Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
TayyabShoukat icon

mcp-servers

by TayyabShoukat

Sec7

Integrates GitHub repositories, pull requests, issues, and workflows directly with Claude Code for AI-powered development assistance.

Setup Requirements

  • ⚠️Requires a GitHub Personal Access Token (PAT) with appropriate scopes.
  • ⚠️Requires Node.js (v16 or higher) with npm installed.
  • ⚠️Requires Claude Code to be installed and running.
Verified SafeView Analysis
The provided 'source code' is a setup guide (Markdown file) for the `@modelcontextprotocol/server-github` NPM package, not the server's actual source code. The setup requires a highly sensitive GitHub Personal Access Token (PAT). The guide strongly advises security best practices for PATs, including using minimum required permissions, rotating tokens regularly, and never committing them to version control. Running the server involves executing an external npm package via `npx`, which downloads and runs code from NPM, thus requiring trust in the publisher of `@modelcontextprotocol/server-github`. No 'eval' or malicious patterns are observed in the provided setup instructions.
Updated: 2025-12-06GitHub
0
0
High Cost

reddit-enhanced-mcp

by yigitkonur

Sec9

This MCP server enables researchers and developers to search Reddit discussions via Google and fetch full Reddit posts with their threaded comments.

Setup Requirements

  • ⚠️Requires Serper API Key (Paid service for Google Search)
  • ⚠️Requires Reddit Client ID and Client Secret (manual setup of a 'script' type Reddit OAuth app)
  • ⚠️Requires Node.js version 20.0.0 or higher
Verified SafeView Analysis
API keys (Serper, Reddit Client ID/Secret) are read from environment variables, not hardcoded. The server validates and limits inputs (e.g., max queries/urls, max comments) before passing them to external APIs, reducing risks of excessive resource consumption or malformed requests. No direct use of `eval` or suspicious third-party dependencies. The primary security consideration is the secure management of the required API keys by the user.
Updated: 2025-11-25GitHub
0
0
Low Cost
maxturazzini icon

claude-viewer

by maxturazzini

Sec8

An administrative web application for multi-user visualization and analytics of Claude Code conversation history, supporting direct querying via MCP.

Setup Requirements

  • ⚠️Requires Node.js v14.0.0 or higher.
  • ⚠️Requires read access to Claude Code's data directories (e.g., `~/.claude/projects/`) for all users, which might pose permission issues on enterprise machines or restrictive OS setups.
  • ⚠️Claude Code's default 30-day session retention (`cleanupPeriodDays`) will limit the historical data available; users must manually configure Claude Code to retain history longer for comprehensive viewing.
Verified SafeView Analysis
The application reads conversation data from local user directories (`~/.claude/`), which inherently requires broad file system access. Input parameters for MCP tools are validated using `zod`. File paths are constructed using `path.join`, mitigating direct path traversal risks. HTML escaping (`escapeHtml()`) is used in the frontend for XSS protection. The `exec` and `spawn` calls in `mcp-server.js` are used for internal commands (e.g., `curl` for health check, `node server.js` for starting web server, browser `open` command) with controlled arguments, reducing direct command injection risk. No `eval` or obvious hardcoded secrets were found.
Updated: 2025-12-13GitHub
0
0
High Cost
zyntx-lab icon
Sec8

Enables AI assistants to perform Swift code audits and detect unused code in iOS/macOS projects using the Periphery tool.

Setup Requirements

  • ⚠️Requires macOS 13.0+ and Swift 6.0+
  • ⚠️Requires Periphery CLI tool to be pre-installed separately (e.g., `brew install peripheryapp/periphery/periphery`)
  • ⚠️Manual configuration of the MCP client (e.g., Claude Desktop JSON file, VS Code `.mcp.json`) is necessary for integration
Verified SafeView Analysis
The server executes the `periphery` CLI tool with arguments derived from user input. While input paths are validated and arguments are passed as distinct strings to Swift's `Process` API, mitigating common shell injection risks, potential vulnerabilities in the `periphery` tool itself or highly complex, specially crafted inputs could theoretically pose a risk. No `eval` or direct network risks within the server's Swift code were identified. The core logic is transparent.
Updated: 2025-11-22GitHub
0
0
Low Cost
d3-jon-allen icon

Figma-MUI

by d3-jon-allen

Sec9

A React component library and UI starter kit for building user interfaces with Material-UI, driven by a comprehensive design token system synchronized with Figma, supporting light/dark modes and responsive design.

