Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
VeVarunSharma icon

mcp-servers

by VeVarunSharma

Sec9

This server acts as a Model Context Protocol (MCP) server, providing weather alerts and forecasts by integrating with the National Weather Service (NWS) API.

Setup Requirements

  • ⚠️Requires Node.js version 24.x.
  • ⚠️Uses 'pnpm' as the package manager, not 'npm' or 'yarn'.
  • ⚠️A build step ('pnpm run build') is required before running the server in production mode.
Verified SafeView Analysis
The server appears well-structured with no direct use of 'eval' or other highly dangerous dynamic code execution. Input validation for API tools is implemented using Zod in the Express.js version. It makes external HTTP requests to the NWS API, handling basic HTTP errors. The 'User-Agent' is hardcoded but is not a sensitive secret. Overall, the code itself does not exhibit obvious vulnerabilities, relying on the security of the underlying MCP SDK and NWS API.
Updated: 2025-12-14GitHub
0
0
Medium Cost
Revenant30102000 icon

wotblitz-mcp

by Revenant30102000

Sec9

Provides AI assistants with access to detailed World of Tanks Blitz game data by parsing local game files.

Setup Requirements

  • ⚠️Requires World of Tanks Blitz game installed locally
  • ⚠️Requires WOTB_GAME_PATH environment variable set to the game's Data folder
  • ⚠️Requires Node.js >=18
Verified SafeView Analysis
The server reads data from local game files (WOTB_GAME_PATH), which are assumed to be trusted. Input validation for tool calls is enforced using Zod. No direct 'eval' or obvious malicious patterns were found. The primary security consideration would be a misconfigured WOTB_GAME_PATH pointing to sensitive directories or potential vulnerabilities in third-party parsing libraries (e.g., sharp, XML/YAML parsers) when dealing with malformed game files, though these are generally robust.
Updated: 2025-11-28GitHub
0
0
Low Cost
ariz-ahmad icon

mcp-weather

by ariz-ahmad

Sec9

Provides current weather conditions and a 12-hour hourly forecast for a specified location using the AccuWeather API.

Setup Requirements

  • ⚠️Requires AccuWeather API Key (registration required, potential usage limits)
  • ⚠️Uses 'uv' for dependency management, which needs to be installed first.
Verified SafeView Analysis
The server correctly uses environment variables for the AccuWeather API key, preventing hardcoding. It caches location keys locally in a JSON file, which is a common and generally safe practice. Network calls are made to a known weather API.
Updated: 2025-12-14GitHub
0
0
High Cost
karthikm15 icon

playwright-mcp-rl

by karthikm15

Sec8

Train and evaluate AI agents (Reinforcement Learning policies) to automate browser-based form filling tasks via a Playwright-based environment.

Setup Requirements

  • ⚠️Requires Playwright and Chromium browser installed (`pip install playwright && playwright install chromium`).
  • ⚠️Requires PyTorch for model training and inference.
  • ⚠️For the `run_policy` script, a trained model checkpoint (e.g., 'models/checkpoints/bc_policy_compositional.pt') is necessary. This implies either running `train_bc.py` or `train_ppo.py` first, or providing a pre-trained model.
Verified SafeView Analysis
The system uses Playwright to interact with web pages, which inherently carries a risk if it navigates to untrusted or malicious URLs (defined in `task_config`). The `torch.load` function for model checkpoints can also be a deserialization vulnerability if model files are sourced from untrusted locations. However, the provided source code itself does not contain obvious malicious patterns, direct `eval` of untrusted input, or hardcoded sensitive credentials. Running with trusted inputs is generally safe.
Updated: 2025-12-10GitHub
0
0
High Cost
Jame0077 icon

mcp-code-mode

by Jame0077

Sec3

An AI agent that generates and executes Python code, orchestrating external Model Context Protocol (MCP) tools to solve user tasks.

