Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

55
1
Medium Cost
CamoRageaholic1 icon

unifi-mcp-server

by CamoRageaholic1

Sec9

Enables AI assistants (e.g., Claude) to manage and monitor UniFi network infrastructure through natural language commands via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js 18+ (20 LTS recommended).
  • ⚠️Requires an active UniFi Network Controller with network access and admin credentials.
  • ⚠️Potential SSL certificate issues with the UniFi controller might necessitate setting UNIFI_VERIFY_SSL=false (with associated security implications, though documented).
Verified SafeView Analysis
The project uses environment variables for credentials and Zod for configuration validation, mitigating hardcoded secret risks. Docker Compose provides security hardening (no-new-privileges, read-only filesystem). SSL verification is configurable (`UNIFI_VERIFY_SSL`), with documentation warning about disabling it. No `eval` or obfuscation found. The core `node-unifi` library is well-established.
Updated: 2025-11-29GitHub
55
593
Medium Cost
mondaycom icon

vibe

by mondaycom

Sec2

Provides intelligent assistance for developers working with Monday.com's Vibe Design System components by offering component APIs, usage examples, icon discovery, and best practice guidance.

Setup Requirements

  • ⚠️Requires Node.js environment (TypeScript)
  • ⚠️Designed for integration with AI development tools/IDEs via standard I/O (StdioServerTransport)
  • ⚠️Relies on 'curl' being available in the execution environment
Review RequiredView Analysis
The server utilizes `child_process.exec` to run `curl` commands to fetch metadata and icon data from `unpkg.com`. More critically, the `IconMetadataService` uses Node.js's `vm.runInContext` to execute JavaScript code fetched from `unpkg.com` for parsing icon metadata. While `vm.runInContext` operates in a sandboxed environment, executing externally sourced code poses a significant supply chain security risk. A compromise of `unpkg.com` or the specific package could lead to arbitrary code execution within the server's environment. Local file system access is observed in migration tools (`v3-migration.ts`, `dropdown-migration.ts`) for analyzing user project files, which is expected for such tools but underscores the need for trust in the tool's integrity.
Updated: 2026-01-18GitHub
55
1
High Cost
pythpythpython icon

openstax-mcp-server

by pythpythpython

Sec7

An AI-powered Model Context Protocol (MCP) server that connects LLMs to OpenStax educational content for semantic search, problem generation, and Jupyter notebook creation.

Setup Requirements

  • ⚠️Requires a Cloudflare account with Workers, Workers AI, Workers KV, and Vectorize bindings configured.
  • ⚠️Client applications (e.g., Cursor, Claude Desktop) need specific configuration to connect to the MCP server endpoint.
Verified SafeView Analysis
Input parameters for tool calls, while defined with schemas, are directly passed to implementation functions without explicit runtime re-validation within the worker. This could potentially lead to unexpected behavior or resource exhaustion (e.g., requesting an excessive number of problems) if a malicious client bypasses the client-side schema adherence. However, the server runs in an isolated Cloudflare Workers environment, which significantly mitigates risks like shell injection or direct system compromise. The current Jupyter notebook generation is a basic placeholder and does not dynamically generate executable code based on content, limiting immediate code execution risks through that vector.
Updated: 2025-12-01GitHub
55
1
Low Cost
semantius icon

postgrest-mcp

by semantius

Sec8

A PostgREST MCP (Model Context Protocol) server that uses OAuth2 for authentication and integrates with PostgREST APIs.

Setup Requirements

  • ⚠️Requires environment variables (`AUTH_SERVER_URL`, `API_BASE_URL`, `API_KEY`/`SUPABASE_ANON_KEY`) for non-Supabase deployments.
  • ⚠️Specific CLI tools (Supabase CLI, Wrangler, Deno Deploy CLI) are needed for deployment to target platforms.
  • ⚠️Deno runtime is required for local development and Deno Deploy targets.
Verified SafeView Analysis
The server uses `getEnv` for all sensitive configurations (API keys, URLs), preventing hardcoded secrets. It employs Zod for input validation in its tools. The `bearerAuth` implementation performs a minimal token check (`!!token`), relying on the downstream PostgREST server for full JWT validation, which is acceptable for a proxy. The CORS policy allows all origins (`origin: (origin) => origin`), which can be a risk for sensitive endpoints if not properly protected by authentication. Host header construction for metadata is standard but could be a vector if not secured by the deployment platform. Overall, the security posture is reasonable for its intended purpose as an OAuth2-protected MCP gateway.
Updated: 2026-01-18GitHub
55
1
High Cost

Integrate Power BI Desktop with conversational AI assistants like Claude or GPT for natural language interaction, model introspection, modification, and analysis.

