Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
ericstj icon

dotnetMcpCli

by ericstj

Sec7

A command-line interface for interacting with and managing Model Context Protocol (MCP) servers.

Setup Requirements

  • ⚠️Requires .NET 10.0 SDK or later to build and run.
  • ⚠️Requires external Model Context Protocol (MCP) servers to interact with; the default configuration launches an MCP server via 'npx', implying 'npm' or 'Node.js' must be installed.
  • ⚠️The client launches configured MCP servers as child processes, requiring the user to trust the specified server commands.
Verified SafeView Analysis
The application's core functionality involves launching and interacting with user-defined MCP server executables via the 'Command' and 'Args' configuration in appsettings.json. This design inherently means that the security of the overall system heavily relies on the user configuring and trusting legitimate MCP server processes. The application itself appears to use modern .NET practices and does not exhibit obvious vulnerabilities like 'eval', obfuscation, or hardcoded secrets. However, if configured with a malicious or untrusted server command, it could pose a significant risk.
Updated: 2025-11-20GitHub
0
0
Low Cost
crogers2287 icon

npm-mcp

by crogers2287

Sec8

Manages Nginx Proxy Manager configurations and operations through MCP-compatible AI assistants.

Setup Requirements

  • ⚠️Requires Node.js 18+, npm, and jq to be installed.
  • ⚠️Requires an existing and accessible Nginx Proxy Manager instance.
  • ⚠️Requires setting `NPM_HOST`, `NPM_EMAIL`, and `NPM_PASSWORD` (and optionally `NPM_PORT`, `NPM_HTTPS`) environment variables for the NPM API connection.
Verified SafeView Analysis
The server uses environment variables for configuration, including `NPM_PASSWORD`. The automated installer writes these to a `.env` file with `chmod 600`, which is a good practice for restricting file access to the owner. The `NPMApiClient` handles authentication by acquiring and managing a bearer token in memory, with proper expiry logic. The server itself acts as a proxy to the Nginx Proxy Manager API; thus, the overall security largely depends on the robustness of the underlying NPM API and the security of the NPM instance. No 'eval' or arbitrary command execution patterns were found in the core server logic (`src/index.ts`, `src/api-client.ts`). The `install.sh` script utilizes `sudo` for `jq` installation, which is a common practice for shell installers.
Updated: 2025-11-26GitHub
0
0
Medium Cost
build-failure icon
Sec4

Deploys an Amazon Bedrock AgentCore MCP gateway with IAM/JWT authentication, supporting multiple integration targets like JIRA and Snowflake.

Setup Requirements

  • ⚠️Requires manual creation and configuration of a 'config.json' file for gateway and integration settings.
  • ⚠️Requires an AWS account with access to Amazon Bedrock, Cognito, IAM, S3, and Secrets Manager.
  • ⚠️For AgentCore built-in integrations, a manual step is required to determine the 'agentCoreSchemasBucket' name by creating a JIRA integration in the AWS Bedrock console.
  • ⚠️External service accounts and credentials (e.g., Snowflake, JIRA API keys) are required for respective integration targets.
Review RequiredView Analysis
The IAM policies for the Bedrock AgentCore Gateway's execution role and custom resources utilize `*` for `bedrock-agentcore:*` and `secretsmanager:*` resources. This grants overly broad permissions that violate the principle of least privilege. While API keys are stored in Secrets Manager, such extensive access poses a significant security risk if the gateway or associated custom resources are compromised, making it unsuitable for production environments without substantial hardening of IAM policies.
Updated: 2025-11-19GitHub
0
0
Low Cost

MCPServer-1

by jubeju555

Sec3

A minimal Model Context Protocol (MCP) server providing developer tools, primarily file operations, for AI assistants.

Review RequiredView Analysis
The server provides unrestricted file read/write access to the host filesystem (within the server's process permissions) via `read_file` and `write_file` tools. There are no path sanitization or sandboxing mechanisms beyond basic file existence and type checks. This means a malicious or compromised client could potentially read sensitive system files, overwrite critical files, or exfiltrate data. Running this server without strict external sandboxing poses a significant security risk to the host system.
Updated: 2025-11-29GitHub
0
0
Medium Cost
ivossos icon
Sec6

Oracle FCCS agentic server for financial consolidation, data management, and performance analytics with MCP and Web API support.

