Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
adrianfs98 icon

sapi-patients

by adrianfs98

Sec6

Manages patient information through a REST API and Model Context Protocol (MCP), enabling CRUD operations and integration with AI tools.

Setup Requirements

  • ⚠️Requires Anypoint Studio 7.x for development and deployment.
  • ⚠️Requires Mule Runtime 4.x to execute.
  • ⚠️MCP client functionality relies on an external CloudHub server for full interoperability demonstrations.
Verified SafeView Analysis
The provided source code is highly truncated, making a comprehensive security audit impossible. No explicit malicious patterns or dangerous functions (like 'eval') are visible in the provided snippets. The README mentions 'basic authentication and session validation', which suggests security considerations, but their implementation details are not available for review.
Updated: 2026-01-18GitHub
0
0
Low Cost
Karthik61958 icon

mcp-server-bluesky-py

by Karthik61958

Sec8

Connects AI agents to the Bluesky social network for automated interactions, including posting, replying, liking, reposting, and monitoring.

Setup Requirements

  • ⚠️Requires Windows 10 or later (for seamless operation with wrapper, though core logic is Python cross-platform).
  • ⚠️Requires Python 3.7 or higher.
  • ⚠️Requires BLUESKY_HANDLE and BLUESKY_PASSWORD environment variables to be set for authentication.
Verified SafeView Analysis
The server uses environment variables (BLUESKY_HANDLE, BLUESKY_PASSWORD) for credentials, which is a good practice. No 'eval' or obvious obfuscation found. The 'mcp_wrapper.py' addresses Windows-specific line ending issues, which is benign. The primary security consideration is ensuring the environment variables are securely managed by the user, as the server will log in with those credentials.
Updated: 2026-01-19GitHub
0
0
High Cost
vinnyang icon

axe-scanner-mcp

by vinnyang

Sec4

A standalone Model Context Protocol server that runs axe accessibility scans for a supplied URL using Playwright.

Setup Requirements

  • ⚠️Requires Node.js 18 or newer.
  • ⚠️Requires Playwright browser dependencies to be installed using `npx playwright install` (and `npx playwright install --with-deps` for system dependencies on macOS/Linux).
  • ⚠️MCP client configurations require absolute paths for the server command.
Review RequiredView Analysis
The server's core functionality involves navigating to arbitrary user-provided URLs using Playwright. This introduces significant security risks such as Server-Side Request Forgery (SSRF) to access internal network resources, potential browser exploits from malicious pages, and exposure of internal network details if the server is not adequately isolated. It is crucial to strictly validate input URLs and deploy this server in a highly isolated network environment or only process trusted inputs.
Updated: 2025-11-20GitHub
0
0
Low Cost
Nubaeon icon

epistemic-dj

by Nubaeon

Sec8

Maps epistemic (cognitive) states to generative music patterns in Strudel.cc, primarily as a tool for AI agents.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Web UI requires 'npx serve' which may need a one-time global install or run through npx.
  • ⚠️Music playback relies on manually copying generated patterns to strudel.cc or opening the generated URL, as the server itself doesn't play audio directly.
Verified SafeView Analysis
The server primarily functions as a code generator for an external live-coding environment (Strudel.cc) and communicates via stdio using the MCP SDK, which inherently limits direct network exposure. It avoids common pitfalls like 'eval' on arbitrary user input; JSON parsing is for controlled CLI arguments. No hardcoded secrets or obvious malicious patterns are present. The primary external interaction is generating URLs for Strudel.cc, which assumes the target platform (Strudel.cc) handles code execution securely in the user's browser.
Updated: 2026-01-18GitHub
0
0
Medium Cost
KSAklfszf921 icon

