Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
meharaz733 icon
Sec8

This MCP server enables users to track personal expenses by providing tools to add, list, and delete expense entries, backed by a local SQLite database.

Setup Requirements

  • ⚠️Python 3.13+ required
Verified SafeView Analysis
The server uses parameterized queries, preventing SQL injection. However, if deployed with `mcp.run(transport="http", host="0.0.0.0", port=8000)` without external authentication/authorization, it exposes an unauthenticated API to the network, which could be a security risk. For a local, personal expense tracker, this is acceptable. No hardcoded secrets or malicious patterns were found.
Updated: 2025-11-27GitHub
0
0
Low Cost
hiroki-yokoyama icon

vision-mcp-server

by hiroki-yokoyama

Sec9

A Model Context Protocol (MCP) server for local CPU-based vision language model inference using GGUF models via llama-cpp-python, designed to run as a Windows resident process and analyze images.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Installs 'llama-cpp-python' directly from its GitHub 'main' branch, which may require C++ build tools (e.g., Visual Studio Build Tools on Windows) and could introduce instability.
  • ⚠️Requires existing GGUF model artifacts (vision model and multimodal projection file) to be copied into an 'artifacts/' directory, or they will be downloaded from Hugging Face Hub (requiring internet access and potentially proxy configuration via HF_ENDPOINT/HF_TOKEN).
  • ⚠️Setup instructions and scripts are Windows-focused (e.g., PowerShell, robocopy).
Verified SafeView Analysis
The server primarily operates with local file paths for images and models, relying on PIL for image processing and llama-cpp-python for LLM inference. No direct 'eval' or execution of arbitrary code from user input was found. The dynamic loading of chat handlers uses a controlled dictionary, mitigating risks. Main risks involve running potentially malicious GGUF models or providing large/malformed image files, which are inherent to the use case.
Updated: 2025-11-20GitHub
0
0
Low Cost
coollikeabreeze icon

jira-mcp-server

by coollikeabreeze

Sec8

The Jira MCP Server enables creating and updating Jira issues through a Model Context Protocol (MCP) endpoint for MCP-compatible clients, and a REST API endpoint for integration with Custom GPT Actions or other REST API clients.

Setup Requirements

  • ⚠️Requires Node.js v16 or higher.
  • ⚠️Requires 'openssl' for generating self-signed SSL certificates for local HTTPS development, or requires `USE_HTTPS=false` for HTTP-only local development (e.g., behind a proxy).
  • ⚠️Requires a Jira account with API access, including a Jira API token, base URL, email, and project key configured via environment variables.
  • ⚠️The 'API_KEY' environment variable is critical for security in production deployments; the server will return an error if it's missing when `NODE_ENV` is set to 'production'.
Verified SafeView Analysis
The server uses environment variables for all sensitive credentials (Jira API token, email, API key), preventing hardcoding. API key authentication is implemented for REST endpoints and the MCP POST endpoint. In production, an API key is strictly required. For local development, self-signed SSL certificates are used, which is a standard practice but requires client-side acceptance and is not suitable for production. Error logging for Jira API calls includes full request/response bodies, which should be secured in production logs to prevent sensitive data exposure.
Updated: 2025-11-26GitHub
0
0
Medium Cost

Salesforce-MCP-Server

by 5p875v6f46-ai

Sec7

Provides programmatic access to Salesforce metadata through a standardized interface, enabling AI applications to discover and interact with Salesforce org structure.

Setup Requirements

  • ⚠️Requires a Salesforce Connected App to be manually configured with specific OAuth settings (e.g., Full access, Refresh Token, PKCE, specific Callback URL).
  • ⚠️The OAuth authentication process may require manually copying the callback URL from the browser if the local redirect server fails to receive it automatically.
  • ⚠️Requires Python 3.10+ (Python 3.11 is explicitly recommended and used in provided scripts).
Verified SafeView Analysis
The primary authentication in `salesforce_mcp.py` uses Web Server OAuth Flow with PKCE, which is a secure standard. Credentials (Client ID/Secret) are loaded from environment variables, which is good practice. However, access tokens are saved to a plaintext file (`~/.salesforce_mcp_token.json`), which presents a moderate risk as any local process with file access can read the token. The `configure_salesforce` MCP tool within `salesforce_mcp.py` confusingly still accepts and stores `username` and `password` in `os.environ`, though these are not used by the primary PKCE authentication flow. Older documentation and test scripts also reference the less secure Username-Password Flow, but the main server has pivoted to PKCE. No malicious patterns like `eval` or obfuscation were detected.
Updated: 2025-11-25GitHub
0
0
Low Cost
SajalAli12345 icon

mcp_servers

by SajalAli12345

Sec1

Provides server infrastructure, likely related to Minecraft (MCP), for hosting or managing game instances and player connections.