Setup Requirements

  • ⚠️Requires an Oracle FCCS instance and credentials (or `FCCS_MOCK_MODE=true` for local development/testing).
  • ⚠️Python 3.10 or higher is required.
  • ⚠️PostgreSQL is recommended for production database persistence (SQLite is used for development by default, with a hardcoded default password in the config file if `DATABASE_URL` is not set).
  • ⚠️Additional Python packages (e.g., `streamlit`, `plotly`, `pandas`, `reportlab`) are required for the dashboard and PDF generation scripts.
Verified SafeView Analysis
The project uses environment variables for sensitive FCCS credentials (URL, username, password), which is a standard practice but requires secure configuration in production (e.g., using secret managers). The default `DATABASE_URL` in `fccs_agent/config.py` hardcodes 'password' for a PostgreSQL connection, which is a critical security risk if not explicitly overridden by an environment variable in any deployment scenario, including local development. Cloud Run deployment explicitly uses `--allow-unauthenticated` which makes the service publicly accessible; this is acceptable if intended for a public API gateway to an agent, but requires careful consideration of the data exposed. Reliance on external Oracle FCCS for actual data processing means external system security is also a factor. No 'eval' or obvious malicious obfuscation detected.
Updated: 2025-12-14GitHub
0
0
Low Cost
Grupo-AFAL icon
Sec3

The SmartSuite MCP Server provides a robust API client and caching layer for interacting with the SmartSuite API, designed for efficiency and token optimization with AI models.

Setup Requirements

  • ⚠️Requires a SmartSuite Test Account with API access enabled (production credentials are strongly warned against).
  • ⚠️Local file attachment requires AWS credentials (AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY or SMARTSUITE_AWS_PROFILE) and an S3 bucket configured with server-side encryption, a lifecycle policy for cleanup, and CORS for SmartSuite to fetch files.
  • ⚠️For local testing/development, environment variables for credentials are used, but integration tests specifically load from a local `.env` file instead of shell environment for isolation.
Review RequiredView Analysis
CRITICAL: The server explicitly disables SSL/TLS certificate verification (`OpenSSL::SSL::VERIFY_NONE`) for both SmartSuite API and AWS S3 connections. This makes the system highly vulnerable to Man-in-the-Middle (MITM) attacks, allowing attackers to intercept, read, and modify sensitive data exchanged with SmartSuite and AWS S3. This is a severe security risk. Credentials (SmartSuite API keys, AWS keys) are managed via environment variables, which is standard but requires secure deployment practices.
Updated: 2026-01-17GitHub
0
0
Medium Cost
Videothek icon

xo-mcp-server

by Videothek

Sec9

This server integrates with Xen Orchestra to provide AI agents with tools for managing virtual machines, backup jobs, backup logs, and backup repositories.

Setup Requirements

  • ⚠️Requires an active Xen Orchestra instance.
  • ⚠️Requires Xen Orchestra API Token (`XO_API_TOKEN`).
  • ⚠️Requires Xen Orchestra Base URL (`XO_BASE_URL`).
  • ⚠️Designed to be run as a Docker container within the Docker MCP Gateway ecosystem.
Verified SafeView Analysis
The server uses environment variables for sensitive information like `XO_API_TOKEN` and `XO_BASE_URL`, which is good practice. It utilizes the `httpx` library for HTTP requests and explicitly supports SSL/TLS verification through `httpx_verify` and `CERT_PATH`. No `eval` or similar dangerous functions are used. The primary security considerations are proper configuration of `XO_BASE_URL` to a trusted Xen Orchestra instance and securing the `XO_API_TOKEN`.
Updated: 2026-01-05GitHub
0
0
Low Cost
billy1234 icon