merinfo-mcp

by KSAklfszf921

Sec8

This server provides comprehensive Swedish business intelligence through web scraping (merinfo.se, allabolag.se) and intelligent caching, serving structured company data to AI assistants.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️Requires Playwright Chromium browsers, which consumes memory and CPU resources, especially if not run headless or with multiple contexts.
  • ⚠️Database initialization (`npm run setup-db`) is required once before the first use.
Verified SafeView Analysis
The server follows good security practices, utilizing environment variables for configuration, input validation with Zod, and structured logging. Web scraping operations are rate-limited and use Playwright browser isolation to mitigate risks associated with interacting with external content. There are no obvious hardcoded secrets, 'eval' statements, or obfuscation. The 'clear_cache' tool requires explicit confirmation, adding a layer of safety. The inherent nature of web scraping means reliance on external sites and potential for IP blocking, but the robust handling (rate-limiting, exponential backoff, browser restarts) addresses common issues.
Updated: 2025-11-23GitHub
0
0
Medium Cost
zzw4257 icon
Sec7

A backend server providing API endpoints for user management and authentication, likely serving as a component for a larger "seed emulator" project or similar client application.

Setup Requirements

  • ⚠️Requires a database (e.g., MongoDB, PostgreSQL) for data persistence.
  • ⚠️Requires Node.js installed or Docker for deployment.
  • ⚠️Requires environment variables for configuration (e.g., database connection string, JWT secret).
Verified SafeView Analysis
Standard web application security concerns apply (e.g., input validation, secure session management, dependency vulnerabilities). The presence of authentication middleware and reliance on environment variables for sensitive configurations (`.env.example` implies this) are good practices. Without inspecting the actual implementation details of security mechanisms, a perfect score cannot be guaranteed.
Updated: 2026-01-17GitHub
0
0
Medium Cost
M4F-S icon

WP-WC-MCP

by M4F-S

Sec9

Enables LLMs like Claude to interact with and manage WordPress and WooCommerce sites via natural language.

Setup Requirements

  • ⚠️Requires Node.js 20+ to run.
  • ⚠️Requires an existing WordPress 5.6+ site with HTTPS enabled and WooCommerce 8.0+ for e-commerce features.
  • ⚠️Requires manual configuration of a WordPress Application Password for the server to authenticate securely.
Verified SafeView Analysis
This project implements a 'security-first' architecture with robust measures. It features extensive input validation using Zod schemas and custom `InputValidator` for SSRF protection (blocking internal IPs and dangerous protocols), SQL injection, XSS, and path traversal prevention. Authentication uses WordPress Application Passwords with a circuit breaker pattern and re-authentication logic. Authorization is enforced via WordPress capability checks mapped to specific tools. Sensitive data is automatically redacted from logs using Winston. Rate limiting (token bucket algorithm), batch operation limits, and secure Docker configurations (non-root user, resource limits, dropped capabilities) are also in place. Error messages are sanitized to prevent information disclosure. While highly secure, no system is 100% impervious to all possible attack vectors, hence a 9.
Updated: 2026-01-19GitHub
0
0
Low Cost
FrontMage icon

screenshot_mcp

by FrontMage

Sec7

This server provides screenshot and screen recording capabilities for macOS, acting as a tool for a Model Context Protocol (MCP) agent.

Setup Requirements

  • ⚠️Requires macOS 12+ (CoreGraphics APIs)
  • ⚠️Requires Swift (Xcode CLI tools) for compilation
  • ⚠️Requires Node.js 18+
  • ⚠️Screen Recording permission must be granted to the terminal or host app for functionality
Verified SafeView Analysis
The server uses `execFile` and `spawn` to run a Swift CLI for its core functionality. While numeric arguments are sanitized, the `output_path` argument can be fully controlled by the caller. This means a user could specify an absolute path (e.g., `/Users/user/some_file.png` or `/etc/passwd`) as the output destination. If the server process has write permissions to that location, it could overwrite arbitrary files, leading to data loss or denial of service. The server does not expose a network interface directly, communicating over stdin/stdout via MCP, which reduces external attack surface. It relies on macOS's built-in Screen Recording permissions.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Ajsalemo icon

