Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
helloaisumo-star icon

telegram-mcp-server

by helloaisumo-star

Sec2

A server application designed to interact with the Telegram Bot API, likely providing monitoring or management capabilities for Minecraft servers.

Setup Requirements

  • ⚠️Requires a Telegram Bot Token
  • ⚠️Needs a public URL or long-polling setup for Telegram webhooks/API
  • ⚠️May require configuration for Minecraft server details (e.g., IP, port, RCON credentials)
Review RequiredView Analysis
Cannot perform a comprehensive security audit due to the absence of provided source code. Analysis is based solely on the repository name. Potential risks common to server applications (e.g., API key exposure, improper input validation, lack of rate limiting) cannot be assessed without code review.
Updated: 2025-12-11GitHub
0
0
Low Cost
dipanshuchoudhary-data icon

Expenses-Tracker-MCP-Server

by dipanshuchoudhary-data

Sec9

Provides a backend for AI clients to manage, track, and analyze personal or business expenses through a Model Context Protocol (MCP) interface.

Setup Requirements

  • ⚠️Requires Python 3.10 or newer.
  • ⚠️The README mentions 'SQLite / PostgreSQL (based on configuration)', but the provided source code for `main.py` only implements SQLite.
  • ⚠️The default database uses a local `expenses.db` file for persistence, but if `FASTMCP_ENV` is set to 'cloud', it will use an in-memory database, losing data upon server restart.
Verified SafeView Analysis
The server primarily uses SQLite and employs parameterized queries (e.g., `?`) to prevent SQL injection for data values. While `f-strings` are used to insert column names in `removal` and `update_expense`, these column names are strictly validated against a predefined 'allowed' set, mitigating injection risks. No `eval` or `os.system` calls are present. The database path can be configured to be in-memory or a local file, controlled by `FASTMCP_ENV`. `check_same_thread=False` for SQLite connection is common but requires careful handling in highly concurrent environments, though typically acceptable for lightweight servers.
Updated: 2026-01-17GitHub
0
0
Low Cost
joe-watkins icon

aria-mcp

by joe-watkins

Sec5

Provides comprehensive access to the W3C WAI-ARIA specification for accessibility professionals, developers, and AI agents to query ARIA roles, states, properties, and accessibility requirements.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Updating the ARIA specification data (via `npm run update-submodule` or `npm run parse`) involves `git` for submodule management and executes potentially risky code (`new Function()`) from the submodule's contents. Users must implicitly trust the integrity of the W3C ARIA repository source when performing data updates.
  • ⚠️For local installation, configuring MCP clients like Claude Desktop or Cursor requires providing an absolute path to the server's entry point (e.g., `/path/to/aria-mcp/src/index.js`).
Review RequiredView Analysis
The `scripts/parse-aria-spec.js` script uses `new Function('return ' + jsonMatch[1])()` to parse JavaScript files (`roleInfo.js`) obtained from the W3C ARIA Git submodule. While this occurs during a data parsing/build step and not the live server's runtime, and is meant for an ostensibly trusted W3C data source, executing code via `new Function()` with content from an external source (even a submodule) is a high-risk pattern. If the W3C ARIA repository were compromised or if a user were to run `npm run parse` on untrusted data, this could lead to arbitrary code execution. The runtime MCP server itself (`src/index.js`, `src/tools.js`) appears safer as it primarily performs lookups on the pre-generated static JSON data, but the build process introduces a significant vulnerability.
Updated: 2026-01-18GitHub
0
0
High Cost
biohackathon-japan icon

BH25-MCP-server-shapes

by biohackathon-japan

Sec10

This project outlines the development and integration of Model Context Protocol (MCP) servers with RDF data portals and SPARQL endpoints, leveraging RDF data shapes (ShEx) to enhance natural language interactions with large RDF datasets via Large Language Models (LLMs).

Setup Requirements

  • ⚠️Requires access to a commercial Large Language Model API (e.g., Anthropic Claude, as used in the project), which incurs costs.
  • ⚠️Requires access to various external RDF/SPARQL endpoints (e.g., RDF Portal, UniProt, Glycosmos, BacDive, MediaDive) to function as described.
  • ⚠️The actual MCP server implementations (TogoMCP, rudof MCP server) reside in separate GitHub repositories and would need to be cloned, built, and configured independently, as this repository is a publication template.
Verified SafeView Analysis
The provided source code consists of a BioHackrXiv publication template and a scientific paper, not executable server code. Therefore, it does not contain direct runtime security risks such as 'eval' statements, obfuscation, network vulnerabilities, or hardcoded secrets within this repository's contents. The described external systems (LLMs, RDF data portals, and the actual MCP server implementations) would have their own security considerations, but these are not auditable from the provided source for this specific repository.
Updated: 2025-12-15GitHub
0
0
Medium Cost
Flesdro icon
Sec8

