Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
mircorudolph icon

mcp-tool

by mircorudolph

Sec9

Implements a toy Model Context Protocol (MCP) server providing simple tools for random animal selection and dice rolling, primarily for demonstrating and integrating with LLMs via the MCP SDK.

Setup Requirements

  • ⚠️Python 3.12+ required
  • ⚠️Anthropic MCP SDK (`mcp[cli]`) required
Verified SafeView Analysis
The server is simple and stateless, implementing two basic tools without any direct user input parsing or complex logic that could introduce vulnerabilities. It uses standard Python libraries (`random`, `logging`, `os`) and the official `mcp` SDK. No 'eval' or similar dangerous functions are used. `os.getenv` for `LOG_LEVEL` is handled safely. Given its minimal scope and direct implementation, the risk is very low.
Updated: 2025-11-25GitHub
0
0
Low Cost
mdlopresti icon

loom-warp

by mdlopresti

Sec8

Provides a distributed agent communication infrastructure using NATS JetStream for features like agent registry, channel-based messaging, direct messaging, and a work queue system.

Setup Requirements

  • ⚠️Requires a running NATS server with JetStream enabled (e.g., `nats-server -js`). A `docker-compose.yml` is provided for local setup of NATS.
  • ⚠️For production deployments, a Kubernetes cluster (v1.28+), `kubectl`, and a storage provisioner for PersistentVolumeClaims are essential.
  • ⚠️Configuration is loaded from `.mcp-config.json` in the project directory (or parent directories) or `~/.nats-mcp/config.json`, with environment variables taking highest precedence.
Verified SafeView Analysis
The codebase appears robust against common application-level vulnerabilities. No 'eval', obfuscation, or hardcoded secrets were found. NATS credentials are sourced from environment variables or URL parsing. The primary security considerations are in the deployment environment, particularly ensuring proper network access controls (e.g., Kubernetes NetworkPolicies, cloud provider security groups) for the NATS server, especially when exposed via a LoadBalancer. Extensive use of JSON.parse is mitigated by validation layers for incoming messages and registry entries.
Updated: 2025-12-12GitHub
0
0
Low Cost
drkhannah icon
Sec9

This server provides a streamable HTTP API for retrieving real-time cryptocurrency prices using CoinGecko.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher
Verified SafeView Analysis
The code makes external HTTP requests to a known public API (CoinGecko) using standard practices. There are no 'eval' or similar dangerous functions detected. User input (crypto symbol) is used in query parameters, not directly in the URL path, mitigating injection risks. No hardcoded secrets are present in the provided code.
Updated: 2025-11-24GitHub
0
0
Medium Cost
Flowmatic-AI icon

sherlock-mcp-docs

by Flowmatic-AI

Sec2

This MCP server provides Dutch RVO data for subsidies, meldcodes, and address information, offering structured analysis and reporting capabilities for LLM clients.

Setup Requirements

  • ⚠️No authentication required or active, leading to public access to all server capabilities and data.
  • ⚠️Requires an MCP-compatible client (e.g., FastMCP Python client, Claude Desktop, VS Code MCP-plugin) to interact with the server.
Review RequiredView Analysis
The server explicitly states 'geen authenticatie actief (iedere client met de URL kan verbinden)'. This means there is no authentication layer, making the server and any data it exposes publicly accessible to anyone with the URL. This is a critical security vulnerability, as sensitive RVO data and tools are unprotected.
Updated: 2025-11-25GitHub
0
0
Low Cost
Sameernayeema8 icon

MCP-Server

by Sameernayeema8

Sec9

This server exposes an LLM with tools to interact with the PokéAPI, enabling it to fetch Pokémon data, list popular Pokémon, and assemble tournament squads.