Setup Requirements

  • ⚠️Requires a paid OpenAI (gpt-4o-mini) or Gemini (gemini/gemini-2.5-pro) API Key for the underlying LLM calls.
  • ⚠️Requires `npm` and `npx` to run external MCP reference servers (e.g., for filesystem and memory operations).
  • ⚠️Requires Python 3.11 or higher.
Review RequiredView Analysis
CRITICAL RISK: By default, the server uses `LocalPythonExecutor` (as specified in `executor_server.py` via `_EXECUTOR_BACKEND = 'local'`). This executor runs user-provided or LLM-generated Python code using `exec()` within the same Python process as the server itself. This grants the executed code full access to the host system's filesystem, network, and environment variables (including any API keys present in the server's environment). While `policies.py` attempts to filter dangerous imports like 'subprocess' or 'open()', these are string-based checks and can often be bypassed by a determined attacker or a clever LLM. The `SandboxedPythonExecutor` offers much stronger isolation (Deno+Pyodide, network/filesystem restrictions) but is explicitly *not* the default due to stated limitations with HTTP requests (which are necessary for the tool bridge). Running this server in its default configuration with untrusted input (e.g., from a public API or a public Hugging Face Space) poses a severe code execution vulnerability, allowing arbitrary code execution on the host machine.
Updated: 2026-01-19GitHub
0
0
Medium Cost
YohAsacura icon

chrome-mcp-server

by YohAsacura

Sec7

Automating Chrome browser for web scraping, UI testing, and general web automation through the Model Context Protocol.

Setup Requirements

  • ⚠️Python 3.10+ required.
  • ⚠️Google Chrome browser (latest version) must be installed.
  • ⚠️Requires manual configuration for Claude Desktop integration (or direct execution).
Verified SafeView Analysis
The `execute_javascript` tool allows arbitrary JavaScript execution, which is a powerful capability that could be abused if inputs are not from a trusted source. The `screenshot` tool allows specifying an arbitrary `filename`, which could lead to file system manipulation (e.g., directory traversal) if the filename is not sanitized. The browser is launched with `--no-sandbox`, which reduces browser isolation. However, these are often necessary features for browser automation tools, and the server communicates via stdin/stdout, limiting direct external network attack vectors. Safety is highly dependent on the trustworthiness of the client invoking the tools.
Updated: 2025-11-22GitHub
0
0
Medium Cost
aezizhu icon
Sec7

Enables AI agents to automatically solve a wide range of captcha challenges (text, math, reCAPTCHA, hCaptcha, sliders, etc.) using local OCR and a cascading fallback to high-reliability external services.

Setup Requirements

  • ⚠️Requires Node.js version >=18.0.0.
  • ⚠️For 99%+ captcha solving accuracy, users must obtain and provide API keys for paid third-party services (e.g., CapSolver, 2Captcha, Anti-Captcha).
  • ⚠️Requires manual configuration in Claude Desktop's `mcpServers` setting with the full path to `index.js`.
Verified SafeView Analysis
The server uses the `Function` constructor (similar to `eval`) for evaluating math expressions in `solveMathCaptchaLocally`. While this is generally risky, the input `expression` is heavily sanitized to only allow numeric and basic arithmetic characters, significantly mitigating the risk for this specific use case. A hardcoded `developer_tag` is present in `captcha-mcp/tools/services.js` for the `jfbym` service. The server relies on numerous third-party captcha-solving APIs, requiring trust in their security. The `captcha_solver.js` file (Tampermonkey script) is outside the server's execution context and thus not fully audited as part of the MCP server, but it also contains hardcoded URLs and performs network requests.
Updated: 2025-12-05GitHub
0
0
Low Cost
michael-nhat icon

emacs-mcp-server-node

by michael-nhat

Sec2

This server provides a WebSocket and HTTP interface for a client to interact with the local filesystem and potentially execute code, acting as a backend for a multi-client protocol, likely for an Emacs plugin.

