Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
icy-r icon

kubemcp

by icy-r

Sec8

This MCP server enables AI assistants to manage Kubernetes clusters by providing a standardized interface for interacting with Kubernetes resources.

Setup Requirements

  • ⚠️Requires a running Kubernetes cluster and a correctly configured kubeconfig with appropriate RBAC permissions for the identity running the MCP server.
  • ⚠️Requires Node.js version 20.0.0 or higher.
Verified SafeView Analysis
The server uses `@kubernetes/client-node` for API interaction, loading kubeconfig from standard locations or custom paths, which relies on host-level RBAC for security. It explicitly handles sensitive data by not returning raw secret data and redacting it from audit logs. Destructive operations are protected by dry-run mode and explicit confirmation requirements, with all actions logged for auditing. No 'eval' or obvious obfuscation techniques are used. Communication with the MCP client occurs over stdio, limiting external network exposure from the server itself. Overall, good security practices are implemented within its operational scope.
Updated: 2025-12-02GitHub
0
0
High Cost
calgo-lab icon
Sec9

Acts as an MCP server to enable large language models to perform named entity recognition and pseudonymization of German text via the Redakto API.

Setup Requirements

  • ⚠️Requires access to an external Redakto API instance to function.
  • ⚠️Node.js version 20 or higher is required.
Verified SafeView Analysis
The server functions as a proxy, forwarding requests to an external Redakto API. The API base URL is dynamically configured via the REDAKTO_API_URL environment variable, preventing hardcoded secrets. Inputs to tool calls are validated against predefined TypeScript interfaces before being sent to the API, mitigating direct injection risks. The HTTP client includes a timeout mechanism. No use of `eval` or other inherently dangerous runtime code execution patterns was identified.
Updated: 2025-11-25GitHub
0
0
Low Cost
raviesheth2608 icon

Volatility_MCP

by raviesheth2608

Sec8

Enables AI-powered Windows memory forensics, malware hunting, and DFIR workflows for Claude Desktop by integrating with Volatility 3.

Setup Requirements

  • ⚠️Requires Windows 10/11 operating system.
  • ⚠️Requires manual installation of Claude Desktop and configuration by editing `claude_desktop_config.json`.
  • ⚠️Hardcoded file paths for the Volatility executable and memory dump (`C:\volatility-mcp\`) mandate a specific installation location, requiring manual code/config changes if deviations occur.
  • ⚠️Requires a restart of Windows after Claude Desktop configuration changes.
Verified SafeView Analysis
The server executes Volatility 3 commands via `subprocess.run` with arguments derived from Claude Desktop's input. While `subprocess.run` is used with a list (mitigating direct shell injection), the risk of command injection or path traversal exists if malicious or unvalidated input from Claude Desktop (or an attacker abusing Claude) can manipulate the `memory_path`, `plugin`, `extra_args`, or `yara_rule_path` to execute arbitrary code or exploit `vol.exe` itself. Given the local server context, the primary trust boundary is the user and their Claude setup. No direct 'eval', obfuscation, hardcoded secrets, or significant network risks were identified.
Updated: 2026-01-17GitHub
0
0
Low Cost
nullchimp icon
Sec9

This server acts as a Model Context Protocol (MCP) bridge, enabling AI agents to interact with a Dungeon Crawler Game API using standardized tools.

Setup Requirements

  • ⚠️Node.js v18 or higher is required.
  • ⚠️The Game API must be running on port 3000 before starting the MCP Server.
  • ⚠️The `start.sh` script is the recommended way to run both the Game API and MCP server in the correct order.
Verified SafeView Analysis
The server demonstrates good security practices for its intended use case. Input validation is in place for API routes, preventing common injection vulnerabilities. Error handling suppresses detailed messages in production. No 'eval()' or direct, unsecured arbitrary code execution patterns were found. Database interactions via SQLite are handled using prepared statements (implicitly by the `sqlite3` library's `db.run` and `db.get` with parameters), mitigating SQL injection risks. Configuration variables are externalized through environment variables, avoiding hardcoded secrets. While CORS is enabled, for a local AI agent interaction, this is acceptable. The use of shell scripts for starting/stopping servers (which use `lsof` and `kill`) is for system management and not exposed to arbitrary external input, thus not a security concern for the Node.js application itself.
Updated: 2026-01-16GitHub
0
0
Medium Cost
vishalbodkhe531 icon
Sec8

A real-time collaborative code editor that allows multiple users to write, edit, and execute code together in various programming languages, simulating a lightweight cloud IDE.