Setup Requirements

  • ⚠️Requires `FIGMA_ACCESS_TOKEN` to export design tokens from Figma using `scripts/exportFigmaTokens.js`.
  • ⚠️Relies heavily on Figma for its design token system; manual token updates or a disconnected Figma workflow might lead to inconsistencies.
  • ⚠️Node.js and npm are required for development and build processes.
Verified SafeView Analysis
The application itself is a frontend React app with client-side routing and theme management, posing minimal server-side security risks. Build scripts (e.g., `exportFigmaTokens.js`) interact with the Figma API using `FIGMA_ACCESS_TOKEN`, which is correctly handled as an environment variable and not hardcoded. There's no evident use of 'eval', obfuscation, or direct malicious patterns in the provided source code. The `FIGMA_ACCESS_TOKEN` is critical for the token generation process but is not used at runtime in the client-side application based on the provided code.
Updated: 2025-11-26GitHub
0
0
Medium Cost
ctagard icon

dap-mcp

by ctagard

Sec4

Provides AI agents with the ability to debug code by exposing the Debug Adapter Protocol (DAP) over Model Context Protocol (MCP), enabling functionalities like setting breakpoints, inspecting variables, and stepping through code via natural language.

Setup Requirements

  • ⚠️Requires separate installation of language-specific debug adapters (e.g., Delve for Go, debugpy for Python, vscode-js-debug for JavaScript/TypeScript).
  • ⚠️Manual setup for `vscode-js-debug` is more involved, requiring specific paths to be configured in DAP-MCP's settings.
  • ⚠️Correct `PATH` configuration is crucial for debug adapters (especially for Go's Delve and Python's virtual environments).
  • ⚠️Browser debugging (React/Vue/Svelte) requires Chrome/Edge to be running with remote debugging enabled, or DAP-MCP will launch a new instance.
Review RequiredView Analysis
The server's core functionality involves highly privileged operations such as evaluating arbitrary code (`debug_evaluate`) and executing native debugger commands (`debug_execute_command`) within the debugged process. By default, it runs in 'full' mode, enabling all control tools including variable modification and code execution. This means an untrusted or compromised AI agent could execute arbitrary commands on the system where DAP-MCP is running. The `snapcraft.yaml` uses 'classic' confinement, meaning the snap has full system access. While these capabilities are inherent to a debugging tool, they pose a significant security risk if the AI client or operating environment is not fully trusted. Configuration options exist to disable dangerous features (e.g., `readonly` mode, `allowExecute: false`), but the default settings expose maximum functionality.
Updated: 2025-11-30GitHub
0
0
Low Cost
devakapatel icon

remote-mcp-server

by devakapatel

Sec3

This server provides a Model Context Protocol (MCP) endpoint on Cloudflare Workers, acting as a bridge to expose simple AI tools (like a math 'add' function) to MCP clients such as Claude Desktop, with a mocked OAuth login for demo purposes.

Setup Requirements

  • ⚠️Requires a Cloudflare account and Wrangler CLI for deployment.
  • ⚠️The OAuth login is a mock; it accepts any email/password and is NOT secure for production use. A real authentication system must be implemented before deploying to production.
  • ⚠️Requires a Cloudflare KV Namespace (`OAUTH_KV`) to be created and bound for OAuth state management.
Verified SafeView Analysis
The OAuth login system is explicitly mocked to accept any email and password combination for authorization (as noted by `// We'll allow any values for email and password for this demo` and `if (false)` in `src/app.ts`). This is a critical security vulnerability if used outside of a strictly isolated development or demonstration environment. No obfuscation, 'eval', or other obvious malicious patterns were found. However, the intentional insecurity of the authentication mechanism significantly lowers the security score for any real-world application.
Updated: 2025-12-10GitHub
0
0
Medium Cost
hsiangjenli icon

mcp-polib

by hsiangjenli

Sec7

This server provides an API for reading, writing, and manipulating GNU Gettext `.po` translation files, designed for integration with language models and AI agents to automate localization workflows.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Requires 'uv' package manager.
  • ⚠️Docker recommended for deployment (requires Docker daemon).
  • ⚠️Operates on absolute file paths, requiring the server to have access to the target filesystem (e.g., via Docker volume mounts).
Verified SafeView Analysis
The server processes absolute file paths provided by the client, which carries an inherent risk of arbitrary file read/write if the server is not deployed with strict file system access controls (e.g., confined Docker volumes, appropriate user permissions). The code includes a safeguard (`_validate_file_path`) to prevent command-line option injection and uses `subprocess.run` with a list of arguments for `powrap`, mitigating command injection risks. No `eval`, hardcoded secrets, or direct network vulnerabilities were found.
Updated: 2025-11-27GitHub
0
0
Medium Cost
the-sage-group icon

m365cp

by the-sage-group

Sec2

Provides a Model Context Protocol (MCP) server for interacting with Microsoft 365 services, including email and file management, via the Microsoft Graph API.