Develop a web platform for users to record and analyze their emotional thoughts, providing mental health insights and interactive communication with a virtual character, potentially utilizing fine-tuned Large Language Models.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK)
  • ⚠️Requires MySQL database instance
  • ⚠️Requires Node.js and Yarn/npm for Vue.js frontend build
  • ⚠️Requires downloading pre-trained BERT model for data analysis/model baselines (as per data_set/README.md)
Verified SafeView Analysis
The provided code snippets are primarily boilerplate Spring Boot application classes and Python scripts for data analysis. No direct 'eval' or blatant security vulnerabilities were found in the truncated code. The `notes/` documentation indicates an awareness of security best practices for a web application, such as using `PasswordEncoder` for password hashing, JWT/Session management, and global exception handling. Network risks are inherent to any web application but planned security configurations (CORS, JWT) are mentioned. There are no hardcoded secrets visible in the provided code, though secrets would be expected in `application.properties` or environment variables, which are not shown. The Python data processing scripts appear robust for their intended purpose.
Updated: 2025-12-11GitHub
0
0
High Cost
rubensgomes icon

javamcp

by rubensgomes

Sec8

Provides AI coding assistants with rich contextual information about Java APIs by parsing Java source code from Git repositories.

Setup Requirements

  • ⚠️Python 3.14+ required
  • ⚠️Poetry 2.2+ required for dependency management
  • ⚠️Requires `~/.config/javamcp/config.yml` configuration file with repository URLs
Verified SafeView Analysis
The server's primary function involves parsing Java source code from Git repositories, which are cloned locally. While parsing itself is static analysis, cloning external repositories always carries a theoretical risk if the source repositories are compromised or contain malicious files. However, the system's core logic focuses on static parsing and does not appear to execute arbitrary code found in the repositories. No direct use of 'eval' or similar dangerous functions was found. Network exposure is standard for a server (HTTP/stdio).
Updated: 2026-01-15GitHub
0
0
Low Cost
Fe4rlessxD icon

parseltongue_mcp

by Fe4rlessxD

Sec10

This repository, as provided in the source code, appears to be a personal proposal or placeholder, lacking any functional server code.

Verified SafeView Analysis
No executable source code was provided for analysis, only a README file. Therefore, no direct security risks, such as 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns, can be identified from the given input.
Updated: 2026-01-19GitHub
0
0
Medium Cost
mcpdirect icon
Sec7

Provides a backend service for a community platform, handling API requests, real-time communication, and internal service orchestration.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) installed.
  • ⚠️Requires Maven for building the project.
  • ⚠️Requires a PostgreSQL database instance.
  • ⚠️Requires a Redis instance.
  • ⚠️Requires setting multiple environment variables for database, Redis, and HTTP port.
Verified SafeView Analysis
The server uses environment variables for sensitive credentials (database, Redis), which is good practice. SSL context generation is included, indicating secure communication channels. However, the `allowedOrigins("*")` in the CORS configuration (`WebMvcConfigurer`) is a broad setting that allows requests from any domain. While common in some development or public API scenarios, it needs careful consideration and potentially more specific domain restrictions in production to prevent potential Cross-Site Request Forgery (CSRF) issues if not mitigated by other security layers (e.g., robust authentication tokens, CSRF tokens where applicable). No 'eval' or obvious obfuscation detected. The `HstpServlet` handles custom `hstp-usl` and `hstp-auth` headers, suggesting a custom protocol or communication layer. Error messages seem to be sanitized with `JSON.quote`.
Updated: 2026-01-05GitHub
0
0
Low Cost
hegner123 icon

checkfor

by hegner123

Sec8

An MCP server tool for searching files in directories with compact JSON output, designed for AI-optimized, token-efficient verification during refactoring workflows.

Setup Requirements

  • ⚠️Requires Go SDK installed for building and updating.
  • ⚠️The compiled 'checkfor' binary must be installed to your system's PATH for MCP server integration (e.g., in /usr/local/bin or ~/bin).
  • ⚠️Requires an MCP-compatible client (like Claude Code) configured with a '.mcp.json' file to use its server features.
Verified SafeView Analysis
The tool's update mechanism (via `checkfor --update`) executes `go install github.com/hegner123/checkfor@latest`. While this is a standard practice for Go CLI tools, it means the tool itself fetches and executes code from GitHub. This operation assumes trust in the `hegner123/checkfor` repository and the Go toolchain. A compromise of the upstream repository could lead to arbitrary code execution. Otherwise, the code appears clean with no 'eval', obfuscation, hardcoded secrets, or direct execution of arbitrary user input.
Updated: 2026-01-18GitHub
0
0
Low Cost
humair832 icon
Sec6

Chrome browser extension to automatically extract authentication cookies and information from a user's Gemini Business account for 'easy access'.