Setup Requirements

  • ⚠️Requires a MongoDB database instance (e.g., MongoDB Atlas).
  • ⚠️Requires a RapidAPI key for the Judge0 Code Execution API (likely involves a paid subscription).
  • ⚠️Requires a Liveblocks secret key for real-time collaboration.
  • ⚠️Requires GitHub OAuth application credentials (Client ID and Secret) if GitHub login is enabled.
Verified SafeView Analysis
The server correctly handles sensitive information by using environment variables for API keys (RapidAPI, Liveblocks, GitHub) and database connection strings (MongoDB). User authentication leverages NextAuth with bcrypt for password hashing. Input validation is implemented using Zod, mitigating common injection risks. Arbitrary code execution is offloaded to a third-party service (Judge0 via RapidAPI), which is a sound architectural choice for sandboxing. The primary deduction in score is the inherent reliance on an external service for code execution, which introduces dependency risk outside the direct control of this server's codebase, though it is a common and reasonable pattern for this type of application.
Updated: 2026-01-11GitHub
0
0
High Cost
zjohnsonbox icon
Sec3

An AI-powered agent for rapid UI/frontend design exploration and code generation within VS Code, offering tools for layout, theme, and component creation.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0 and npm for installation.
  • ⚠️Requires an API key for a chosen AI provider (Anthropic, OpenAI, or OpenRouter), which are typically paid services.
  • ⚠️Many features require an open VS Code workspace, as operations are confined to a `.superdesign` subdirectory within it.
Review RequiredView Analysis
Critical security vulnerabilities found due to hardcoded API keys. Specifically, a Supabase 'anon' role API key is hardcoded in `src/extension.ts` for email submissions, and Helicone API keys (`sk-helicone-...`) are hardcoded in `src/services/customAgentService.ts` for proxying Anthropic and OpenAI requests. Hardcoding API keys exposes them to anyone with access to the code, leading to potential abuse, service disruption, or unauthorized access. While the `bash-tool` includes logic to prevent dangerous commands and restricts file operations to the workspace, the explicit use of `bash -c` still carries inherent risks, and regex-based tools (`grep-tool`, `glob-tool`) could be vulnerable to ReDoS attacks, though resource limits are in place.
Updated: 2025-11-20GitHub
0
0
Low Cost
Jocko-Fuel icon

mcp-jocko

by Jocko-Fuel

Sec9

Universal MCP server to expose Claude-powered AI tools, primarily for image generation, to non-technical users via Claude Desktop.

Setup Requirements

  • ⚠️Requires GEMINI_API_KEY environment variable (for Google Gemini API, a paid service).
  • ⚠️Requires SHOPIFY_ACCESS_TOKEN and SHOPIFY_STORE_URL environment variables (for Shopify Admin API access).
  • ⚠️Tier 2 (advanced) image generation features (`adapt_competitor_image`, `integrate_product_into_photo`) are noted as 'coming soon' and require 'full Gemini Imagery integration', which is not yet fully implemented or available in the current FastMCP Cloud deployment.
Verified SafeView Analysis
The project follows good security practices, retrieving API keys and sensitive configuration via environment variables (os.getenv) rather than hardcoding. It uses standard, well-vetted libraries (httpx, google-generativeai) for external API calls. Secrets are explicitly stated to be managed in FastMCP Cloud or GCP Secret Manager, not in the codebase. No 'eval' or other easily exploitable patterns were found.
Updated: 2025-12-13GitHub
0
0
High Cost
DayDreamerAI icon

daydreamer

by DayDreamerAI

Sec9

A memory layer for human-AI collaboration that allows users to own their AI's long-term conversational memory and collaborative relationship, enabling AI portability across different models and platforms, with a specific implementation for GitHub PR automation.

Setup Requirements

  • ⚠️Requires Anthropic API Key (paid, and potentially expensive for automated workflows, leading to a recommended pivot to GitHub Copilot for cost-effectiveness).
  • ⚠️Requires VS Code with the Claude Code extension and GitHub CLI ('gh') to be installed and logged in.
  • ⚠️As a 'private research project', it lacks external documentation and an onboarding process, requiring manual setup of GitHub secrets and initial automation files.
Verified SafeView Analysis
The project demonstrates a strong focus on security, particularly in handling API keys via GitHub Secrets (`ANTHROPIC_API_KEY`, `GITHUB_TOKEN`) and robust GitHub Actions configurations (OIDC, bot authentication, explicit permissions). Git hooks (`pre-commit`, `pre-push`) are used for local security scanning (secrets, debug statements) and enforcing conventions. No 'eval' or hardcoded secrets are present in the provided source code, and efforts to understand and mitigate GitHub's security model are clearly documented. The `.claude/settings.json` also defines explicit tool permissions, denying access to sensitive files.
Updated: 2025-12-11GitHub
0
0
Medium Cost
schwim23 icon

myaigist_mcp

by schwim23

Sec8

This server provides document intelligence and knowledge management, enabling local processing of documents, RAG-powered Q&A, and persistent knowledge storage for MCP-compatible clients like Claude Desktop.

