Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Sopralapanca icon

strudel-mcp-server

by Sopralapanca

Sec9

Provides an MCP (Multi-Modal Chat Protocol) interface for semantic search of Strudel.cc documentation and songs using vector embeddings.

Setup Requirements

  • ⚠️Requires a Supabase project with specific tables and 'match_documents' and 'match_songs' RPC functions configured (these RPCs are not defined in the provided code).
  • ⚠️Requires a Hugging Face API token (`HF_API_TOKEN`) for generating embeddings.
  • ⚠️The `populate_db.py` script requires a local `./chunks` directory containing `.txt` documentation files.
Verified SafeView Analysis
Environment variables are used correctly for API keys, avoiding hardcoded secrets. No obvious 'eval' or dangerous shell commands. The server enables CORS for all origins ('*'), which is a common configuration for public APIs but should be considered if tighter access control is required.
Updated: 2025-11-30GitHub
0
0
Medium Cost
OmarA1-Bakri icon

sales-automation-mcp

by OmarA1-Bakri

Sec9

An intelligent agentic AI assistant for autonomous sales prospecting, lead generation, data enrichment, CRM integration, and multi-channel outreach automation.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for core infrastructure (PostgreSQL, Redis, API server).
  • ⚠️Requires Node.js 18+ and npm for local development of the desktop app and API.
  • ⚠️Requires obtaining multiple API keys for various external services (Anthropic/Gemini, HubSpot, Lemlist, Explorium, Postmark, Phantombuster, HeyGen) which may involve sign-ups and potential costs.
Verified SafeView Analysis
The codebase demonstrates a strong commitment to security with multiple layers of protection. Key strengths include: explicit prompt injection guard (`PromptInjectionGuard.ts`), robust API key management using Argon2id hashing and scoped access (`ApiKey.cjs`, `authenticate-db.js`), comprehensive input validation via Zod (`middleware/validate.js`), secure webhook handling (`middleware/webhook-auth.js`, `middleware/webhook-ip-whitelist.js`), and protection against prototype pollution (`utils/prototype-protection.js`). The use of `helmet` for security headers and `express-rate-limit` is also positive. Potential areas for vigilance (though generally well-handled) include raw SQL queries in specific contexts (though parameterized by Sequelize) and ensuring all external API integrations handle data securely and adhere to rate limits (addressed by circuit breakers). The `your_redis_password_here` placeholder in `restart-dev.sh` is a minor potential oversight if not replaced.
Updated: 2025-12-14GitHub
0
0
Medium Cost
Som23Git icon
Sec7

AI-powered conversational expense tracking and querying via Telegram, leveraging AWS Bedrock LLMs and Elasticsearch's Agent Builder for ingestion and retrieval.

Setup Requirements

  • ⚠️Requires a running n8n instance to host the workflow.
  • ⚠️Requires an AWS account with Bedrock access, specifically for `Claude-3.5-Sonnet-v2` and setting up an AWS Bedrock inference endpoint.
  • ⚠️Requires an Elasticsearch Cloud/Serverless instance with specific index mappings (including `semantic_text` field linked to an inference ID).
  • ⚠️Requires API keys/credentials for Telegram, Sarvam STT, AWS, and Elasticsearch to be configured securely within n8n's credential manager.
  • ⚠️The workflow includes a hardcoded Telegram user ID for access control, needing modification for other users or multi-user scenarios.
  • ⚠️The query agent's prompt explicitly instructs LLMs to interpret relative dates as referring to the year 2025 by default, which is a significant design constraint.
Verified SafeView Analysis
The system relies on n8n's credential management for sensitive API keys (Telegram, AWS, Elasticsearch, Sarvam STT), which is a good practice. LLM outputs are explicitly parsed for JSON objects with custom code, avoiding dangerous functions like `eval`. A hardcoded user ID is used for access control, which is basic but effective for a personal bot. The `_example.json` shows placeholders, emphasizing the need for secure configuration over hardcoding. General LLM hallucination is acknowledged as a risk.
Updated: 2025-11-28GitHub
0
0
Low Cost
yeonisekim icon

mcp-server

by yeonisekim

Sec9

This project demonstrates building and interacting with a simple Remote Procedure Call (RPC) server using the FastMCP framework, exposing callable tools over HTTP.

