Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
null-create icon

mcp-web-server

by null-create

Sec9

A local, API-key-free web search server providing unified search tools via Model Context Protocol (MCP) for LLM agents and automation systems.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️DuckDuckGo and GitHub APIs are subject to rate-limiting and may return 403 errors if queries are too frequent.
Verified SafeView Analysis
The server's code does not contain 'eval', hardcoded secrets, or obvious malicious patterns. It relies on well-known public search engines (DuckDuckGo, Wikipedia, GitHub Public API) which inherently have rate-limiting. The default bind address of '0.0.0.0' for the HTTP server means it is accessible from any network interface; users should be aware of this and use `HOST_ADDRESS` to restrict access if exposing it to an untrusted network.
Updated: 2025-11-19GitHub
0
0
High Cost
ContexaAI icon
Sec7

Implements an MCP server for the Notion API, allowing LLMs to interact with Notion pages, databases, and blocks.

Setup Requirements

  • ⚠️Requires a Notion internal integration with specific capabilities (Read content, etc.) and connection to relevant Notion pages/databases.
  • ⚠️Requires a Notion Integration Token (ntn_****) to be provided as part of `OPENAPI_MCP_HEADERS` environment variable.
  • ⚠️File upload parameters are expected to be absolute paths to local files accessible by the server process.
Verified SafeView Analysis
The server parses `OPENAPI_MCP_HEADERS` from environment variables, which includes JSON parsing; this is handled with basic error checking. The `HttpClient` for file uploads uses `fs.createReadStream` with paths provided in tool arguments. While the expectation is for LLMs to provide 'absolute paths to local files' (as per documentation), this pattern could potentially be exploited by a malicious LLM prompt to read or upload arbitrary files accessible to the server process. There's no explicit path sanitization or restriction on `filePath` content before `fs.createReadStream`. The `eval` statement in `OpenAPIToMCPConverter` is commented out, which is good. CORS is enabled for all origins, which is common for API servers but might be a minor concern in certain deployment scenarios.
Updated: 2025-11-20GitHub
0
0
Medium Cost
AnnsHarry icon

CLAUDEmd

by AnnsHarry

Sec1

A desktop application designed to streamline AI-enhanced collaboration tasks, including content generation, context retrieval, and code auditing, aiming for users without programming knowledge.

Setup Requirements

  • ⚠️Requires downloading and installing a pre-compiled executable from an external GitHub release, which poses a trust risk as no source code is provided for audit.
  • ⚠️Implied reliance on external AI services (Codex, Gemini, Auggie ACE) suggests potential hidden API key requirements or developer-managed backend costs, which are not detailed in the README.
  • ⚠️System requirements (OS, RAM, Storage, Processor) must be met for smooth operation.
Review RequiredView Analysis
A security audit is not possible as no actual source code was provided for the CLAUDEmd application. The 'SOURCE CODE' section only contained a copy of the README.md file. Therefore, it's impossible to check for malicious patterns, 'eval' usage, obfuscation, network risks, or hardcoded secrets. Running pre-compiled software without access to its source code and an independent audit carries significant inherent risk, especially when downloaded as a binary from an unverified source.
Updated: 2026-01-19GitHub
0
0
High Cost
danielecelsa icon

tavily-mcp-server

by danielecelsa

Sec8

Provides a web search tool for multi-agent systems and applications via the Tavily API.

Setup Requirements

  • ⚠️Requires Tavily API Key (Paid Service)
  • ⚠️Python 3.10+ required
Verified SafeView Analysis
No critical vulnerabilities like 'eval' or hardcoded secrets were found. The server appropriately uses environment variables for API keys. Potential risks are primarily related to how consuming agents handle the raw search results (e.g., if they execute content directly), rather than the server itself, which acts as a wrapper.
Updated: 2025-12-02GitHub
0
0
Low Cost
mhsenpc icon
Sec9

Interacts with the Wallex Cryptocurrency Exchange API to retrieve account balances and historical OHLC data for trading pairs.