mcp

by Ajsalemo

Sec6

Provides weather information (forecasts, alerts, radar station data) by integrating with the National Weather Service (NWS) API as a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️This repository contains multiple implementations (Java, Node.js, Python), requiring the appropriate runtime environment for the chosen server.
  • ⚠️The NWS API (used by all implementations) primarily provides data for US locations.
  • ⚠️The `t.sh` file contains sensitive hardcoded credentials which should be removed or handled securely if this repository is intended for public use or deployment.
Verified SafeView Analysis
The core weather server implementations (Java, Node.js, Python) themselves do not appear to contain hardcoded secrets for their operation against the NWS API. However, the repository includes a file `t.sh` which contains hardcoded `client_id`, `client_Secret`, `email`, and `password` for `home-api.eufylife.com`. This is a severe security vulnerability for the owner of those credentials and the repository if these are live secrets, as they are exposed publicly. No other malicious patterns, `eval` usage, or obfuscation were found.
Updated: 2025-11-22GitHub
0
0
Low Cost
authn8 icon

mcp-server

by authn8

Sec9

Provides AI agents with programmatic access to Authn8 2FA (TOTP) codes via a secure Personal Access Token.

Setup Requirements

  • ⚠️Requires an Authn8 account.
  • ⚠️Requires an Authn8 Personal Access Token (PAT).
  • ⚠️Requires Node.js and npm for `npx` or Docker if running via container.
Verified SafeView Analysis
The server securely handles the Authn8 Personal Access Token (PAT) via an environment variable. Input validation is performed using Zod to prevent common injection vulnerabilities. All API communication uses HTTPS. No 'eval' or other dynamic code execution is found. Robust error handling for API failures is implemented. Security relies on the PAT being kept secret and managed appropriately by the user.
Updated: 2025-12-08GitHub
0
0
High Cost
omdv icon
Sec9

Provides a rigorous 3-Stage Crude Oil Stabilization Facility simulation as an API for AI agents to optimize production parameters.

Setup Requirements

  • ⚠️Requires Java Runtime Environment (for NeqSim).
  • ⚠️NeqSim simulations can be CPU-intensive, requiring adequate resource allocation in Kubernetes deployments (resource limits are commented out by default).
  • ⚠️Requires container image to be built and pushed to a registry for Kubernetes deployment.
Verified SafeView Analysis
The Python codebase (`server.py`) is clean, using Pydantic for input validation and not exhibiting common vulnerabilities like `eval` or direct system calls. The Kubernetes deployment practices are robust, explicitly enforcing non-root user execution, read-only root filesystem, dropped capabilities, and no privilege escalation. Resource limits are recommended for production but are commented out by default, which is a minor risk. The underlying NeqSim library is Java-based, introducing external dependency considerations, but the Python wrapper itself appears secure.
Updated: 2025-12-01GitHub
0
0
Low Cost
dvalley56 icon

envshield-mcp

by dvalley56

Sec8

Securely expose environment variables to AI coding assistants by acting as a Model Context Protocol (MCP) server, preventing direct access to sensitive data while enabling execution of commands with injected secrets.

Setup Requirements

  • ⚠️Requires Node.js 18+.
  • ⚠️Modifies '.claude/settings.json' (local or global) to register itself as an MCP server and deny direct .env file access, which is crucial for its security model.
  • ⚠️Relies on a '.envshield.json' configuration file (project-local or global) for custom behaviors like additional redaction patterns or command blocking, otherwise defaults are used.
Verified SafeView Analysis
The server employs robust scrubbing of secrets from command output, includes pre-defined and custom regex patterns for detection, and validates custom regexes against ReDoS attacks. Dangerous commands like 'rm -rf' and 'sudo' are blocked by default, using word-boundary-aware matching. A rate limiter helps prevent command flooding, protecting against abuse. The core functionality involves `child_process.spawn` with `shell: true`, which is an inherent risk vector when executing arbitrary commands, but this is mitigated by the command blocking list and the design's focus on containing AI access. A security warning is logged if scrubbing is detected to be ineffective. Overall, it implements a strong set of controls for its stated purpose.
Updated: 2026-01-17GitHub
PreviousPage 447 of 713Next