Setup Requirements

  • ⚠️Requires the MSI version of Power BI Desktop (not Store version).
  • ⚠️Power BI Desktop must be open with a .pbix file loaded for the server to find instances.
  • ⚠️Requires Claude Desktop (or other MCP-compatible AI assistant) with specific configuration to connect.
Verified SafeView Analysis
The actual source code for the executable (`PbiMcpServerAbisSidecar.exe`) is not provided for audit, making a comprehensive security assessment impossible. Based on the README, the server runs 100% locally and no data leaves the machine, which is a positive for privacy. It supports powerful write operations (CRUD for model objects), which carries inherent risk if misused, though a 'Safety Layer' with dry-run mode and confirmation flags is mentioned to mitigate this. The security largely depends on the trustworthiness and implementation of the compiled executable provided by ABIS B.V.
Updated: 2025-12-01GitHub
55
84
Medium Cost
snowmead icon

rust-docs-mcp

by snowmead

Sec8

Provides AI agents with deep, cached access to Rust crate documentation, source code, and project structure for enhanced development.

Setup Requirements

  • ⚠️Requires Rust nightly toolchain installed via rustup.
  • ⚠️Requires `git` command-line tool to be installed and in PATH.
  • ⚠️Can consume significant disk space for cached documentation (at least 1GB recommended).
  • ⚠️Full utility and seamless integration require an MCP client (e.g., Claude Code).
Verified SafeView Analysis
The core Rust application employs robust path sanitization and directory traversal checks during archive extraction (e.g., in `downloader.rs`) to prevent common vulnerabilities. Sensitive environment variables like `GITHUB_TOKEN` are handled securely with `zeroize`. The server executes external Rust toolchain commands (`cargo`, `rustdoc`, `rustup`, `git`) which relies on the integrity and security of the local Rust environment and downloaded crates. The `install.sh` script utilizes `curl | sh` which is a common but inherently less secure method for initial installation, executing remote code directly. However, this is for installation, not the server's runtime operation.
Updated: 2025-11-25GitHub
55
1
Medium Cost
sumchattering icon

iterm2-mcp-server

by sumchattering

Sec8

An MCP server enabling AI assistants to read and interact with iTerm2 terminal panes on macOS.

Setup Requirements

  • ⚠️Requires macOS with iTerm2 installed.
  • ⚠️Requires Node.js >= 18.0.0 and Python 3 with the `iterm2` package (`pip install iterm2`).
  • ⚠️Requires iTerm2 Python API to be enabled in iTerm2 preferences (General > Magic > Enable Python API) and iTerm2 restarted afterwards.
  • ⚠️Tools like `iterm2_current_pane` and `iterm2_side_pane` only work if the MCP server is launched from within an iTerm2 terminal session.
Verified SafeView Analysis
The server's Node.js component executes Python scripts via `child_process.spawn()`. The Python script uses `argparse` to strictly define commands and their parameters, which significantly mitigates arbitrary command injection risks. The `iterm2_send_text` tool allows an AI to send arbitrary text to an iTerm2 pane, which is an intended core feature for a terminal agent and could be misused if the AI is given malicious instructions, but is not a vulnerability within the server's code itself. No hardcoded secrets or direct 'eval' statements were found. Communication is local through the iTerm2 Python API (WebSocket) and MCP SDK (local HTTP/stdio).
Updated: 2026-01-18GitHub
55
1
Medium Cost
intelligent-ears icon

pd-tools-mcp

by intelligent-ears

Sec7

Automated bug bounty reconnaissance and vulnerability scanning by integrating ProjectDiscovery security tools.

Setup Requirements

  • ⚠️Requires manual installation of all ProjectDiscovery tools (subfinder, dnsx, naabu, httpx, katana, nuclei) via 'go install'.
  • ⚠️Requires Go runtime to be installed on the host system.
  • ⚠️Requires ProjectDiscovery executables to be in the system's PATH, or accessible via the Go bin directory.
Verified SafeView Analysis
The server uses 'child_process.spawn' to execute external ProjectDiscovery tools. While this method is generally safer than 'exec' as it avoids shell interpretation of arguments by default, the wrapper does not perform explicit input sanitization for all user-provided arguments (e.g., 'ports' for naabu, 'scope' for katana). If a highly specific malicious input were crafted that exploits a parsing vulnerability in an underlying ProjectDiscovery tool, it could potentially lead to unexpected behavior. The 'httpx' tool uses a hardcoded path based on the Go home directory, which introduces a dependency on that specific installation location. Overall, the security relies heavily on the integrity and security of the installed ProjectDiscovery tools and the host system's PATH configuration.
Updated: 2025-12-06GitHub
55
1
Medium Cost
devidasjadhav icon

mcp-redfish-python

by devidasjadhav

Sec8

An AI-powered interface for managing Redfish-enabled servers through natural language commands, utilizing Model Context Protocol (MCP) for tool integration.

