Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
Pravamaya2 icon

Expenses-Tracker

by Pravamaya2

Sec8

Track and manage personal expenses with a remote API server.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
Verified SafeView Analysis
The server generally uses parameterized queries, which effectively prevents common SQL injection vulnerabilities. Dynamic query construction in `update` is limited to trusted field names, reducing risk. No hardcoded secrets or 'eval' statements were found. The server binds to localhost (127.0.0.1) by default, limiting network exposure. Error handling for database errors provides generic messages without exposing full tracebacks to clients, though tracebacks are printed internally.
Updated: 2026-01-08GitHub
0
0
Low Cost
Mezo1122 icon

RiMCP_hybrid

by Mezo1122

Sec5

A server-side application related to the Minecraft protocol, likely for custom game hosting or server management, with features for adapting to different Minecraft versions or platforms.

Setup Requirements

  • ⚠️Requires Java Runtime Environment (JRE)
  • ⚠️May require specific Minecraft client versions for compatibility.
Review RequiredView Analysis
A meaningful security audit cannot be performed as no source code was provided for analysis. The score of 5 reflects an inability to verify any security practices, assuming a neutral stance.
Updated: 2026-01-19GitHub
0
0
Low Cost
mcpize icon

templates

by mcpize

Sec9

A boilerplate template for building Model Context Protocol (MCP) servers in Python using FastMCP, providing basic synchronous and asynchronous tool examples with development logging.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Requires `uv` for dependency management (alternative to pip)
  • ⚠️Requires `make` to use the provided quick start commands
Verified SafeView Analysis
The server code itself implements good practices for logging and environment variable handling. No direct vulnerabilities like `eval`, `exec`, or hardcoded secrets were found. The `DevLoggingMiddleware` uses `json.dumps` for logging incoming parameters, which is safe. It relies on the security of the `FastMCP` SDK.
Updated: 2026-01-06GitHub
0
0
Medium Cost
kunaldb icon

wiki_mcp_server

by kunaldb

Sec9

An MCP (Model Context Protocol) server for integrating Confluence wiki content, allowing AI models to search, retrieve, and list Confluence information.

Setup Requirements

  • ⚠️Requires a Databricks workspace with Apps enabled and Databricks CLI configured.
  • ⚠️Requires a Confluence account with API access and an API token (not a password).
  • ⚠️Confluence credentials (URL, email, API token) must be configured as environment variables or in 'app.yaml' (not committed to Git).
Verified SafeView Analysis
The code adheres to good security practices for credential management, explicitly using environment variables (CONFLUENCE_URL, CONFLUENCE_EMAIL, CONFLUENCE_API_TOKEN) and warning against committing 'app.yaml' to source control. There are no obvious `eval` or unsafe execution patterns. The deployment script uses standard Databricks CLI commands. Network risks are managed by the Databricks Apps platform and Confluence's own security (e.g., IP allowlisting).
Updated: 2025-12-02GitHub
0
0
Low Cost
b48f8f5xg2-blip icon

dynamic-shell-server

by b48f8f5xg2-blip

Sec3

This server provides a secure Model Context Protocol (MCP) interface for executing shell commands with an external approval system and process management.

Setup Requirements

  • ⚠️Requires Python virtual environment and dependencies from `requirements.txt`.
  • ⚠️Claude Desktop integration requires manual configuration with absolute paths to Python interpreter and server script.
  • ⚠️An interactive user approval process (external to this server's code) is required for first-time command executions.
Review RequiredView Analysis
The server's `execute_command` tool defaults to `shell=True` for `asyncio.create_subprocess_shell`, and `run_in_venv` explicitly uses `/bin/bash -c`. This directly contradicts the README's claim of 'No shell execution (prevents injection attacks)'. Furthermore, the advertised '5-minute command timeout' is not implemented in `run_process_in_background`, which uses `process.communicate()` without a timeout, allowing commands to run indefinitely. While an external approval system is described, the server code itself enables highly privileged shell execution without internal safeguards against common vulnerabilities like command injection or hanging processes. The reliance on an external, unspecified approval system for security is a significant concern given the server's direct capabilities.
Updated: 2025-12-06GitHub
0
0
Medium Cost
080bct12alex icon

ChatBot

by 080bct12alex

Sec2

Develops a versatile and interactive AI chatbot using LangGraph, featuring advanced concepts like memory, persistence, tool integration (search, calculator, stock price), multi-party communication (MCP), and retrieval-augmented generation (RAG) with a Streamlit user interface and user management.