Setup Requirements

  • ⚠️Requires enabling 'Developer mode' in Chrome for installation.
  • ⚠️Requires manual download and drag-and-drop installation (not from Chrome Web Store).
  • ⚠️Requires an active Gemini Business account and being logged in on the target page for cookie extraction.
Review RequiredView Analysis
The extension's primary function is to extract sensitive authentication cookies. While the provided source code does not show direct exfiltration of these cookies to an external server, it has broad 'host_permissions' (https://*.google/*, https://*.google.com/*, etc.) and uses 'webRequest' to intercept network requests across all Google domains. This means it can access cookies for any Google service the user is logged into, not just Gemini Business, which is an over-permission for its stated specific purpose. The extension is designed to be installed via 'Developer mode' in Chrome, bypassing the standard Chrome Web Store review process. Users must implicitly trust the developer as there's no third-party security vetting. The extracted cookies are displayed directly in a text area on the current page, making them visible to anyone with access to the browser.
Updated: 2026-01-19GitHub
0
0
Medium Cost
lmazure icon

SMS

by lmazure

Sec5

This MCP server integrates AI assistants with SquashTM to enable creation and management of test cases, requirements, and project folders.

Setup Requirements

  • ⚠️Requires Node.js (>= 18.0.0).
  • ⚠️Requires a running SquashTM instance and a valid API key.
  • ⚠️Explicitly marked as a 'learning/playground project' and 'Do not use!' for anything critical or production-related.
  • ⚠️Requires configuration within Claude Desktop's `mcpServers` settings.
Review RequiredView Analysis
The project explicitly states: '⚠️ This is a learning/playground project. **Do not use!**' which implies it's not production-ready or fully hardened against security vulnerabilities. It handles a SquashTM API key via environment variables, which is a good practice. No 'eval' or obvious obfuscation was found. Network requests are made to an external SquashTM instance, so the security also depends on the SquashTM instance itself. Error logging could potentially expose sensitive information to the `SMS_LOG_FILE` if not carefully managed.
Updated: 2026-01-17GitHub
0
0
High Cost
xpe-hub icon
Sec3

Real-time anti-cheat analysis for Discord servers, utilizing AI for code pattern detection, auto-updates, and anti-cheat code generation.

Setup Requirements

  • ⚠️Requires Discord Bot Token and specific Discord Gateway Intents (Message Content, Server Members).
  • ⚠️Requires OpenAI API Key (or OpenRouter API Key for MiniMax-M2) for AI features (paid service).
  • ⚠️Requires Node.js 18+ and npm installed.
  • ⚠️Hardcoded example Discord Bot Token in README is a critical security risk; must be replaced.
  • ⚠️Multiple Discord channel IDs are required for comprehensive monitoring.
Review RequiredView Analysis
Critical security risks identified: 1. **Hardcoded Discord Bot Token in Documentation:** The `README.md` explicitly lists a Discord Bot Token example (`DISCORD_BOT_TOKEN=1441878707250791722.GHFGuP.JZJGI3pJDm2iaN2CJHiRUKoyq_kqxIPoh6ADws`). If users copy this directly, their bot will be immediately compromised. 2. **Server-Side Request Forgery (SSRF) Vulnerability:** The `scan_repository` tool (and subsequently `getRepositoryContent`) takes a `repo_url` derived from user-controlled Discord message content. Although a regex filters for `github.com` links, an attacker could potentially craft a malicious URL (e.g., using domain squatting or DNS rebind attacks) to trigger `axios.get` requests to internal network resources or arbitrary external endpoints, leading to information leakage or denial-of-service. 3. **Lack of Role-Based Access Control:** Discord bot commands handled via mentions (`@Stealth-AntiCheatX analyze [code]`) appear to lack granular access control. Any user in a monitored channel could potentially invoke these analysis or monitoring commands, which could be abused for resource exhaustion or unintended actions. 4. **Disabled MiniMax Integration:** The `minimax-mcp-js` client is commented out and conditionally disabled (`if (false && this.minimaxClient)`), indicating that some described AI functionalities are not active.
Updated: 2025-11-26GitHub
PreviousPage 451 of 713Next