_PORT, and MCP_PROTOCOL_VERSION.
Verified SafeView Analysis
The server uses standard Node.js and Minecraft protocol libraries. Environment variables are utilized for configuration, preventing hardcoded secrets. No 'eval' or obvious malicious patterns were found in the provided snippets. As a network service, it inherently carries some risk, but the code itself does not introduce major new vulnerabilities.
Updated: 2026-01-19GitHub
0
0
Low Cost
issam-eddine icon

mcp-server-weather

by issam-eddine

Sec9

Provides weather alerts and forecasts for US locations by integrating with the National Weather Service (NWS) API.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Dependencies (`httpx`, `mcp[cli]`) must be installed, preferably using `uv` as suggested in the setup.
  • ⚠️The `.cursor/mcp.json` configuration requires an absolute path to the repository (`absolute/path/to/mcp-server-weather`).
Verified SafeView Analysis
The server uses `httpx` to make requests to the public NWS API. It includes basic error handling and does not use `eval`, `exec`, or other direct code execution patterns. No hardcoded secrets or sensitive information are present. The main risk relies on the security and data integrity of the external NWS API.
Updated: 2025-11-28GitHub
0
0
Low Cost
AwaisGoharTagar icon

mcp-server

by AwaisGoharTagar

Sec1

This server likely implements custom functionality or a specialized protocol for a Minecraft-related application, possibly for modding or private server hosting.

Review RequiredView Analysis
A critical security audit cannot be performed as no source code was provided in the prompt. Without code, it is impossible to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. Therefore, a conservative security score of 1 is assigned, and it is marked as unsafe to run.
Updated: 2025-12-02GitHub
0
0
High Cost
dgdocker icon

sigma-mcp-server

by dgdocker

Sec7

This server provides a Model Context Protocol (MCP) interface to Sigma Computing's REST API, enabling programmatic access to workbooks, datasets, and user management for AI agents and other applications.

Setup Requirements

  • ⚠️Requires a Sigma Computing organization with API access and credentials (Client ID and Client Secret)
  • ⚠️Requires Python 3.11+ for direct execution
  • ⚠️The correct Sigma API Base URL is required, which varies based on your organization's cloud provider
Verified SafeView Analysis
The server uses environment variables for sensitive API credentials, avoiding hardcoding. It explicitly handles httpx request failures. However, when run in HTTP/SSE transport mode, it enables CORS for all origins (*) by default, as noted in its own documentation (TRANSPORT_GUIDE.md). This creates a network security risk if not deployed behind a VPN, a secure proxy, or with tightly controlled network access. The server itself does not implement additional authentication layers on its exposed HTTP endpoint, relying on external infrastructure for security in production deployments.
Updated: 2026-01-17GitHub
0
0
Low Cost
ArpitRanjan0101 icon

Backend

by ArpitRanjan0101

Sec2

This server primarily demonstrates basic backend API development using Node.js, Express.js, and MongoDB, covering CRUD operations and middleware concepts.

Setup Requirements

  • ⚠️Requires Node.js (version 18 or higher is recommended/required by dependencies like Express 5.1.0 and Mongoose 9.0.0/MongoDB 7.0.0).
  • ⚠️Requires a MongoDB instance (likely MongoDB Atlas) accessible from where the server is hosted.
  • ⚠️Database credentials are hardcoded and must be replaced with environment variables for secure operation.
  • ⚠️The repository contains multiple independent project folders; a specific 'dayXX' folder's dependencies must be installed and its main script run.
Review RequiredView Analysis
The MongoDB connection URL, including the username and password (`arpitvijans1234:arpitvijans11111`), is hardcoded directly in `day14/database.js`, `day16/database.js`, and `day17/database.js`. This is a severe security risk, as these credentials would be exposed if the source code is public or accessed by unauthorized individuals. It is critical to use environment variables for sensitive information like database credentials.
Updated: 2026-01-09GitHub
0
0
Low Cost
sword-demon icon

weather-mcp-server

by sword-demon

Sec8

This server provides a tool for Large Language Models (LLMs) to query real-time weather information for specified locations using the AMap API.

Setup Requirements

  • ⚠️Requires a valid AMap API Key, which needs to be obtained by the user.
  • ⚠️Specifically requires Python 3.13 or newer due to `pyproject.toml` settings.
  • ⚠️Requires manual configuration in Claude Desktop's `claude_desktop_config.json`, including the absolute path to the project directory.
Verified SafeView Analysis
The server loads API keys from environment variables (`.env`), which is good practice. It handles HTTP errors and AMap API specific status codes. It relies on external API responses which are then parsed as JSON, a standard pattern. There are no obvious signs of 'eval', obfuscation, or hardcoded sensitive credentials directly in the source code. The main security consideration is ensuring the `AMAP_KEY` is securely stored and transmitted to the environment.
Updated: 2025-12-14GitHub
0
0
Medium Cost
garethcull icon

wordpress-mcp

by garethcull

Sec8

Connects AI tools to WordPress for content creation, publishing, and media asset management.

Setup Requirements

  • ⚠️Requires configuration of four environment variables: WORDPRESS_SITE_URL, WORDPRESS_USERNAME, APPLICATION_PASSWORD, and MCP_TOKEN.
  • ⚠️A WordPress site with a user account configured for Application Passwords is required.
  • ⚠️For 'full-fidelity HTML publishing', a custom PHP template ('page-full-html.php') must be manually uploaded to your active WordPress theme directory.
Verified SafeView Analysis
The server uses environment variables for sensitive credentials (WordPress username, application password, MCP token), which is good practice. Authentication is via a shared MCP_TOKEN. The 'upload_image_to_wordpress' tool fetches images from provided URLs; while it includes content type checks, this could pose a limited Server-Side Request Forgery (SSRF) risk if a malicious URL bypasses checks, though no arbitrary command execution is apparent. The optional 'page-full-html.php' template removes WordPress content filters, which is a documented feature for full HTML fidelity but users should be aware of its implications for content security.
Updated: 2026-01-19GitHub
PreviousPage 416 of 713Next