Setup Requirements

  • ⚠️Requires Java Runtime Environment (JRE) for execution
  • ⚠️May require specific Minecraft server versions or protocol knowledge for compatibility
  • ⚠️Requires proper port availability and firewall configuration for network access
Review RequiredView Analysis
The source code was not provided for analysis, therefore a comprehensive security audit could not be performed. The low score reflects an unknown and potentially high-risk security posture, as running unexamined code is inherently dangerous.
Updated: 2025-11-30GitHub
0
0
Low Cost
Puneet-Sharma13 icon

MCP

by Puneet-Sharma13

Sec10

A minimal example demonstrating basic web component development and application initialization.

Setup Requirements

  • ⚠️Requires Node.js environment
  • ⚠️Requires a JavaScript build tool (e.g., Babel) for JSX syntax
Verified SafeView Analysis
The provided code snippets are extremely minimal and do not contain any identifiable security risks such as 'eval', obfuscation, network requests, or hardcoded secrets. They primarily consist of a print statement, a simple React component, and a console log.
Updated: 2025-11-27GitHub
0
0
Low Cost
Ana-Gutman icon
Sec8

Provides an MCP server that enables LLMs to call a structured tool for real-time weather information using the Open-Meteo API.

Verified SafeView Analysis
The server uses standard Python socket and JSON parsing, avoiding known dangerous functions like `eval`. Network communication is local-only by default (`127.0.0.1`). Input for the 'q' parameter (city name) is passed to an external API via `requests.get` using `params`, which handles URL encoding, mitigating injection risks to the external API call. Minor risk of internal exception details being exposed in error messages. No hardcoded sensitive credentials.
Updated: 2025-11-27GitHub
0
0
Medium Cost
nickcarndt icon
Sec9

A Model Context Protocol (MCP) server designed for Vercel deployment, enabling AI agents (like ChatGPT) to interact with Shopify for product search and Stripe for creating checkout sessions and managing payments, facilitating natural language commerce workflows.

Setup Requirements

  • ⚠️Requires a Redis instance (e.g., Upstash) for SSE support; inactive free-tier instances may be deleted and require recreation.
  • ⚠️Requires Shopify Admin API credentials (store URL/shop name and access token) with appropriate permissions for product search.
  • ⚠️Requires a Stripe secret key (`sk_...`) for creating checkout sessions and retrieving payment statuses. Must be a secret key, not a publishable key.
  • ⚠️Stripe checkout redirects (success/cancel URLs) rely on `NEXT_PUBLIC_SITE_URL` environment variable; if not set, it defaults to `http://localhost:3000` which might not be suitable for production.
Verified SafeView Analysis
The server demonstrates strong security practices including explicit warning against hardcoding secrets, reliance on environment variables for sensitive data (API keys, Redis URL), strict Zod validation for all tool inputs, proper CORS configuration with an allowlist (including ChatGPT origins), and the use of Helmet for security headers. Structured logging with Pino enhances auditability. Specific error handling for Redis connection issues prevents exposure of internal details. Idempotency key support for Stripe checkout operations mitigates duplicate actions. There is no 'eval' or obvious obfuscation. Potential areas for further enhancement could include explicit server-side rate limiting beyond what Vercel might offer by default, and more detailed input validation on environment variables themselves, but overall, it's a very well-secured application.
Updated: 2025-12-23GitHub
0
0
Low Cost
aRustyDev icon

mcp

by aRustyDev

Sec8

Manages, documents, and provides templates for Model Context Protocol (MCP) server development and deployment.

