Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
oogunbiyi21 icon

stats-compass-mcp

by oogunbiyi21

Sec8

A stateful, MCP-compatible toolkit of pandas-based data tools for AI-powered data analysis.

Setup Requirements

  • ⚠️Requires 'uv' to be installed for local execution with 'uvx'.
  • ⚠️Drag-and-drop file uploads are NOT supported; data must be loaded via absolute file paths for local files, or via a pre-signed URL mechanism for remote files.
  • ⚠️Client compatibility is optimized for Claude models; Gemini and GPT tool calling may be inconsistent.
Verified SafeView Analysis
The server implements session isolation to prevent data leakage between different AI agent interactions. File loading in local mode requires absolute file paths on the host system, posing a potential risk if the AI is instructed to access sensitive directories. Remote storage (S3) requires secure management of AWS credentials via environment variables, or preferably, IAM roles. The core data analysis logic within the `stats-compass-core` dependency would need a separate audit for potential command injection or data processing vulnerabilities through tool parameters.
Updated: 2026-01-17GitHub
0
0
Medium Cost
lakshya1410 icon
Sec8

This system leverages AI and web scraping to find, qualify, and extract contact details for B2B leads based on a defined Ideal Customer Profile (ICP).

Setup Requirements

  • ⚠️Requires a Bright Data Account (usage-based costs apply)
  • ⚠️Requires an OpenAI API Key (usage-based costs apply)
  • ⚠️Requires Python 3.8+
Verified SafeView Analysis
The application follows good practices for handling API keys by loading them from environment variables. There are no obvious signs of 'eval' or malicious command injection patterns. Input validation is present for critical endpoints. The CORS configuration uses '*' for origins which is common for demos but should be restricted in a public production environment. The API endpoints are unauthenticated, which is noted as a future improvement in the documentation, making it unsuitable for public deployment without further security measures.
Updated: 2025-12-31GitHub
0
0
Medium Cost
heyadam icon

mcpsystemdesign

by heyadam

Sec8

A production-ready Model Context Protocol (MCP) server that exposes design system components and style guides for AI assistants, enabling them to generate UI code and understand design principles.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️The in-memory rate limiter resets on serverless cold starts and is not shared across distributed instances, meaning actual rate limits might be less consistent than expected under heavy, distributed load.
Verified SafeView Analysis
The server implements good security practices including robust Zod-based input validation for JSON-RPC requests, whitelist-based Host header validation to prevent injection, and basic in-memory rate limiting (100 requests/minute per IP). While CORS is set to '*' (permissive), this is a conscious decision for a public API exposing design system data. The in-memory rate limiter is not distributed and resets on serverless cold starts, which is a known limitation for high-scale, production-critical rate limiting but acceptable for many use cases.
Updated: 2025-12-13GitHub
0
0
Medium Cost
Kikk79 icon
Sec9

Facilitates programmatic interaction with the Make.com API for comprehensive workflow automation, including scenario creation, modification, and management, through a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires a Make.com API token with specific scopes (read/write for scenarios, connections, hooks, datastores, teams, organizations).
  • ⚠️Requires Node.js and npm to build and run.
  • ⚠️The 'blueprint' and 'scheduling' parameters in create/update scenario calls are expected to be JSON strings, which will be double-stringified when sent to the Make.com API (e.g., '"{\"key\":\"value\"}"'), potentially leading to API errors or unexpected behavior if Make.com does not handle this specific format.
Verified SafeView Analysis
The server correctly uses environment variables for the API token. No 'eval' or other dynamic code execution from untrusted input was found. Network interactions are confined to the specified Make.com API endpoints. Error handling for API calls is present. A minor functional concern is that 'blueprint' and 'scheduling' inputs (expected to be JSON strings) are double-stringified when sent to the Make.com API, which is an API formatting issue rather than a direct security vulnerability of this server.
Updated: 2026-01-19GitHub
0
0
Medium Cost
johan-gorter icon

mcp-pdf-server

by johan-gorter

Sec9

Provides a Model Context Protocol (MCP) server for extracting plain text content from PDF files, primarily for integration with AI assistants like Claude Desktop, with robust directory access controls.