Setup Requirements

  • ⚠️Requires a valid Microsoft Graph access token for client authentication (implies prior OAuth 2.0 setup).
  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Puppeteer dependency automatically downloads a Chromium browser instance, which may consume significant disk space and potentially introduce setup complexities in some environments.
Review RequiredView Analysis
CRITICAL VULNERABILITY: The `MicrosoftGraphTokenVerifier` explicitly states it 'doesn't verify the token ourselves - Microsoft Graph API will do that'. This means the MCP server *does not verify the authenticity or integrity* (e.g., signature) of incoming bearer tokens before extracting claims (clientId, scopes, expiresAt) and generating `AuthInfo`. An attacker could forge a JWT with valid-looking claims (if it includes `exp`, `scp`/`scope`, `appid`/`client_id`) and bypass the server's authentication middleware, even if subsequent calls to the Microsoft Graph API would fail. This compromises the server's internal trust model for client authentication. Puppeteer is used for converting HTML emails to PDF, which involves rendering potentially untrusted HTML content in a browser environment. While Puppeteer isolates processes, this adds to the attack surface if not perfectly sandboxed. `sanitize-filename` is used when uploading files, which is a good practice.
Updated: 2025-12-15GitHub
0
0
Low Cost
PareshKolte1 icon

MCP_Server_v1

by PareshKolte1

Sec3

An API server for integrating with SAP systems, specifically for sales order creation, and provides a generic tool registration and invocation layer.

Setup Requirements

  • ⚠️Requires access to an SAP system (either directly or via SAP BTP Connectivity/Destination services).
  • ⚠️Designed for deployment on SAP BTP Cloud Foundry, requiring `destination` and `connectivity` service bindings.
  • ⚠️Relies on several environment variables for configuration including SAP credentials and Cloud Foundry destination names.
Review RequiredView Analysis
The `SapClientCF` class uses `verify=False` in `requests` calls for both CSRF token fetching and sales order posting, disabling SSL certificate verification and making the application highly vulnerable to Man-in-the-Middle (MITM) attacks. The `/v1/tools/invoke/{tool_name}` endpoint in `main.py` is vulnerable to Server-Side Request Forgery (SSRF) as it allows arbitrary URL invocation based on user-registered tool configurations without validation or restrictions, potentially exposing internal network resources. Error messages might expose sensitive internal details. Hardcoded `sap-client` values are present.
Updated: 2025-11-19GitHub
0
0
Medium Cost
isakskogstad icon

Riksdag-Regering-LRF

by isakskogstad

Sec8

The server provides real-time access to open data from the Swedish Parliament (Riksdagen) and Government Offices (Regeringskansliet) via an MCP server, enabling LLMs to query and retrieve documents, votes, speeches, and more.

Setup Requirements

  • ⚠️Requires Node.js 20+ runtime environment.
  • ⚠️Requires active internet connectivity to data.riksdagen.se and g0v.se for all data operations.
  • ⚠️When deployed on Render.com's Free tier, the server may experience cold start delays of 30-60 seconds after periods of inactivity.
Verified SafeView Analysis
The server uses public APIs (data.riksdagen.se, g0v.se) for all data fetching. It incorporates Zod for input validation, has explicit response size limits and content sanitization to prevent oversized or malicious responses, and logs without sensitive query parameters. An optional API key can be configured for access control in HTTP mode. There are no indications of 'eval', obfuscation, or hardcoded secrets in the provided code.
Updated: 2025-12-02GitHub
0
0
Medium Cost
d-ang356 icon
Sec9

Manage Excel and CSV spreadsheets, including data manipulation, formulas, formatting, charts, and file operations via an MCP server.

Setup Requirements

  • ⚠️Docker required
  • ⚠️MCP-compatible client (e.g., Claude Desktop) required
  • ⚠️Manual configuration of Docker volume mounts (e.g., `C:\Users\[YOUR USERNAME]\spreadsheets`) and MCP client settings is complex and requires user-specific path adjustments.
  • ⚠️Requires modification of multiple MCP configuration files (`registry.yaml`, `claude_desktop_config.json`, `spreadsheet-mcp.yaml`).
Verified SafeView Analysis
The Python server code includes robust path traversal prevention (`_resolve_path`). No 'eval', obfuscation, or hardcoded secrets were found within the provided source code. It operates as an stdio server, with external security depending on the MCP gateway configuration.
Updated: 2025-12-06GitHub
PreviousPage 440 of 713Next