Setup Requirements

  • ⚠️Requires Go 1.21 or higher to build and run.
  • ⚠️A Wallex API key is required for authenticated calls (e.g., get_account_balances).
  • ⚠️Requires local compilation using `go build`.
Verified SafeView Analysis
The server correctly retrieves the API key from environment variables (WALLEX_API_KEY) and uses it to authenticate requests. There are no hardcoded secrets, 'eval' calls, or other immediately apparent malicious patterns. It makes standard HTTPS requests to a known exchange API. Error handling for API responses and missing API keys is present.
Updated: 2025-11-30GitHub
0
0
Low Cost
mpryc icon
Sec9

Provides real-time and historical currency exchange rates and gold prices from the Polish National Bank (NBP) API.

Setup Requirements

  • ⚠️Requires Python 3.13 or higher
  • ⚠️Requires `uv` package manager for setup and running
  • ⚠️Absolute path to the server directory is needed for Claude Desktop configuration
Verified SafeView Analysis
The server uses `httpx` for external API calls to the public NBP API and includes input validation for all tool parameters, mitigating common injection risks. No hardcoded secrets are evident, and transport mechanisms (`stdio`, `streamable-http` via `uvicorn`) are standard and secure. Error handling for API requests is implemented.
Updated: 2025-11-21GitHub
0
0
Medium Cost
Amama-Fatima icon
Sec8

Facilitates sequential, step-by-step reasoning for complex problem-solving by an AI agent, supporting thought revisions, branching, and session management.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Requires `npm install` and `npm run build` to compile the TypeScript source to JavaScript before running the server.
  • ⚠️The server manages sessions in-memory; restarting the server will clear all active thinking sessions.
Verified SafeView Analysis
The server uses `child_process.spawn` to run the main MCP tool, which is safer than `exec` as it explicitly executes a local Node.js script (`build/index.js`) rather than a shell command. Input validation for tool parameters is handled by Zod schemas, mitigating common injection risks. CORS is set to `origin: "*"`, which is highly permissive; while common for LLM tool servers, it could be a concern in some deployments if not properly secured at the network level. No hardcoded secrets or 'eval' statements were found. Session management includes cleanup for idle and max lifetime sessions, preventing resource leaks.
Updated: 2025-11-24GitHub
0
0
Medium Cost
shahlaukik icon

money-manager-mcp

by shahlaukik

Sec3

Enables AI assistants to manage personal finances through the Realbyte Money Manager application's web server.

Setup Requirements

  • ⚠️Requires Node.js v18 or higher to run.
  • ⚠️The Realbyte Money Manager app's web server must be enabled on your phone.
  • ⚠️Your computer and phone must be connected to the same Wi-Fi network.
  • ⚠️Requires manual retrieval and configuration of the Money Manager web server's IP address and port (e.g., `http://192.168.1.1:8888`).
Review RequiredView Analysis
CRITICAL VULNERABILITY: The `src/client/http-client.ts` file uses `new Function(`return (${responseText});`)` to parse API responses (line 314). This is equivalent to `eval()` and constitutes a Remote Code Execution (RCE) vulnerability. If the external 'Realbyte Money Manager application's web server' (which is the source of `responseText`) is compromised or returns malicious JavaScript, this server will execute it on the host machine. While the developer states 'This is safe because we're only evaluating data from our known API', this assumption introduces a significant attack vector. Additional risks: File operations (`downloadFile`, `uploadFile`, `summary_export_excel`) take `outputPath` or `filePath` as arguments. If an attacker can manipulate the AI's input (e.g., via prompt injection), they could potentially cause arbitrary file writes or reads on the server's host machine. The dangerous `backup_download` and `backup_restore` tools are explicitly disabled in `src/index.ts`, which is a positive security decision.
Updated: 2025-12-02GitHub
0
0
Low Cost
Aswinks01 icon
Sec4

End-to-end application for generating high-quality 3D GLB assets from text prompts or existing images, leveraging AI models like Z-Image-Turbo and TRELLIS.2.