Setup Requirements

  • ⚠️Requires Node.js 22+.
  • ⚠️Requires explicit configuration of allowed directories via command-line arguments or MCP Roots protocol; the server cannot operate without at least one allowed directory.
  • ⚠️Only extracts text from PDFs with embedded text (no OCR for scanned PDFs).
Verified SafeView Analysis
The project demonstrates a strong commitment to security with explicit handling of common attack vectors: - Path Traversal: Prevented by robust path normalization (`path.resolve`, `path.relative`). - Symlink Attacks: Mitigated by resolving real paths (`fs.realpath`) and verifying against allowed directories. - TOCTOU (Time-of-Check-Time-of-Use): Actively prevented by re-validating the file path immediately before file access (`extractPdfText` calls `validatePath` again). - Case Sensitivity Bypasses: Handled with platform-specific case-insensitive comparisons on Windows/macOS. - Hard Link Attacks: The `checkForHardLinkVulnerability` function detects files with multiple hard links (`nlink > 1`) and logs a warning. However, by default, it *does not block* access to such files. The `SECURITY.md` notes this as a 'Known Limitation' and suggests uncommenting a `throw new Error` line for stricter enforcement. This default choice slightly reduces the score from a perfect 10, as it leaves a potential, albeit transparently documented, vulnerability if not explicitly configured for strict mode. No 'eval' or intentional obfuscation was found, and sensitive information is not hardcoded. The server uses standard I/O, minimizing network attack surface.
Updated: 2025-12-29GitHub
0
0
Low Cost
HarshRohilla04 icon

test-remote-mcp-server

by HarshRohilla04

Sec8

Provides a framework for defining and running AI agent tools (functions) locally or remotely, with integration capabilities for platforms like Claude Desktop.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️Requires `uv` package installer for running commands
  • ⚠️Specific `uv` path configuration may be needed for Claude Desktop integration
Verified SafeView Analysis
The code itself is largely safe, defining simple functions. The remote server binds to 0.0.0.0, which could expose it if deployed without proper network security. The proxy server relies on an external 'fastmcp.app' endpoint, introducing a dependency risk.
Updated: 2025-11-26GitHub
0
0
Medium Cost
ajeetcloud icon
Sec7

Exposes local file system documents as MCP (Model Context Protocol) resources for AI models to access dynamically.

Setup Requirements

  • ⚠️Requires `resource.directory.path` to be configured (via environment variable, application.properties, or command-line argument) pointing to an existing directory containing the documents.
  • ⚠️Relies on Spring AI's MCP server infrastructure to be correctly set up within the Spring Boot application context.
  • ⚠️Hardcodes `mimeType` to 'text/plain' for all served files, which may not be accurate for all text-based document types (e.g., '.md', '.json').
Verified SafeView Analysis
The server reads and exposes the content of all files within a configurable local directory (`resource.directory.path`). While the code itself does not introduce direct RCE or arbitrary file system traversal vulnerabilities, a misconfigured `resource.directory.path` could expose sensitive local files. The `mimeType` is hardcoded to 'text/plain', which could be misleading for clients expecting correct content types for non-plain text files. No content sanitization is performed on the served documents. Proper configuration of `resource.directory.path` to a controlled, non-sensitive directory is crucial.
Updated: 2025-11-27GitHub
0
0
High Cost
youqad icon

gptr-mcp

by youqad

Sec8

An MCP server for GPT Researcher, enabling AI assistants to perform deep web and local document research, and generate detailed reports.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid)
  • ⚠️Requires Tavily API Key (Paid or Usage-Based)
  • ⚠️Requires Python 3.11 or higher
  • ⚠️Local document research (modes 'local'/'hybrid') requires setting the DOC_PATH environment variable to an existing directory
Verified SafeView Analysis
The project demonstrates awareness of security best practices, including explicit warnings against exposing API keys (seen in `SECURITY_WARNING.md`) and implementation of path traversal protection (`document_loader.py`). It also limits file sizes to prevent resource exhaustion. No 'eval' or other dynamic code execution patterns were found. The primary security concern lies with users carefully managing their API keys, as they are crucial for functionality and are explicitly passed in some integration examples (e.g., Claude Desktop config).
Updated: 2025-11-26GitHub
0
0
Low Cost
ernestolee13 icon

chaos-mesh-mcp

by ernestolee13

Sec4

Enables AI assistants to automate chaos engineering experiments and resilience testing on Kubernetes clusters via Chaos Mesh.

