Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
freddyfredster icon
Sec9

This repository demonstrates how to refactor, optimize, and govern Power BI semantic models using natural language prompts via GitHub Copilot and the Power BI Modeling MCP Server VS Code extension.

Setup Requirements

  • ⚠️Requires GitHub Copilot subscription (Paid)
  • ⚠️Requires Power BI Desktop with 'Modern metadata ON' enabled
  • ⚠️Requires Power BI Modeling MCP Server VS Code extension
Verified SafeView Analysis
The provided source code primarily consists of documentation, Power BI report/model configuration files (PBIP format), and prompt examples. There are no executable scripts, server-side code, 'eval' statements, obfuscation, or hardcoded secrets within the truncated code. The 'Power BI Modeling MCP Server' itself is a VS Code extension, whose internal source code is not provided in this repository for audit. The security score reflects the benign nature of the provided repository content, not the external components it leverages.
Updated: 2025-12-01GitHub
0
0
High Cost
mgrandau icon

telescope-mcp

by mgrandau

Sec8

An MCP (Model Context Protocol) server enabling AI agents to control telescope hardware (cameras, motors, sensors) and providing a web dashboard for human monitoring and manual control.

Setup Requirements

  • ⚠️Requires ZWO ASI SDK (`libASICamera2.so`) for hardware camera control (Linux/macOS specific paths and udev rules for permissions).
  • ⚠️Requires `gh` (GitHub CLI) to be installed and authenticated for issue creation utilities (`utils/create_issues.py`).
  • ⚠️Python 3.10+ is required.
  • ⚠️The `pdm` package manager is used consistently across the project for dependency management and running scripts.
  • ⚠️PySerial is implicitly required for Arduino sensor and serial motor drivers (hardware mode).
Verified SafeView Analysis
The project uses `subprocess.run` (in `utils/create_issues.py` for `gh` CLI, and `utils/analyze_mcp_overhead.py` for querying other MCP servers). For `create_issues.py`, `tempfile.NamedTemporaryFile` and input validation (`DANGEROUS_CHARS_REGEX`) are used to mitigate shell injection risks, which is a good practice. The `gh` CLI itself relies on external authentication setup. The web dashboard (`web/app.py`) can be exposed to the network (`0.0.0.0:8080`) if `--dashboard-host 0.0.0.0` is used, requiring external firewalling for production. No obvious hardcoded secrets or 'eval' usage.
Updated: 2026-01-05GitHub
0
0
Medium Cost
chayan-1906 icon
Sec3

Enables AI agents to perform complex browser automation and web scraping using Puppeteer, managing persistent sessions and various interaction modes.

Setup Requirements

  • ⚠️Requires Node.js 18+.
  • ⚠️Relies on a direct GitHub dependency (`mcp-utils`) which could be unstable or change.
  • ⚠️Creates persistent user profiles (e.g., `~/.browser-automation-mcp`) that grow over time.
Review RequiredView Analysis
The server uses `eval()` with user-provided script in the `execute-script` tool, which allows arbitrary JavaScript execution within the browser context, posing a significant security risk for data exfiltration or malicious actions if untrusted input is processed. Additionally, `app.use(cors())` enables Cross-Origin Resource Sharing for all origins, making the server vulnerable to requests from any domain, potentially leading to unauthorized control or data access. Persistent browser profiles can also store sensitive session data in the user's home directory.
Updated: 2025-12-05GitHub
0
0
Medium Cost
johnlam1968 icon

ibkr_headless_mcp

by johnlam1968

Sec9

Provides an MCP server to access Interactive Brokers (IBKR) API endpoints for financial data and trading operations via an LLM agent, using OAuth for authentication.

Setup Requirements

  • ⚠️Requires an Interactive Brokers (IBKR) account with API access enabled.
  • ⚠️Requires generation and secure local storage of OAuth 1.0a private key files (`private_encryption.pem`, `private_signature.pem`) and a DH prime, as detailed in the `ibind` library's OAuth wiki.
  • ⚠️Requires manual configuration of multiple IBKR OAuth credentials and file paths in a `.env` file.
Verified SafeView Analysis
The server correctly externalizes sensitive IBKR OAuth credentials into environment variables and separate files. There are no obvious 'eval' or 'exec' calls within the provided source code, reducing direct code injection risks. The primary security consideration is the potential for an unconstrained LLM agent to make unauthorized data retrieval requests through the `call_endpoint` tool, as it directly passes agent-provided `path` and `params` to the `ibind` client's GET method. However, since `call_endpoint` exclusively uses `client.get` and the documented endpoints are read-only, the risk of malicious write operations (e.g., placing trades) appears mitigated by the current implementation which is restricted to GET requests.
Updated: 2026-01-07GitHub
0
0
High Cost
support-and-care-labs icon