Setup Requirements

  • ⚠️Requires Docker for running most configured MCP servers and infrastructure components.
  • ⚠️Requires 'just' command runner for setup, label synchronization, and other project tasks.
  • ⚠️Many configured MCP servers require specific API keys (e.g., GitHub, Brave, Slack, Airtable) and database connection strings, which often correspond to paid services or necessitate prior account setup.
  • ⚠️Extensive reliance on GitHub Project for issue tracking, labels, and views, requiring familiarity with GitHub's project management features.
Verified SafeView Analysis
The project demonstrates a high level of security awareness, with a dedicated security policy (`SECURITY.md`) emphasizing secure coding practices, environment variable usage for secrets (frequently referencing a secret manager with `op://`), regular token rotation, and least privilege. Docker best practices like non-root users and HADOLint checks are encouraged through workflows and documentation. However, a hardcoded `SURREALDB_PASS: "StrongSecretPassword!"` is present in `configs/zed/settings.json`, which is a notable flaw, even if for a local development setup. The repository itself primarily manages other MCP servers, and their individual security implementations are external to this core management project.
Updated: 2025-12-23GitHub
0
0
Low Cost
gleanwork icon
Sec8

A command-line utility for configuring various MCP (Model Context Protocol) clients (e.g., Cursor, Claude, VS Code) to connect to Glean's MCP servers (local or remote) and to initialize project-level AI coding agent configurations.

Setup Requirements

  • ⚠️Requires Node.js 22 LTS.
  • ⚠️Requires a Glean API token (`GLEAN_API_TOKEN`) and Glean instance name (`GLEAN_INSTANCE`) for local server configuration.
  • ⚠️Remote server configuration requires a Glean MCP server URL (`--url`). OAuth with Dynamic Client Registration (DCR) is recommended; a bearer token (`--token`) is optional for clients not supporting OAuth.
  • ⚠️For VS Code client, `chat.mcp.enabled`: true must be added to user settings to enable MCP support.
Verified SafeView Analysis
The server primarily performs local file system operations (read/write config files, create directories) and executes `npx` commands for `@gleanwork/local-mcp-server` and `mcp-remote`. While `npx` introduces a supply chain risk if the external packages were compromised, this is a standard practice for Node.js CLI tools interacting with companion packages. Credentials (API tokens, instance names, URLs) are handled via CLI flags, environment variables, or `.env` files, following common secure practices. There are no obvious signs of 'eval', code obfuscation, or direct malicious network patterns beyond expected MCP server communication. The `mcp-remote` version is pinned in `package.json` which provides some stability against unexpected updates.
Updated: 2026-01-09GitHub
0
0
Medium Cost
bvandewe icon

tools-provider

by bvandewe

Sec6

Manages and provides access-controlled tools from various sources (OpenAPI, built-in, MCP plugins) via a web UI and API. It serves as a backend for agent-host applications to discover and execute diverse capabilities.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for easy setup.
  • ⚠️Requires Keycloak for authentication and authorization (OIDC).
  • ⚠️Requires MongoDB for data persistence (uses Motor for async Python driver).
  • ⚠️Requires Redis for session management and caching.
  • ⚠️Requires Python 3.10+.
Review RequiredView Analysis
The application's core functionality includes executing user-provided Python code (via `RestrictedPython`) and mathematical expressions (using `eval` with AST sanitization), as well as fetching data from arbitrary user-defined URLs. While attempts are made to sandbox code execution (`RestrictedPython`) and validate input, these operations inherently carry significant security risks if not managed in a highly trusted and isolated environment. Hardcoded secrets are generally avoided, with explicit support for external secrets management. Authentication and authorization are robustly handled via Keycloak and RBAC. The primary risk comes from the inherent nature of the services provided (dynamic code execution and external API interaction) rather than direct negligence. The known difficulties in perfectly sandboxing Python code mean a security bypass is a non-trivial but persistent risk.
Updated: 2025-12-15GitHub
0
0
Low Cost
ArjunPrasadSarkhel icon

test_remote_mcp_server

by ArjunPrasadSarkhel

Sec9

This server provides a basic remote service for performing simple arithmetic operations and generating random numbers using the FastMCP framework.

Setup Requirements

  • ⚠️Requires Python 3.14+ (as specified in pyproject.toml, note that Python 3.14 is not yet released)
  • ⚠️Requires 'fastmcp' library to be installed (e.g., `pip install fastmcp`)
Verified SafeView Analysis
The server exposes two simple functions: `add_number` and `generate_random_number`. These operations are inherently low-risk, not involving file system access, external commands, or sensitive data handling. No 'eval', 'exec', or hardcoded secrets are present. The FastMCP framework handles the networking securely, minimizing direct exposure to common web vulnerabilities for the implemented tools. The primary risk would be if more complex or I/O-heavy tools were added without proper validation.
Updated: 2025-12-13GitHub
PreviousPage 434 of 713Next