Setup Requirements

  • ⚠️kubectl must be installed and configured with access to a Kubernetes cluster (v1.15+).
  • ⚠️Chaos Mesh (v2.6+ recommended) must be installed in the Kubernetes cluster.
  • ⚠️Specific chaos types have additional requirements (e.g., `chaos-dns-server` for DNSChaos, `Chaosd` agent on target machines for PhysicalMachineChaos).
  • ⚠️Requires appropriate Kubernetes RBAC permissions for the user running the MCP server.
  • ⚠️Python 3.10, 3.11, or 3.12 is required.
Verified SafeView Analysis
The server executes `kubectl` commands via `subprocess.run`, granting the AI direct control over Kubernetes cluster operations. While necessary for its intended chaos engineering purpose, this is a high-privilege operation. The safety is highly dependent on properly configured Kubernetes RBAC permissions for the user running the MCP server to prevent unauthorized or destructive chaos experiments. No 'eval' or hardcoded secrets were found.
Updated: 2025-12-17GitHub
0
0
Medium Cost
bitjungle icon

vaer

by bitjungle

Sec9

Provides high-level, LLM-friendly weather tools and Norwegian place name resolution backed by MET Norway's Weather API via a proxy, designed for MCP-compatible clients.

Setup Requirements

  • ⚠️Requires Node.js 24+ LTS.
  • ⚠️Requires a running `metno-proxy` Docker container as a prerequisite for all weather tools.
  • ⚠️Optional: `FROST_CLIENT_ID` environment variable is needed for the `weather_get_recent_observations` tool to function.
Verified SafeView Analysis
The server design is robust: all external MET Norway API calls are routed through a dedicated Nginx-based proxy (`metno-proxy`), which handles User-Agent compliance, caching, and rate limiting. Secrets like `FROST_CLIENT_ID` and `VAER_API_KEY` are managed via environment variables. Input validation is rigorously enforced using Zod schemas for all tool inputs. Local file system access is read-only for the `places.db` at runtime. No `eval` or obvious obfuscation patterns are present. The `metno-proxy`'s User-Agent is a build-time argument, ensuring proper identification to MET Norway. The `is_safe_to_run` is true.
Updated: 2025-11-30GitHub
0
0
Medium Cost
KyongSik-Yoon icon

bead-mcp-ts

by KyongSik-Yoon

Sec6

An MCP server to integrate with the beads issue tracker and agent memory system using the bd CLI.

Setup Requirements

  • ⚠️Requires the 'bd' CLI to be installed and accessible in the system's PATH, or specified via BEADS_PATH.
  • ⚠️Requires a Node.js runtime environment to execute the TypeScript server.
  • ⚠️If 'BEADS_REQUIRE_CONTEXT=1' is set, write-type tools will fail without a prior 'set_context()' call or explicit 'workspace_root' parameter.
Verified SafeView Analysis
The server relies heavily on executing the external 'bd' CLI via 'child_process.spawn'. While 'spawn' is generally safer than 'exec', user-provided strings (like titles, descriptions, assignee names, etc.) are passed directly as arguments. This introduces a risk if the 'bd' CLI itself has vulnerabilities that allow command injection or improper handling of malicious input in its arguments. Path resolution for 'workspace_root' also involves `git rev-parse` and file system checks, which, if not properly sanitized or if user input is fully untrusted, could lead to unexpected behavior or information disclosure, although no direct write vulnerabilities are apparent. No 'eval' or hardcoded secrets found.
Updated: 2025-11-25GitHub
0
0
High Cost
Cr-jeyr icon

RAG-MCP-server

by Cr-jeyr

Sec5

A server for an AI agent leveraging Retrieval Augmented Generation (RAG) with Pinecone for knowledge retrieval.

Setup Requirements

  • ⚠️Requires Pinecone API key (Paid)
  • ⚠️Requires LLM API key (Paid, e.g., OpenAI, Anthropic)
  • ⚠️Requires Node.js installed
Review RequiredView Analysis
Cannot perform a comprehensive security audit as only the README.md file was provided. No source code was available for analysis of 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns.
Updated: 2025-12-13GitHub
PreviousPage 431 of 713Next