Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
oddradioada icon

secop-mcp-project

by oddradioada

Sec9

AI-powered intelligent access to Colombian public procurement data (SECOP II) for searching processes, retrieving details, and aggregating statistics.

Setup Requirements

  • ⚠️Requires Socrata API Key, API Secret, and App Token for full functionality and to avoid strict rate limits. These must be obtained from datos.gov.co.
  • ⚠️Requires Node.js v18 or higher to run, with a specific `start.sh` script provided for WSL users to manage Node environments.
  • ⚠️For Claude Desktop users on Windows running from WSL, a specific configuration using `wsl.exe` is needed to correctly invoke the server script.
Verified SafeView Analysis
The server uses environment variables for API keys/secrets and explicitly includes `.env` in `.gitignore`, which is good practice. Input validation is rigorously implemented using Zod schemas for all tool parameters, significantly reducing the risk of invalid or malicious data. SQL injection is mitigated with a custom `escape` function in the SoQL query builder. The server operates over STDIO, which is inherently more secure than network-exposed services as it avoids typical network vulnerabilities. If a future HTTP/SSE transport is implemented, additional security measures like OAuth2 and TLS will be required as noted in the project's plan.
Updated: 2025-12-13GitHub
0
0
Medium Cost
wimwenigerkind icon

clockify-mcp

by wimwenigerkind

Sec9

This MCP Server acts as an adapter for the Clockify time tracking API, providing tools to interact with time entries, workspaces, users, clients, and projects.

Setup Requirements

  • ⚠️Requires CLOCKIFY_API_KEY environment variable to be set.
  • ⚠️Requires Node.js runtime (version >=18.18.0).
  • ⚠️Communicates via standard I/O, requiring an MCP-compatible client or host environment for interaction.
Verified SafeView Analysis
The server retrieves the Clockify API key from environment variables, which is a best practice. It explicitly checks for the API key's presence and exits if not configured, preventing unauthenticated operation. Input schemas are validated using Zod, mitigating common injection risks. No 'eval' or obvious obfuscation was found. Error handling for API calls is present. The server uses a StdioServerTransport, which is generally a secure way to operate as it doesn't directly expose network ports but communicates via standard I/O.
Updated: 2026-01-19GitHub
0
0
Medium Cost
pilgrim-AIEngineer icon

E-RaktkoshMCP

by pilgrim-AIEngineer

Sec8

Provides an agentic interface for querying real-time blood stock availability from the eRaktKosh portal using natural language.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires a Google API Key (for Gemini models, potentially paid usage)
  • ⚠️Requires Playwright browser installation (`uv run playwright install`)
Verified SafeView Analysis
The code uses a permissive CORS policy (`allow_origins=["*"]`), which is generally not recommended for publicly exposed APIs due to potential security risks (e.g., XSS if sensitive cookies/headers were involved). However, for an agentic tool possibly used in a controlled environment, this might be acceptable. Secrets (`GOOGLE_API_KEY`) are correctly handled via environment variables, and there's no evident use of dangerous functions like `eval` or hardcoded sensitive data. Web scraping itself carries inherent risks of interacting with external sites but is core to the application's function.
Updated: 2025-12-13GitHub
0
0
Medium Cost
gjoeckel icon

cursor-global

by gjoeckel

Sec6

Provides a global, portable Cursor IDE configuration for AI-assisted development, including robust workflow automation, MCP server management, and smart Git operations.

Setup Requirements

  • ⚠️Requires Node.js, npm, Git, and 'jq' to be installed on the system.
  • ⚠️A GitHub Personal Access Token (GITHUB_TOKEN) with appropriate scopes is required for GitHub integration.
  • ⚠️MCP server management scripts (`start-mcp-servers.sh`, `restart-mcp-servers.sh`) hardcode 'PROJECT_ROOT' to '${HOME}/Projects/accessilist', which limits the 'fully portable' claim for MCP server startup if custom MCP servers are not cloned/built at that specific path.
Verified SafeView Analysis
The system configures Cursor IDE for 'full AI autonomy' with 'autoApprove: true' and 'confirmationLevel: none', which means the AI can execute commands and modify files without human confirmation. This is an intended feature for maximum autonomy but presents a high risk if the AI agent is compromised. Additionally, custom MCP servers are fetched and run via 'npx -y git+https://github.com/gjoeckel/my-mcp-servers.git', introducing a supply chain risk as external code is executed. A GitHub push gate is implemented, requiring a specific token, which is a positive security measure.
Updated: 2025-11-25GitHub
0
0
Medium Cost
Lazareprotrusible421 icon