Setup Requirements

  • ⚠️Requires Python 3.13+ as specified in `pyproject.toml`, which contradicts the `README.md`'s mention of Python 3.8+.
  • ⚠️Node.js may be required for certain LLM hosts, though not explicitly for the Python server itself.
Verified SafeView Analysis
The server uses `httpx` to interact with `pokeapi.co`. User input for Pokémon names is directly inserted into the API URL after being lowercased. There are no obvious `eval`, `exec`, or similar dangerous patterns. No hardcoded secrets or sensitive credentials are present in the provided source code. The main risk, if any, would be the robustness of the external PokéAPI to malformed inputs, which is outside this server's control.
Updated: 2026-01-19GitHub
0
0
Medium Cost
1olegshev icon

mcp-servers

by 1olegshev

Sec9

Synthesizes comprehensive release status reports by coordinating data from Jira and Slack servers, often for daily release readiness checks.

Setup Requirements

  • ⚠️Requires manual update of project paths in `.vscode/mcp.json`.
  • ⚠️API access tokens for Slack (XOXC/XOXD session tokens require browser extraction), Jira, and Confluence must be manually obtained and configured in the root `.env` file.
  • ⚠️For advanced Slack analysis features (issue detection, test classification), a local Ollama server must be running (e.g., `ollama serve`) with the specified Qwen3 model, requiring local LLM setup and suitable hardware.
Verified SafeView Analysis
The server correctly isolates sensitive API tokens by loading them from environment variables via a shared `env-loader.ts` utility, with explicit warnings in `MCP_SETUP.md` against hardcoding. Its primary mode of operation involves making internal MCP calls to other local Slack and Jira servers via `stdio` transport, which is a secure communication pattern. The Slack MCP server, a dependency, implements a critical security feature: it restricts the `send_message` tool to only the `#qa-release-status` channel, preventing arbitrary message posting. The Slack server also uses a local Ollama instance for LLM-based analysis, keeping data localized. The primary security concern lies with the powerful Slack `XOXC`/`XOXD` session tokens, which grant full user-level access and are equivalent to user credentials. Operators must ensure these tokens, along with Jira/Confluence API tokens, are managed with extreme care and never committed to version control. While the server's code handles these tokens securely, their inherent high privilege poses an operational risk if compromised externally.
Updated: 2026-01-19GitHub
0
0
Low Cost
chidamodu icon

MCP_server_knowhow

by chidamodu

Sec10

To practice and experiment with different implementations using a Minecraft Coder Pack (MCP) server.

Setup Requirements

  • ⚠️Requires a pre-existing or separately set up Minecraft Coder Pack (MCP) server environment to be useful for its stated goal.
Verified SafeView Analysis
The provided 'SOURCE CODE' only contains a README.md file. No executable code was available for security analysis. Thus, no 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns were found within the provided content.
Updated: 2026-01-17GitHub
0
0
Low Cost
ulasbilgen icon

mcp2rest

by ulasbilgen

Sec4

Manages multiple Model Context Protocol (MCP) servers and exposes their tools via a universal REST API, enabling access from any programming language.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️The REST API is unauthenticated; exposing it on a public network interface (e.g., 0.0.0.0) grants full control to anyone.
  • ⚠️Configuration files store API keys and other secrets in plaintext.
  • ⚠️Requires PM2 to be installed for robust service management (auto-installed via `npx pm2` if not present).
Review RequiredView Analysis
The REST API lacks built-in authentication and authorization. If the gateway is configured to listen on a non-localhost address (e.g., 0.0.0.0), it will be publicly accessible, allowing anyone to add/remove servers or execute tools. Configuration files (`~/.mcp2rest/config.yaml`) store API keys and other secrets in plaintext. While `npx` execution of child processes is generally safer than raw shell commands, the potential for a malicious MCP server package or unsanitized arguments passed to a spawned server could lead to vulnerabilities in the child process environment.
Updated: 2025-11-23GitHub
0
0
High Cost
stringtheoryaccelerator icon

publicmcp

by stringtheoryaccelerator

Sec7

Automates checking fire danger levels and applying for burn permits in Maine using web scraping.