Setup Requirements

  • ⚠️Requires NVIDIA GPU with CUDA (compute capability 8.0+) and Flash Attention 3 for acceptable performance; falls back to CPU but will be extremely slow.
  • ⚠️Requires the `flex_gemm` library, which may have complex installation requirements specific to CUDA environments.
  • ⚠️Relies on an external Gradio client (`briaai/BRIA-RMBG-2.0`) for background removal, necessitating an active internet connection.
Review RequiredView Analysis
Uses `trust_remote_code=True` when loading models from Hugging Face (e.g., `DINOv3ViTModel`, `AutoModelForImageSegmentation`), which allows arbitrary code execution from external repositories and is a significant supply chain security risk. Also connects to an external Gradio client (`briaai/BRIA-RMBG-2.0`) for background removal, sending user input images to a third-party service.
Updated: 2026-01-19GitHub
0
0
Low Cost
pixelbadger icon
Sec9

Hosts a Model Context Protocol (MCP) server to enable AI assistants to perform BM25, vector, or hybrid search on indexed content for Retrieval-Augmented Generation (RAG) workflows.

Setup Requirements

  • ⚠️Requires .NET 9.0 runtime.
  • ⚠️Requires OpenAI API Key (Paid) if vector or hybrid search modes are used, or during content ingestion.
  • ⚠️When integrating with Claude Desktop, the `--index-path` argument for the `serve` command must be an absolute path.
Verified SafeView Analysis
The server operates as a stdio-based MCP server, which generally limits network attack surface as it communicates via standard input/output, often as a local child process. It requires API keys (OPENAI_API_KEY) to be provided as environment variables, which is a good security practice. No 'eval' or code obfuscation is apparent from the provided truncated source code. Overall security is dependent on the underlying .NET runtime and the Lucene.NET/SQLite-vec libraries it utilizes.
Updated: 2026-01-18GitHub
0
0
Low Cost
ajentsor icon

llm-radar

by ajentsor

Sec9

Provides real-time, curated intelligence about major AI models (OpenAI, Anthropic, Google) to AI assistants via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️The live server component relies on the availability and integrity of an external public JSON data feed for model information (`https://llm-radar.ajents.company/models.json`).
  • ⚠️To generate the model data locally (rather than relying on the public feed), API keys for OpenAI, Anthropic, and Google (paid services) are required.
  • ⚠️Requires an MCP-compatible client to connect and utilize the exposed tools and resources (e.g., Claude Desktop, or other AI assistants supporting MCP).
Verified SafeView Analysis
No direct use of 'eval' or obvious obfuscation detected. API keys for data fetching are managed through environment variables, which is a good practice. The MCP server component loads its model data from a specific external public URL (`https://llm-radar.ajents.company/models.json`). While the server code itself is robust, its real-time data integrity and availability are dependent on this external service. The data generation process (which involves calls to OpenAI, Anthropic, and Google APIs and enrichment by Claude) runs offline as a daily GitHub Action, reducing the direct live server's exposure to those API interactions.
Updated: 2026-01-17GitHub
0
0
Medium Cost
CaowardlyLion icon

grapher-mcp

by CaowardlyLion

Sec8

Provides an AI-powered Model Context Protocol (MCP) server for Penn Electric Racing telemetry data and CAN variable search and analysis.

Setup Requirements

  • ⚠️Requires Google Gemini API Key (Paid)
  • ⚠️Requires S3 bucket configuration for 'GeneratedCanIds.xml' (or local file path via CAN_DEFINES_PATH)
  • ⚠️Requires a compatible MCP client (e.g., Claude Desktop, custom Gemini client) for full interaction capabilities.
Verified SafeView Analysis
The project uses `os.getenv` for loading sensitive credentials (Gemini API key, S3 credentials), preventing hardcoding. File uploads are handled with `werkzeug.utils.secure_filename` and stored in a designated `uploads` directory, mitigating path traversal vulnerabilities for uploaded files. CSV parsing in `perda` appears to safely handle data types without executing arbitrary code. XML parsing for CAN definitions uses `lxml`, which is generally safe. The Flask web server utilizes standard practices like session management. No `eval` or direct shell execution with unvalidated user input was observed.
Updated: 2025-11-23GitHub
PreviousPage 424 of 713Next