Setup Requirements

  • ⚠️Requires Google Generative AI API Key (Paid) for ChatGoogleGenerativeAI.
  • ⚠️Requires `alexmcp.fastmcp.app` service to be running and accessible for Multi-Server MCP tools.
  • ⚠️Relies on several Python packages including `streamlit`, `langchain`, `langgraph`, `aiosqlite`, `bcrypt`, `requests`, `streamlit-cookies-manager`, `huggingface_hub`, `pypdf`, and `faiss-cpu`. Missing any could cause runtime errors.
  • ⚠️The Alpha Vantage API key is hardcoded and should be replaced with an environment variable.
  • ⚠️The Streamlit cookie manager password is hardcoded and must be replaced with a strong, securely managed environment variable.
Review RequiredView Analysis
CRITICAL: The Alpha Vantage API key is hardcoded in `agent.py` (`apikey=8S6VBWTFZH9U6HDA`). CRITICAL: The cookie encryption password for `EncryptedCookieManager` is hardcoded in `app.py` (`password="7b9561efc4a6acf95c78285418225434533f70dd609026c8ff9ba1c50a5be6c6"`). These hardcoded secrets pose significant security risks, allowing unauthorized access to API services and potential decryption of user session data. While user authentication with bcrypt is implemented for passwords, the overall system is highly vulnerable due to these critical hardcoded secrets.
Updated: 2025-11-29GitHub
0
0
Medium Cost
danielsimonjr icon

substack-mcp

by danielsimonjr

Sec1

Unable to determine the use case as the source code was not provided.

Setup Requirements

  • ⚠️Source code was not provided, preventing analysis of specific requirements, dependencies, or setup friction.
  • ⚠️Cannot identify specific system requirements or configuration needs without access to the code.
Review RequiredView Analysis
Source code was not provided, therefore a comprehensive security audit could not be performed. Without access to the code, it is impossible to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. Any server without code inspection should be considered highly insecure by default.
Updated: 2025-11-26GitHub
0
0
Medium Cost
ValentinTorassa icon

ShellFusion-mcp-server

by ValentinTorassa

Sec3

A full-stack application for managing tickets, with a Python-based Model Context Protocol (MCP) server to enable AI assistant integration for interacting with the backend API.

Setup Requirements

  • ⚠️Docker Desktop is required to run the MongoDB database component.
  • ⚠️Separate Python 3.10+ virtual environment and the `mcp` CLI tool (`pip install fastmcp`) are required to run the AI integration server.
  • ⚠️The full local development setup requires running multiple `npm install` and `npm run dev` commands in both `backend` and `frontend` directories.
  • ⚠️Crucial environment variables (`BACKEND_API_KEY`, `TOKEN_SECRET`, `MONGODB_URI`) must be set for the backend and MCP server to function correctly.
  • ⚠️Default database credentials (`root/example` and `appuser/apppass`) are hardcoded in the Docker setup, which must be changed for production deployments.
Review RequiredView Analysis
1. **API Key Bypass:** The `apiKeyAuth` middleware (backend/src/middlewares/apiKeyAuth.ts) explicitly bypasses API key authentication if the `BACKEND_API_KEY` environment variable is not set. This could unintentionally expose protected API routes if the variable is omitted in a production environment. 2. **Hardcoded Docker Credentials:** Default hardcoded MongoDB root ('root'/'example') and application-specific ('appuser'/'apppass') credentials are used in `docker-compose.yml` and `mongo-init/001-init.js`. While common for local development, these are **critical security risks** if deployed in a production environment without immediate and strong modification. 3. **Missing Security Headers:** The `helmet` dependency is listed in `backend/package.json` but is not explicitly utilized in `backend/src/index.ts`, missing out on a straightforward way to implement crucial security headers for HTTP responses. 4. **CORS Configuration:** CORS is configured to allow `FRONTEND_ORIGIN`. Ensure this variable is strictly controlled and not set to `*` in production to prevent unintended cross-origin access. 5. **JWT Handling:** JWT tokens are signed with `process.env.TOKEN_SECRET` and expire in '8h'. The `Authorization` cookie is set with `httpOnly` and `secure` flags conditionally based on `NODE_ENV`, which is good practice. 6. **Password Hashing:** Passwords are securely hashed using `bcryptjs` with 12 salt rounds.
Updated: 2025-11-26GitHub
0
0
Medium Cost
Tam1379 icon

uspto_fpd_mcp

by Tam1379

Sec9

Provides tools for in-depth USPTO Final Petition Decisions research and analysis, including document extraction and cross-MCP integration.

Setup Requirements

  • ⚠️Requires USPTO_API_KEY environment variable or secure storage (paid/account needed for USPTO Open Data Portal).
  • ⚠️Requires MISTRAL_API_KEY environment variable or secure storage for OCR on scanned documents (Mistral AI is a paid service, optional for basic text-based PDF extraction).
  • ⚠️Secure storage leverages Windows DPAPI, requiring a Windows OS for full functionality; falls back to environment variables on Linux/macOS.
  • ⚠️Enhanced features like persistent download links and centralized proxy integration are available if the USPTO Patent File Wrapper (PFW) MCP is also installed and running.
  • ⚠️Requires Python 3.11 or higher.
Verified SafeView Analysis
The server demonstrates robust security practices including: extensive log sanitization to prevent log injection and sensitive data leakage, secure API key storage using Windows DPAPI (with fallback to environment variables), rate limiting for document downloads, and comprehensive security headers and request size limits on the FastAPI proxy server. The older `secure_storage.py` module used a hardcoded entropy for legacy decryption, which is a minor theoretical vulnerability, but the modern `shared_secure_storage.py` uses cryptographically secure random entropy, and a migration path is provided to address this. Overall, security is a high priority.
Updated: 2026-01-19GitHub
0
0
Medium Cost
bluwork icon

mongo-scout-mcp

by bluwork

Sec9

The server allows AI assistants to interact with and manage MongoDB databases, providing comprehensive tools for data exploration, monitoring, and quality assurance.