Setup Requirements

  • ⚠️Requires Node.js (v18 or higher recommended) and npm/yarn.
  • ⚠️Requires Chrome/Chromium to be installed locally for Puppeteer to function.
  • ⚠️Web scraping can be fragile and break if target websites change their HTML structure, requiring code updates.
Verified SafeView Analysis
The server uses Puppeteer, which is a powerful web automation tool. It explicitly uses `--no-sandbox` for Puppeteer, which can pose a security risk if the environment is not adequately isolated or if the server were to navigate to a malicious, unvetted URL. However, the tools are hardcoded to interact with specific Maine government websites, reducing the risk of arbitrary malicious navigation. Input validation with Zod is present, which helps mitigate certain classes of input-related vulnerabilities. No hardcoded secrets or 'eval' were identified.
Updated: 2025-11-20GitHub
0
0
Medium Cost
ValentinTarnovsky icon

MCP-MCP

by ValentinTarnovsky

Sec7

Assists Minecraft Java plugin developers with documentation, dependency management, and project analysis.

Setup Requirements

  • ⚠️Requires Node.js 18+ installed.
  • ⚠️Global installation via `npm link` is recommended, which might require administrative privileges.
Verified SafeView Analysis
The server performs file system operations (read, stat, readdir) on a `project_path` provided by the user. While typically used in a developer's local environment, lack of explicit path sanitization could make it vulnerable to path traversal if the `project_path` input is malicious. Additionally, a hardcoded default `DEFAULT_PLUGINS_PATH` (`C:\Users\tarno\Desktop\OkiMC-Plugins`) specific to the developer's machine exists in `analyzePluginProject.ts`. This is a portability and minor security risk, though it's overridden by user input. External network calls are made to public Maven repositories (Maven Central, JitPack, Paper, GitHub API) to fetch dependency metadata, which is expected functionality and generally safe.
Updated: 2026-01-18GitHub
0
0
Low Cost
laoyouf icon
Sec9

Provides real-time weather information for specified cities by querying the wttr.in API, primarily for use within agent frameworks like HelloAgents.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires installation of 'hello-agents' and 'requests' Python packages.
  • ⚠️Requires internet connectivity to access the wttr.in weather API.
Verified SafeView Analysis
The server uses the 'requests' library to call the 'wttr.in' public API. User-provided city names are passed directly into the URL for the external API call. While 'wttr.in' is generally robust, passing unsanitized user input directly into a URL path could theoretically pose a minor risk if the external API had specific vulnerabilities, though the 'requests' library usually handles basic URL encoding. There are no direct uses of 'eval', 'exec', or 'os.system' with user input. No hardcoded secrets were found. Network requests include a timeout. Overall, it is quite safe for its intended purpose.
Updated: 2025-11-20GitHub
0
0
Medium Cost
CharlieAtki icon
Sec7

A multi-tenant cafe ordering platform integrating AI-powered shopping assistance and business analytics through a microservices architecture.

Setup Requirements

  • ⚠️Requires an OpenAI API Key for the AI Agent Service (which is a paid service).
  • ⚠️Requires Docker and Docker Compose for easy setup and running of all microservices.
  • ⚠️Multiple `.env` files must be manually created and configured in each service directory with specific environment variables (e.g., MongoDB URI, JWT secrets, Cloudinary URL, OpenAI API Key, service URLs).
Verified SafeView Analysis
The application employs standard security practices such as JWT-based authentication with refresh tokens, password hashing via bcryptjs, and CORS configuration. Environment variables are used for sensitive data, preventing hardcoding. However, storing JWT tokens in localStorage on the frontend (as implied by `api.js`) is vulnerable to XSS attacks, making `httpOnly` cookies a more secure alternative for refresh tokens. The AI agent's interaction with the backend involves forwarding the user's JWT, relying on the LLM's adherence to instructions not to expose this token. No 'eval' or other directly exploitable dangerous patterns were found.
Updated: 2025-12-11GitHub
PreviousPage 461 of 713Next