Setup Requirements

  • ⚠️Python 3.14+ required
Verified SafeView Analysis
The provided code snippets are simple and do not contain obvious security risks such as `eval`, `exec`, or hardcoded secrets. The 'greet' function performs basic string formatting, and the server runs locally. The overall security relies on the robustness and security practices of the `fastmcp` library itself.
Updated: 2025-12-14GitHub
0
0
Medium Cost
tascio icon
Sec3

A Dockerized Raspberry Pi 4 monitoring system that collects thermal, environmental, power, and device-level data from various sensors and a Device Under Test (WET White Rabbit board), providing real-time data via REST APIs and WebSockets.

Setup Requirements

  • ⚠️Requires Raspberry Pi 4 with Debian 13 (Trixie) or compatible OS.
  • ⚠️Requires physical sensor hardware: MLX90640, BME688, MCP3424, a compatible Lab PSU (e.g., Keysight, RS), and a WET White Rabbit board.
  • ⚠️Docker and Docker Compose are essential for deployment.
  • ⚠️Requires I2C bus and USB serial port (`/dev/i2c-1`, `/dev/ttyUSB0`) to be available and accessible within Docker containers, configured via `privileged: true`.
Review RequiredView Analysis
The system relies on `sshpass` for SSH connections, using passwords (potentially empty or from `settings.cfg`) and disabling host key checking (`StrictHostKeyChecking=no`), which is a major security vulnerability. The `api_manager` Docker container runs with `privileged: true`, granting it full access to the host, significantly increasing the attack surface if the container is compromised. Secrets (SSH passwords) are poorly managed, being stored in a configuration file (`settings.cfg`). Broad CORS enablement without origin restrictions could lead to XSS vulnerabilities if not properly configured at the NGINX level.
Updated: 2025-12-03GitHub
0
0
High Cost
kiki830621 icon

che-pdf-mcp

by kiki830621

Sec4

A Swift-native MCP server for high-performance PDF document manipulation, including text extraction, OCR, merging, splitting, and conversion, using macOS native frameworks.

Setup Requirements

  • ⚠️Requires macOS 13.0+ (Ventura or later) for operation.
  • ⚠️Requires Swift 5.9+ development environment for compilation from source.
  • ⚠️This server is designed to be integrated with an AI agent framework (MCP) like Claude Code or Claude Desktop, not for standalone direct user interaction via CLI.
  • ⚠️Potential network security risk if the `pdf_url_fetch` tool is exposed to untrusted inputs without proper host validation or a sandboxed execution environment.
Review RequiredView Analysis
The `pdf_url_fetch` tool allows fetching PDFs from arbitrary URLs (`URLSession.shared.data(from: url)` without host validation or allowlist checks). This could be abused for Server-Side Request Forgery (SSRF) or to download malicious files from untrusted sources, potentially exposing the host system. The `PDFError.hostNotAllowed` is defined but not implemented for host validation. File write operations for outputs like merged PDFs, extracted images, or saved documents could lead to arbitrary file writes if the `output_path` or `output_directory` parameters are not properly sanitized or restricted by the calling environment. No `eval` or dynamic code execution found.
Updated: 2026-01-19GitHub
0
0
Medium Cost
CharlieKerfoot icon

code-execution-mcp

by CharlieKerfoot

Sec9

Enables AI models to execute code in a sandboxed remote environment via a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires manual configuration within the Claude for Desktop config file, specifying an absolute path to the server's executable.
  • ⚠️Relies on the availability and security of the external Piston API (emkc.org) for all code execution.
Verified SafeView Analysis
The server itself does not execute user-provided code directly. It delegates all code execution to the external Piston API (emkc.org), which is designed to provide a secure, sandboxed environment. This significantly mitigates direct arbitrary code execution vulnerabilities on the local MCP server. No 'eval' or similar patterns for local execution were found, nor were any hardcoded secrets identified in the provided source.
Updated: 2025-11-23GitHub
0
0
High Cost
kurojs icon

wayland-mcp

by kurojs

Sec3

Enables AI assistants to interact with a Wayland desktop for automation, including screenshot capture, VLM analysis, mouse, and keyboard control.