Setup Requirements

  • ⚠️Requires Anthropic API Key (Paid)
  • ⚠️Requires OpenAI API Key (Paid)
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop, Cursor) to run and interact with the tools
Verified SafeView Analysis
The server loads API keys from environment variables, preventing hardcoding. It does not use 'eval' or obvious obfuscation. File path handling for document processing is inherently sensitive, but for a local, single-user tool integrated with a trusted client (like Claude Desktop), it is an expected capability. The URL crawling feature uses standard libraries, which helps mitigate some risks, but fetching external content always carries a degree of risk. No critical vulnerabilities for its intended local use were identified.
Updated: 2026-01-19GitHub
0
0
High Cost
quangha-dev icon

mcp-server-node

by quangha-dev

Sec8

An AI-powered orchestrator for project management tasks, enabling natural language interaction to create projects and answer knowledge-based queries by integrating with LLMs, RAG services, and an internal backend API.

Setup Requirements

  • ⚠️Requires a Google Gemini API Key (paid service) configured via the `GEMINI_API_KEY` environment variable.
  • ⚠️Requires a separate Python RAG Service running, accessible via `PYTHON_SERVICE_URL` (defaults to http://localhost:8001).
  • ⚠️Requires a separate Project Management Backend Service running, accessible via `BACKEND_BASE_URL` (defaults to http://localhost:8082).
Verified SafeView Analysis
The server uses `JSON.parse` to interpret LLM output, which is generally safe for JSON but relies on the LLM generating valid JSON; this is mitigated by extracting JSON from markdown. Direct exposure of `backend_raw_data` in API responses could potentially leak internal backend error structures, though it's explicitly named for clarity. All sensitive configurations like API keys and external service URLs are properly managed via environment variables. No 'eval' or obvious malicious code patterns were found.
Updated: 2025-12-06GitHub
0
0
Low Cost
codelabStrawberry icon

McpServer

by codelabStrawberry

Sec8

A RAG (Retrieval Augmented Generation) server that integrates local LLMs (Ollama) with ChromaDB and FastAPI to provide API tools for chat, RAG search, document ingestion, and AI-driven job interview/career analysis.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for setup and execution.
  • ⚠️Requires local Ollama and ChromaDB instances (provided via Docker Compose).
  • ⚠️Requires NVIDIA Container Toolkit setup for GPU acceleration of Ollama, which can be complex.
  • ⚠️Optional Redis and MySQL services are utilized, requiring additional setup for full functionality.
Verified SafeView Analysis
The server uses environment variables for sensitive configurations like database credentials, which is good practice. External content (URLs, PDFs) is processed with some sanitization and length limits to prevent excessive resource consumption or prompt injection. LLM output is parsed as JSON, which can be a potential risk if the LLM generates malicious JSON, though `json.loads` itself doesn't execute arbitrary code. Image processing for OCR on crawled URLs (`perform_qwen3vl_ocr`) also presents a potential, albeit common, attack surface if image libraries are vulnerable. No direct hardcoded secrets or obvious command injection vulnerabilities were found in the provided source code.
Updated: 2026-01-19GitHub
0
0
Medium Cost
eduardomb-aw icon

amlink-submissions-mcp

by eduardomb-aw

Sec7

A Model Context Protocol (MCP) server and client implementation for AmLink submissions API integration, built with ASP.NET Core and secured with Identity Server 4.

Setup Requirements

  • ⚠️Requires Docker Desktop for containerized deployment.
  • ⚠️Requires .NET 10.0 SDK for local development without Docker.
  • ⚠️Requires an OpenAI API Key for LLM integration (Paid service).
  • ⚠️Requires an Identity Server Client Secret for OAuth authentication.
  • ⚠️HTTPS certificates must be generated and trusted locally using 'dotnet dev-certs https --trust'.
Verified SafeView Analysis
The project uses Identity Server 4 for authentication and integrates robust CI/CD pipelines including Trivy for security scanning, which are good practices. However, the `docker-compose.yml` file hardcodes a password for Kestrel's default HTTPS certificate (`ASPNETCORE_Kestrel__Certificates__Default__Password=YourSecurePassword123!`), even if intended for development, which is a significant security oversight. Additionally, `docker-compose.override.yml` provides default client secrets and OpenAI API keys, which, while meant for development convenience, can lead to accidental exposure or bad habits. Production configurations correctly enforce environment variables for these sensitive values, mitigating the risk for deployed environments.
Updated: 2025-12-01GitHub
PreviousPage 436 of 713Next