mail-mcp

by support-and-care-labs

Sec8

Serves as an MCP server to access, search, and analyze Apache Maven mailing list archives, extracting metadata and providing structured access to email content and threads.

Setup Requirements

  • ⚠️Docker Desktop (or Podman) with Docker Compose V2 is required to run the full stack.
  • ⚠️An Elasticsearch instance must be running and accessible for data storage and search.
  • ⚠️Mailing list archives (mbox files) need to be downloaded and indexed into Elasticsearch using provided CLI tools before the server can return meaningful results.
Verified SafeView Analysis
The source code does not contain obvious direct injection vulnerabilities (e.g., `eval()` on user input) or hardcoded secrets. Elasticsearch queries are constructed using structured Python dictionaries, which generally mitigates injection risks. Network requests to external APIs (`lists.apache.org`) use `httpx` with timeouts. The `docker-compose.yml` disables Elasticsearch security (`xpack.security.enabled=false`) for development, which is a significant configuration risk for production environments but not a vulnerability in the application's source code itself. The server binds to `0.0.0.0` by default, requiring external network security if deployed beyond a local/private network.
Updated: 2025-12-21GitHub
0
0
Low Cost
Ragtimelab icon

mcp-manager

by Ragtimelab

Sec8

A command-line interface (CLI) tool for managing Model Context Protocol (MCP) servers locally, providing installation, upgrade, health check, backup, and diagnostic functionalities similar to `brew`.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Relies on `uv` for installation and local execution.
  • ⚠️Requires `uvx` and/or `npx` to be installed and in PATH for managing respective MCP server types (Python/Node.js).
Verified SafeView Analysis
The tool directly executes `uvx`, `npx`, and `npm` via subprocess calls. While this is its core function for managing packages, it inherently relies on the security of these underlying tools and the trustworthiness of the package names provided by the user. No direct `eval` or obfuscation found. Sensitive environment variables are masked in `show_server` output. Configuration is stored locally in `~/.claude.json`.
Updated: 2025-12-05GitHub
0
0
Low Cost
trangpl193 icon

strange-mcp-core

by trangpl193

Sec9

Provides a shared foundation and framework for building Model Context Protocol (MCP) servers that expose AI-callable tools over HTTP.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️API Key is required if `ApiKeyAuth` middleware is enabled, typically loaded from `process.env.API_KEY`.
  • ⚠️This package is a framework; a developer must write a custom server implementation using `McpServer` and register tools for it to be functional.
Verified SafeView Analysis
The framework itself is well-engineered for security, providing robust JSON-RPC handling, API key authentication, and structured error responses (e.g., preventing stack trace leaks from operational errors). Input body size is limited to prevent DoS. CORS is enabled with `Access-Control-Allow-Origin: *`, which is permissive but common for APIs. The primary security consideration for a deployed server built with this framework will lie in the implementation of the `ToolDefinition.handler` functions, as these are arbitrary code executed in response to network requests. The framework provides the mechanisms but cannot guarantee the security of custom tool implementations.
Updated: 2026-01-19GitHub
0
0
Medium Cost
marc-shade icon
Sec7

Provides comprehensive security scanning capabilities for targets and cluster nodes using Nuclei, integrated with an Agentic System for autonomous vulnerability management.