Setup Requirements

  • ⚠️Requires `sudo ./setup.sh` to configure system-wide permissions (setuid, sudoers, udev rules) for input control, which grants high privileges and introduces significant security risks.
  • ⚠️Requires an API key for either OpenRouter (`OPENROUTER_API_KEY`) or Google Gemini (`GEMINI_API_KEY`) for VLM analysis, both of which are paid services.
  • ⚠️Requires specific Wayland environment variables (`XDG_RUNTIME_DIR`, `WAYLAND_DISPLAY`) to be correctly configured for screenshot and input functionality.
Review RequiredView Analysis
The `setup.sh` script performs highly privileged operations, including installing `evemu-tools`, setting the `setuid` bit on `evemu-event`, adding a `NOPASSWD` sudoers rule for `evemu-event`, and changing permissions on `/dev/input/event*` to `0666`. This grants the Wayland MCP server extensive and low-level control over keyboard and mouse input, which is a significant security risk if the server or a connected AI client were compromised. The README explicitly warns about this.
Updated: 2025-11-29GitHub
0
0
Low Cost
FoxLauren icon

mcp-time-server

by FoxLauren

Sec9

Provides lightweight, cross-platform time and date manipulation utilities via an MCP server.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Manual JSON configuration for Claude Desktop integration requires absolute paths, which can be error-prone.
  • ⚠️Unsigned executables on Windows/macOS require user security bypass (e.g., 'Run anyway' or 'Allow Anyway' in system settings).
  • ⚠️On Windows, when running from source, the `tzdata` package is required.
Verified SafeView Analysis
The server uses only standard Python libraries (datetime, zoneinfo, time) and the FastMCP framework for its core logic. No 'eval', 'exec', or direct shell commands are used within the date/time functions. There are no hardcoded secrets or indications of unusual network activity beyond the MCP protocol itself. The `build.py` script uses `subprocess.run` for PyInstaller, which is standard. The primary security 'friction' is the operating system flagging unsigned executables, which is a common occurrence for open-source projects and not indicative of malicious code.
Updated: 2025-11-21GitHub
0
0
Medium Cost
qontinui icon

qontinui-mcp

by qontinui

Sec3

Provides an MCP interface for Qontinui Runner, enabling AI-driven visual automation, testing, and debugging workflows.

Setup Requirements

  • ⚠️Requires Qontinui Runner desktop application to be running locally.
  • ⚠️Requires Python 3.12+.
  • ⚠️Relies on specific environment variables (e.g., `QONTINUI_RUNNER_HOST`, `QONTINUI_RUNNER_PORT`) for configuration, with WSL-aware defaults.
Review RequiredView Analysis
The `execute_python` tool (Area G) allows the AI to run arbitrary Python code with specified dependencies directly on the host machine where the `qontinui-runner` is operating. While intended for legitimate automation tasks and protected by an `EXECUTE` permission level, this presents a critical security vulnerability. If an untrusted AI (e.g., via a malicious prompt injection) gains or misuses this permission, it can lead to arbitrary code execution and potential system compromise. The `awas_execute` tool, while designed for standardized web interactions, could also be misused by the AI to interact with malicious external APIs or leak sensitive credentials. The presence of a permission system is a positive feature, but the inherent risk of arbitrary code execution via `execute_python` significantly lowers the overall security score.
Updated: 2026-01-18GitHub
0
0
Low Cost
Sec9

The server exposes cryptocurrency market data via MCP for AI applications to access real-time market information.

Setup Requirements

  • ⚠️Python 3.9 or higher is required
  • ⚠️Requires Groq API Key (for Groq agent functionality)
  • ⚠️CoinGecko API rate limiting may apply
Verified SafeView Analysis
Interacts with external CoinGecko API. No apparent 'eval' or direct network listeners. Relies on stdio for client-server communication. The Groq agent requires an external API key.
Updated: 2025-11-24GitHub
0
0
Low Cost
alestmej icon

mcp-stdio-server

by alestmej

Sec8

This server acts as a Model Context Protocol (MCP) tool provider, allowing AI chats to query and potentially control Electrolux smart home appliances by integrating with the Electrolux Cloud API.

Setup Requirements

  • ⚠️Requires Electrolux API Key and JWT Token from the Electrolux Developer Portal (requires signup).
  • ⚠️Requires Java and Maven to build/run standalone, or Docker for containerized deployment.
  • ⚠️Integration is currently only explicitly verified for Claude Desktop.
Verified SafeView Analysis
The server design is straightforward, primarily acting as a proxy for Electrolux API GET requests. It handles API keys and JWT tokens dynamically passed from the AI assistant, rather than hardcoding them or reading them from the environment. No 'eval' or obfuscation is present. Input validation for `applianceId` is not explicitly shown, but for GET requests, this is typically less critical than for write operations. The primary security consideration lies in the secure handling of API keys and JWT tokens by the AI assistant and the robustness of the Electrolux API itself.
Updated: 2025-12-29GitHub
PreviousPage 474 of 713Next