ClaudeJarvis

by billy1234

Sec7

A self-hosted Model Context Protocol (MCP) server enabling AI agents to manage personal tasks like todos, shopping lists, and reminders.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for deployment.
  • ⚠️Requires OpenSSL, mkcert, or certbot for SSL certificate generation.
  • ⚠️Requires manual configuration of a `.env` file with database credentials and port settings.
  • ⚠️Local development with custom domains or IPs requires manual `hosts` file entries.
Verified SafeView Analysis
The project uses environment variables for sensitive database credentials and advocates for HTTPS via Nginx. The backend `main.go` is currently minimal, lacking complex logic that could introduce vulnerabilities, but the project documentation (MCP_JARVIS.md) outlines a robust OAuth2 implementation with bcrypt hashing, token management, and CSRF protection for future phases. Critical security notes from the README include exposing PostgreSQL (5432) and MCP Server (8080) ports for development, explicitly advising users to restrict these in a production environment. There is no `eval` or similar dangerous patterns in the provided source code.
Updated: 2026-01-16GitHub
0
0
Medium Cost
jayden9530 icon
Sec9

This server provides current and forecasted weather data for specific geographical coordinates as a tool callable by an AI agent.

Setup Requirements

  • ⚠️Python 3.11+ required
Verified SafeView Analysis
The source code does not contain 'eval', obfuscation, or hardcoded secrets. It makes a standard, asynchronous HTTP GET request to a public weather API. The direct conversion of the API response to a string for return is a design choice that could expose raw external API error messages, but it's not a direct security vulnerability of this server.
Updated: 2025-12-11GitHub
0
0
Low Cost
RichardDillman icon

innerVoice

by RichardDillman

Sec8

Enables two-way communication between Claude instances and a user via Telegram, supporting real-time notifications, interactive questions, and remote control of Claude projects including spawning and managing processes.

Setup Requirements

  • ⚠️Requires manual creation and configuration of a Telegram Bot via @BotFather, including obtaining and setting the bot token in the `.env` file.
  • ⚠️Requires `pnpm` for dependency management; users without it need to install it globally (`npm install -g pnpm`) prior to setup.
  • ⚠️Initial Claude MCP server setup requires manual configuration in Claude's settings file (`~/.config/claude-code/settings/mcp.json`) or via `claude mcp add` command with the absolute path to the `mcp-server.js` script.
  • ⚠️For background operation, `pm2` is recommended and must be installed globally (`npm install -g pm2`).
Verified SafeView Analysis
The server operates locally by default, binding to `localhost:3456`, which limits external network exposure. It correctly utilizes environment variables (`TELEGRAM_BOT_TOKEN`) for sensitive API keys, preventing hardcoding. The `spawnClaude` function executes shell commands (`claude`), but uses an array of arguments, mitigating direct command injection from user input. Project-specific `.env` files are loaded for spawned processes, which could be a risk if a malicious `.env` is registered by the user. The `PermissionRequest.sh` hook makes a local `curl` call, which is safe in its current form. Overall, the architecture is reasonably secure for its intended single-user, local-machine deployment, with primary risks related to user-supplied project paths or intentional misuse by the owner.
Updated: 2025-12-07GitHub
0
0
Low Cost
CYBERTESLA icon
Sec9

A simple microservice providing basic arithmetic and random number generation tools via the FastMCP protocol.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher
Verified SafeView Analysis
The server's source code is very simple and performs basic, isolated mathematical operations. It does not use 'eval' or similar dangerous functions, access files, or expose any known vulnerabilities. There are no hardcoded secrets found in the provided code. The server binds to '0.0.0.0' which is common but means it's accessible externally if not firewalled.
Updated: 2025-12-13GitHub
0
0
Medium Cost
malston icon

bosh-mcp-server

by malston

Sec6

Provides BOSH Director operations to AI assistants for infrastructure diagnostics, inspection, and deployment management.

Setup Requirements

  • ⚠️Requires Go 1.21+ for building from source.
  • ⚠️Requires access to a BOSH Director and appropriate credentials (environment variables, ~/.bosh/config, or Ops Manager credentials).
  • ⚠️Requires the `om` CLI tool to be installed and configured if Ops Manager authentication fallback is used.
Review RequiredView Analysis
The BOSH API client defaults to `InsecureSkipVerify: true` for TLS connections if no BOSH_CA_CERT is provided or successfully loaded, posing a critical Man-in-the-Middle risk in production. It executes the `om` CLI tool (`om bosh-env`) to fetch credentials, relying on its presence and security. Handles sensitive BOSH Director/UAA credentials, which must be secured by the user. Uses a confirmation token system and configurable blocked operations for destructive commands, which is a good security practice.
Updated: 2025-11-26GitHub
PreviousPage 472 of 713Next