Setup Requirements

  • ⚠️Requires an Anthropic API Key (paid service) for chatbot functionality.
  • ⚠️A Redfish server (mock or real) needs to be running and accessible for the system to function.
  • ⚠️Requires Python 3.8+ and manual environment variable configuration via a .env file.
Verified SafeView Analysis
The project handles API keys and sensitive credentials (Redfish username/password) using environment variables and masks them in debug output, which is good practice. It uses `json.loads` for user-provided patch/action data, which could lead to exceptions for malformed input but does not appear to execute arbitrary code. The `VERIFY_SSL` setting defaults to true, which is critical for secure communication, but can be disabled via configuration, potentially exposing to MITM attacks if set to false in a production environment.
Updated: 2025-12-13GitHub
55
1
Medium Cost
jhlee0409 icon

openapi-sync-mcp

by jhlee0409

Sec9

This server processes OpenAPI specifications, providing an AI assistant with capabilities to parse, diff, track dependencies, and generate client code for various languages and frameworks.

Setup Requirements

  • ⚠️Requires Node.js and npm for installation via the recommended method, as it downloads and wraps a Rust binary.
  • ⚠️Requires manual configuration in `~/.claude/settings.json` for AI assistants to discover and use the MCP server.
  • ⚠️Pre-compiled binaries are provided for macOS (x64, arm64), Linux (x64, arm64), and Windows (x64); other platforms may require building from source using Cargo.
Verified SafeView Analysis
The server is built with Rust, leveraging its memory safety features. It explicitly implements path traversal prevention using `canonicalize` and `contains("..")` checks when reading local files, indicating a good security posture for file operations. Remote spec fetching uses standard `reqwest` client with timeouts. Base URLs for generated clients are configured via environment variables, avoiding hardcoded secrets. The installation process downloads pre-compiled binaries from GitHub releases, which is a common practice but relies on the integrity of the release process. Overall, the codebase shows strong security awareness for its intended functions.
Updated: 2026-01-19GitHub
55
1
Low Cost
daniviber icon

infomaniak_mcp

by daniviber

Sec8

Enables AI assistants to manage Infomaniak cloud services including domains, email, web hosting, and kDrive via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️Requires an Infomaniak account with API access and an API token configured with appropriate scopes.
  • ⚠️Users must configure the `INFOMANIAK_API_TOKEN` environment variable in their MCP client or server environment.
Verified SafeView Analysis
The server reads the Infomaniak API token from environment variables, preventing hardcoded secrets. Input validation for tool calls is performed using Zod schemas. No 'eval' or code obfuscation detected. The HTTP transport defaults to a permissive CORS origin ('*'), which is a security consideration if deployed publicly without explicit configuration of `corsOrigins`. The `infomaniak_api_call` tool allows arbitrary API endpoints, requiring users to carefully manage the provided API token's scopes to prevent unintended actions.
Updated: 2026-01-17GitHub
55
1
Medium Cost
avantifellows icon

mcp-postgres

by avantifellows

Sec9

Provides a read-only Model Context Protocol (MCP) server for AI tools (like Claude Code, Cursor) to query a PostgreSQL database directly.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Crucial to set up PostgreSQL database credentials (AF_DB_HOST, AF_DB_PORT, AF_DB_USER, AF_DB_PASSWORD, AF_DB_NAME) as environment variables.
  • ⚠️The configured database user must have `SELECT` permissions on the target database and tables, and network access to the PostgreSQL host.
Verified SafeView Analysis
The server implements robust read-only enforcement through the `is_read_only` function, which explicitly checks for and blocks all common write/destructive SQL keywords (INSERT, UPDATE, DELETE, DROP, ALTER, TRUNCATE, CREATE, GRANT, REVOKE). This check is applied to all `query` calls and even to the `WHERE` clause in `count_rows`. Database credentials are loaded securely from environment variables, preventing hardcoding. Table and schema names in `sample_data` and `count_rows` are dynamically inserted with identifier quoting to mitigate SQL injection risk, though direct parameterization of identifiers isn't standard in `asyncpg`. No `eval` or similar dangerous dynamic code execution is present. Queries are logged locally.
Updated: 2025-12-11GitHub
PreviousPage 45 of 713Next