Setup Requirements

  • ⚠️Requires a running MongoDB instance to connect to.
  • ⚠️Requires pnpm for dependency management and building the project.
  • ⚠️Recommended to configure two separate MCP instances (read-only and read-write) in Claude Desktop for maximum safety, as explicitly detailed in the README.
  • ⚠️Some tools (e.g., `getProfilerStats`, `getSlowestOperations`) require MongoDB profiling to be enabled to gather performance data, which might necessitate 'read-write' mode or manual database configuration.
Verified SafeView Analysis
The server implements robust security measures. It supports explicit 'read-only' and 'read-write' modes, with write operations being disabled by default and requiring explicit activation. Destructive operations like `dropCollection`, `deleteMany`, and `updateMany` include `dryRun` options, require explicit confirmation (`confirm: true`), and incorporate smart warnings for large operations or empty filters to prevent accidental data loss. Sensitive data fields (e.g., 'password', 'key', 'secret') are redacted in responses. Administrative commands are whitelisted in `runAdminCommand`, and rate limiting is applied to admin/monitoring tools to prevent abuse. ObjectIds are correctly handled to prevent NoSQL injection. Logging is in place to track tool usage and errors.
Updated: 2025-12-17GitHub
0
0
Low Cost
Ej-Locked icon

FlowCore

by Ej-Locked

Sec3

FlowCore is a lightweight, Rust-powered real-time stream processing engine designed for efficient data stream handling, real-time analytics, and live visualization via a React dashboard.

Setup Requirements

  • ⚠️Requires the Rust toolchain to be installed to build and run the backend server from source.
  • ⚠️Requires Node.js and npm/yarn for the React-based frontend application.
  • ⚠️The backend server (Rust) and frontend application (React) are separate processes and need to be run concurrently for the full interactive experience.
  • ⚠️The README.md provides highly misleading and potentially unsafe download links; users should be cautious and build from source or verify official releases carefully.
Verified SafeView Analysis
The backend Rust code itself does not contain obvious 'eval', obfuscation, or hardcoded secrets within its logic. Application state and window results are written to local '/tmp' directories ('/tmp/flowCore_ckpt' and '/tmp/flowCore_out'). While acceptable for a demo or local setup, this might require better isolation or configuration in a production or multi-user environment to prevent data leakage or interference. The '/recent' endpoint exposes the raw content of the '/tmp/flowCore_out/results.log' file; this pattern could expose sensitive data if logging practices change. CRITICAL CONCERN: The README.md contains highly suspicious and misleading download links. All listed download links (for FlowCore installers for various OS, and even for Rust itself) point to the exact same URL: 'https://raw.githubusercontent.com/Ej-Locked/FlowCore/main/frontend/node_modules/@babel/types/FlowCore-v1.9.zip'. This is a severe security red flag. Users attempting to follow these instructions might download an arbitrary zip file from an unexpected, non-official GitHub `node_modules` path instead of the intended software or Rust installer, posing a significant risk of downloading malware or incorrect software. This significantly undermines the trust and safety of the project's distribution model.
Updated: 2026-01-19GitHub
0
0
Medium Cost
santiagopereda icon

MCP_GoogleSheets

by santiagopereda

Sec9

This server provides a secure bridge for AI assistants to interact with Google Sheets, enabling comprehensive spreadsheet management, data access, modification, and table-level automation workflows.

Setup Requirements

  • ⚠️Requires Docker Desktop with MCP Toolkit enabled and Docker MCP CLI plugin.
  • ⚠️Requires a Google Cloud Project with Google Sheets API and Google Drive API enabled, and either a Service Account JSON file or OAuth 2.0 credentials.
  • ⚠️Authentication with Docker MCP Gateway requires volume-mounted credentials with an absolute host path, as Docker MCP secrets injection is noted as unreliable in the documentation.
  • ⚠️FastMCP framework requires strict adherence to specific development rules for tools (e.g., single-line docstrings, empty string defaults for parameters, no 'prompt' parameter to FastMCP initialization) to avoid gateway panics.
Verified SafeView Analysis
The server implements strong security practices including retrieving credentials from environment variables or mounted files (not hardcoded), running as a non-root user (`mcpuser`), and using read-only volume mounts (`:ro`) for credentials. It leverages standard Google API client libraries. There are no obvious signs of 'eval' or malicious patterns. A minor concern is that some table operations (e.g., `update_table_rows`, `delete_table_rows`) read the entire sheet into memory, process it, and then rewrite, which could introduce potential race conditions or performance issues with extremely large, concurrently updated sheets, although this is a common approach when more granular API methods are not available.
Updated: 2025-11-30GitHub
PreviousPage 459 of 713Next