Setup Requirements

  • ⚠️Requires Nuclei vulnerability scanner binary to be installed and accessible via NUCLEI_BIN environment variable or default path (~/go/bin/nuclei).
  • ⚠️The 'sentence-transformers' library (if available) for anomaly detection and prioritization features may download a large AI model ('all-MiniLM-L6-v2') on first use, requiring internet access and local storage.
  • ⚠️Relies on the AGENTIC_SYSTEM_PATH environment variable for default configuration paths.
Verified SafeView Analysis
The server executes external commands via `asyncio.create_subprocess_exec`, which is generally safer than shell-based execution as arguments are passed as a list. However, parameters like `target` and `severity` are directly passed to the Nuclei binary without explicit input validation in the Python code. While Nuclei is expected to handle its arguments safely, crafted inputs could potentially lead to unexpected behavior. The `SCAN_RESULTS_DIR` and `NUCLEI_BIN` paths are configurable via environment variables, which is standard but means their security depends on the environment's integrity. No 'eval', obfuscation, or hardcoded secrets were found. The tool is designed to run a powerful scanner, so inherent risks related to network traffic generation and resource usage should be acknowledged.
Updated: 2025-12-29GitHub
0
0
Medium Cost
launchnotes icon

mcp

by launchnotes

Sec9

An MCP server for managing LaunchNotes projects, announcements, feedback, and analytics through the GraphQL API, designed for integration with clients like Claude Desktop.

Setup Requirements

  • ⚠️Requires `LAUNCHNOTES_API_TOKEN` environment variable.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️A LaunchNotes 'Management token' is required for write operations; a 'Public token' may only grant read-only access.
Verified SafeView Analysis
The project demonstrates strong security practices: `LAUNCHNOTES_API_TOKEN` is correctly loaded from environment variables (no hardcoded secrets). All tool inputs are rigorously validated using Zod schemas, preventing common input-related vulnerabilities. GraphQL queries/mutations are used, and the client gracefully handles API errors (authentication, rate limits, timeouts). The server itself does not execute arbitrary code provided in custom HTML/CSS fields; it merely passes them to the LaunchNotes API, relying on the external API for final sanitization/rendering safety.
Updated: 2025-12-13GitHub
0
0
Medium Cost
isakskogstad icon

Upphandlingsdata-MCP

by isakskogstad

Sec9

Provides access to Swedish public procurement data by integrating Upphandlingsmyndigheten APIs and TED (EU Tenders Electronic Daily).

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Local setup requires specific configuration in Claude Desktop's claude_desktop_config.json, including the absolute path to the server's executable.
Verified SafeView Analysis
The server uses standard practices like input validation and limits request body size. It sanitizes upstream API URLs in error messages. No direct 'eval' or obvious malicious patterns found. No hardcoded secrets are evident, relying on public APIs. CORS is enabled for all origins, which is acceptable for a public data API.
Updated: 2025-12-02GitHub
0
0
Medium Cost
HarryGremlins icon

altius-mcp-server

by HarryGremlins

Sec1

The server acts as an agent to interact with and manage specific Git repositories (revm, alloy, reth) by providing tools to list repositories, search code, read files, and list branches as part of the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Git command-line tools to be installed and available in the execution environment.
  • ⚠️Requires environment variables `URL_REVM`, `URL_ALLOY`, and `URL_RETH` to be set to valid Git repository URLs for repository cloning.
  • ⚠️Requires internet access to clone and potentially pull updates for the specified repositories.
Review RequiredView Analysis
CRITICAL: The `search_code` tool is vulnerable to command injection. The `query` argument is directly interpolated into a `git grep` command without proper sanitization. An attacker can execute arbitrary shell commands. Potential command injection in `git clone` operations if environment variables `URL_REVM`, `URL_ALLOY`, `URL_RETH` are not trusted, as their values are directly used in shell commands. The `read_file` tool has basic path traversal prevention, but command injection for the `path` argument is still a risk if not fully sanitized.
Updated: 2026-01-19GitHub
0
0
Low Cost
ShaySarussiElshten icon

weather-mcp-server

by ShaySarussiElshten

Sec9

Provides current weather conditions and 5-day forecasts for any city using the OpenWeatherMap API via a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires an OpenWeatherMap API Key (free tier available, but new keys may take up to 2 hours to activate).
  • ⚠️Requires Python 3.10+.
  • ⚠️Specific setup for integration with Claude Code (CLI tool or manual JSON configuration).
Verified SafeView Analysis
The server correctly retrieves the API key from environment variables, preventing hardcoding in the main application logic. It uses `httpx` for secure asynchronous HTTP requests. Input parameters are handled as API request parameters, minimizing injection risks. Error handling is present. A minor note is that the `test_server.py` script hardcodes an API key, which is acceptable for a local test but would be a risk if included in a public configuration or production deployment.
Updated: 2025-11-23GitHub
PreviousPage 426 of 713Next