startmcp

by Lazareprotrusible421

Sec8

A unified gateway server for connecting multiple AI assistants to various backend data sources and tools, standardizing integration through the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Node.js v18+ and `npx` are required for the Atlassian provider (which uses `mcp-remote`).
  • ⚠️API keys/OAuth access are needed for each integrated backend service (e.g., GitHub, Jira, FireCrawl).
Verified SafeView Analysis
The project emphasizes security best practices like using PKCE for OAuth, `.env` for credentials, and TLS 1.2+ for network communication. Subprocess execution (`stdio` transport) is done via `asyncio.create_subprocess_exec` with a list of arguments, which is safer than shell commands, reducing command injection risks. However, the Atlassian provider's reliance on `npx -y mcp-remote` introduces a supply chain risk, as `npx -y` automatically installs packages, meaning trust is placed on the external `mcp-remote` package and its dependencies. Overall, the architectural principles for security are strong.
Updated: 2026-01-19GitHub
0
0
Medium Cost
fahadazizz icon

Figma-MCP-Designer

by fahadazizz

Sec9

Extracts, parses, and normalizes Figma design information into a structured JSON schema via a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Figma Personal Access Token (from Figma settings)
  • ⚠️Python 3.10+ is required
Verified SafeView Analysis
The server securely loads the Figma API token from environment variables. It interacts with the Figma API over HTTPS, which is standard for web services. There are no indications of 'eval', code injection, or other immediately dangerous patterns. The client launches the server using `sys.executable` and `main.py`, which is a controlled and generally safe method for running local Python processes.
Updated: 2025-11-30GitHub
0
0
High Cost
MohamedElashri icon

root-mcp

by MohamedElashri

Sec7

Empowers Large Language Models (LLMs) to natively understand and analyze CERN ROOT files for High Energy Physics (HEP) analysis.

Setup Requirements

  • ⚠️Requires `scipy` and `matplotlib` for 'extended' mode functionality (though it gracefully falls back to 'core' mode if missing).
  • ⚠️Requires a `config.yaml` file to define `security.allowed_roots` and `resources` for any file access. Without proper configuration, tools will fail with security or resource not found errors.
  • ⚠️Requires Python 3.10 or newer.
Verified SafeView Analysis
The server includes robust `PathValidator` for file access, enforcing `allowed_roots`, preventing path traversal, and validating write operations. Remote file access is disabled by default. However, the `core.operations.basic_stats` module uses Python's `eval()` function for processing user-defined expressions (`selection`, `defines`). While `eval()` is restricted to a limited `numpy` namespace and an empty `__builtins__` dictionary to mitigate arbitrary code execution, it remains a less secure approach compared to the `ast`-based `SafeExprEvaluator` used in the `extended` mode's `analysis.operations` module. Users should configure `allowed_roots` carefully to prevent unintended file access.
Updated: 2026-01-17GitHub
0
0
Medium Cost
marcustomazelli icon

mcp-server

by marcustomazelli

Sec9

Provides weather alerts and forecasts by integrating with the National Weather Service (NWS) API.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Requires active internet connectivity for NWS API calls.
  • ⚠️Relies on the 'mcp[cli]' package for execution.
Verified SafeView Analysis
The server makes external HTTP requests to a legitimate weather API (api.weather.gov). Requests include basic error handling. No hardcoded secrets, 'eval' usage, or obvious malicious patterns were found. Input for latitude, longitude, and state is used to construct API URLs, relying on httpx for proper encoding; direct code injection into the server's logic is unlikely.
Updated: 2025-12-01GitHub
0
0
Medium Cost
Jnix2007 icon

baseql-mcp

by Jnix2007

Sec9

An MCP server providing AI agents with comprehensive tools and context for querying Base chain data via the Coinbase Developer Platform SQL API, including contract lookups, ENS resolution, and real-time CEX pricing.