Setup Requirements

  • ⚠️Requires Node.js installed.
  • ⚠️Client-side application must be built into 'client/dist' directory before running the server.
  • ⚠️Functionality depends on an Emacs client implementing the Multi-client Protocol (MCP).
Review RequiredView Analysis
The server exposes file system read and directory listing functionality via WebSocket messages without any path validation or sanitization, making it vulnerable to path traversal attacks. A malicious client could read any file or list any directory on the server's file system. The 'execute-code' handler explicitly comments on the potential use of 'eval' or similar, indicating a future high-risk area if implemented without sandboxing.
Updated: 2025-11-26GitHub
0
0
High Cost
GeorgePearse icon

bacon-mcp

by GeorgePearse

Sec6

Provides AI assistants with tools to check, lint, test, and build Rust projects.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️Requires the Rust toolchain (rustup, cargo) to be installed and in the system PATH.
  • ⚠️The 'bacon_audit' tool requires 'cargo-audit' to be installed separately.
Verified SafeView Analysis
The server executes arbitrary 'cargo' commands with user-provided paths and arguments via 'child_process.spawn'. While 'validateRustProject' checks for a Cargo.toml file, this does not fully prevent potential command injection or directory traversal if a malicious agent crafts inputs. Running 'cargo audit' also requires external `cargo-audit` installation. Execution is local to the server environment, implying full user permissions. It is generally safe when run in a trusted development environment, but direct exposure to untrusted input from an AI could pose risks.
Updated: 2025-12-01GitHub
0
0
High Cost
mailshieldai icon

paste-rag

by mailshieldai

Sec9

Query and retrieve specific clipboard history items from the macOS Paste app database, filtered by content, application, type, or date range, primarily to provide context for AI agents.

Setup Requirements

  • ⚠️Requires macOS operating system.
  • ⚠️Requires the Paste app to be installed and to have existing clipboard history.
  • ⚠️Requires 'uv' package manager for installation and execution.
Verified SafeView Analysis
The server connects to the local Paste app SQLite database in read-only mode using parameterized queries, significantly reducing SQL injection risks. It accesses predefined system paths for the database, preventing arbitrary file access. No 'eval' or other highly dangerous functions were observed, and no external network calls beyond the local database are made. The primary risk is the exposure of potentially sensitive clipboard data via the MCP interface.
Updated: 2026-01-19GitHub
0
0
Medium Cost
kud icon
Sec9

Manage Jenkins CI/CD workflows and monitor build statuses via an AI assistant using the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Node.js 20+
  • ⚠️Requires a Jenkins API Token or Bearer Token for authentication
  • ⚠️Requires Jenkins server URL
Verified SafeView Analysis
The server correctly handles sensitive credentials by prioritizing CLI arguments over environment variables (`MCP_JENKINS_*` then `JENKINS_*`), avoiding hardcoding. It explicitly supports both Basic (username:api-token) and Bearer token authentication. CSRF protection is implemented by fetching and using Jenkins crumbs for POST requests. No 'eval' or other directly malicious patterns were found. HTTP requests use native fetch with timeouts. The main security consideration is the inherent power of Jenkins API access; compromised credentials could allow significant system interaction, so strong token management (rotation, least privilege) is crucial for the user.
Updated: 2025-11-28GitHub
0
0
Low Cost
MomentaryChen icon

mcp-server-tools

by MomentaryChen

Sec1

Provides a suite of Model Context Protocol (MCP) server implementations for diverse data and communication tasks.

Setup Requirements

  • ⚠️Requires Node.js v18+ and npm/yarn.
  • ⚠️Requires manual editing of connection credentials directly in source files (e.g., database passwords).
  • ⚠️Requires local instances of MySQL, TDengine, MongoDB, MQTT broker, and/or Kafka broker for full functionality.
  • ⚠️Requires an MCP-compatible client (e.g., Cursor) for interaction.
Review RequiredView Analysis
The server includes multiple critical security vulnerabilities due to hardcoded credentials (MySQL, TDengine, MongoDB) directly in the source code. There is a complete lack of input validation and sanitization for user-supplied data in tools, which enables severe risks such as SQL Injection (via `query_mysql`, `query_tdengine`), Local File Inclusion (via `readFile`), and Server-Side Request Forgery (via `call_api_get/post/put/delete`) if exposed to untrusted input. While the README mentions these as security considerations, the provided source code does not implement any safeguards, making it highly unsafe for production or any environment processing untrusted data.
Updated: 2025-12-15GitHub
PreviousPage 454 of 713Next