Setup Requirements

  • ⚠️Requires CDP API Key ID and Secret from Coinbase Developer Platform (Paid API usage).
  • ⚠️Requires CDP_WALLET_SECRET if X402 payments are enabled (ENABLE_PAYMENTS=true).
  • ⚠️Requires deployment to a public URL (e.g., Vercel) for use with ChatGPT.
Verified SafeView Analysis
The code uses environment variables for API keys and secrets, a good practice for sensitive information. It interacts with legitimate, known public APIs from Coinbase and Flashbots. There is no use of `eval` or code obfuscation. The primary security consideration is that an AI agent, if poorly prompted or unconstrained, could construct and execute highly inefficient or broad SQL queries against the CDP SQL API. However, the MCP server itself provides extensive metadata, best practices, and query limits to guide agents towards safe and efficient query construction, thus mitigating this inherent risk of direct SQL execution via an agent.
Updated: 2025-11-29GitHub
0
0
Medium Cost
osborn1997 icon
Sec3

An HTTP Model Context Protocol (MCP) server for integrating AI assistants with Instagram and Facebook APIs, enabling conversational automation for messaging, content management, and profile interactions.

Setup Requirements

  • ⚠️Requires extensive setup on Facebook/Meta Developer portal to obtain `FB_APP_ID`, `FB_APP_SECRET`, `FB_PAGE_ID`, `IG_ACCOUNT_ID`, and a `FB_PAGE_ACCESS_TOKEN` with numerous specific permissions.
  • ⚠️Requires an external PostgreSQL database (Supabase recommended) with schema migrations to persist workflows, executions, and sessions.
  • ⚠️Requires a Redis instance for hot session caching and rate limiting.
Review RequiredView Analysis
CRITICAL: The `evaluateCondition` function in `src/engine/executor.ts` directly uses `eval(resolved.expr)` for workflow condition evaluation. This allows arbitrary code execution if an attacker can control the `condition` value within a workflow definition. This is a severe vulnerability. MODERATE: Webhook signature validation in `src/index.ts` falls back to `FB_PAGE_ACCESS_TOKEN` if `FB_APP_SECRET` is not explicitly set, which is an incorrect and less secure practice. Similarly, `FB_VERIFY_TOKEN` can default to `FB_PAGE_ACCESS_TOKEN`, which is not ideal. LOW: The `/mcp` endpoint is unprotected if `MCP_API_KEY` environment variable is not set.
Updated: 2025-12-13GitHub
0
0
Low Cost
tniita icon
Sec9

This server acts as a tool endpoint for a Multi-Agent Communication Protocol (MCP), specifically handling JSON-RPC POST requests and returning a simulated search result.

Setup Requirements

  • ⚠️Requires Python 3.x
  • ⚠️Requires `fastapi` library
  • ⚠️Requires `uvicorn` to run the server
Verified SafeView Analysis
The server is a simple FastAPI application parsing JSON and returning a fixed JSON-RPC response. No immediate security vulnerabilities like `eval`, hardcoded secrets, or complex logic that could be exploited are present in the provided code. The `try-except` block handles `json.decoder.JSONDecodeError` by returning a JSON-RPC error, which is good practice.
Updated: 2025-12-01GitHub
0
0
Medium Cost
Mohadjkfahskjdh icon

timedoctor-mcp

by Mohadjkfahskjdh

Sec8

Extracts time tracking data from Time Doctor, parses it, and exports it in CSV or JSON format for analysis, primarily integrating with AI assistants via MCP.

Setup Requirements

  • ⚠️Requires valid Time Doctor account credentials (TD_EMAIL, TD_PASSWORD).
  • ⚠️Requires Playwright Chromium browser binaries to be installed (`playwright install chromium`), which downloads ~130MB.
  • ⚠️Python 3.12 or 3.13 is strongly recommended for development and execution.
Verified SafeView Analysis
Credentials (TD_EMAIL, TD_PASSWORD) are handled securely via .env files. The HTML parser uses BeautifulSoup and JSON deserialization, which are generally safe from code injection. Playwright is used for browser automation, and while the Docker setup uses '--no-sandbox' (a common workaround for Playwright in Docker), the scraping target is fixed to Time Doctor and does not process arbitrary user-provided URLs, mitigating the risk. No 'eval' or other obvious malicious patterns were found.
Updated: 2026-01-19GitHub
PreviousPage 442 of 713Next