Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
j0hanz icon
Sec9

Provides an in-memory server for structured, sequential thinking with revision support, exposing a single MCP tool for AI agents.

Setup Requirements

  • ⚠️Requires Node.js version >= 20.0.0
  • ⚠️Requires an MCP client (e.g., VS Code, Cursor, Claude Desktop, Windsurf) for interaction
  • ⚠️In-memory thought history is ephemeral and lost on server shutdown
Verified SafeView Analysis
The server itself runs over stdio, limiting direct network exposure. Input validation is performed using Zod schemas, which helps prevent common injection vulnerabilities. No hardcoded secrets or 'eval' statements are found in the core application logic. The 'execSync' command is present in a benchmark script for CPU pinning, but this is a development utility and not part of the deployed server's runtime, thus it does not impact the server's operational security. Overall, good security practices are evident for its design.
Updated: 2026-01-19GitHub
0
0
Low Cost
apisani1 icon

mcp-multi-server

by apisani1

Sec7

Orchestrates multiple Model Context Protocol (MCP) servers, aggregating their capabilities (tools, resources, prompts) for unified access and intelligent routing, particularly useful for AI agents.

Setup Requirements

  • ⚠️Requires OPENAI_API_KEY environment variable for OpenAI integration (a paid service).
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires 'poetry' installed and configured, and project dependencies ('poetry install --extras examples') for running example servers and clients.
Verified SafeView Analysis
The 'eval' function is used in 'tests/conftest.py' within a mock for a 'calculate' tool. This is in test code, not directly in the production client library, and its purpose is for mocking a tool invocation. While 'eval' can be highly dangerous if used with untrusted input in production, its isolated use in testing does not directly expose the 'mcp-multi-server' client library to runtime 'eval' vulnerabilities. A key aspect of this library is its reliance on 'mcp_servers.json' to define commands for starting external MCP server processes. This design implies a trust relationship: the user (or system administrator) is responsible for ensuring that the commands specified in 'mcp_servers.json' are safe and trustworthy, as the MultiServerClient will execute them. Maliciously crafted server configurations could lead to arbitrary code execution outside the scope of the library itself.
Updated: 2025-12-08GitHub
0
0
Medium Cost
Hsidhu icon
Sec6

Integrate LLMs with Invoice Shelf for managing customers, invoices, and estimates through a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Node.js v18 or higher.
  • ⚠️Requires an existing Invoice Shelf instance.
  • ⚠️Requires an API Token from Invoice Shelf, which might need to be generated using provided scripts and Invoice Shelf credentials (username/password).
  • ⚠️Disabling SSL certificate validation (`NODE_TLS_REJECT_UNAUTHORIZED=0`) is enabled by default in `src/index.ts` for local development/testing, posing a critical security risk if used in production.
Verified SafeView Analysis
The server explicitly sets `process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";` in `src/index.ts`, which disables SSL certificate validation. While the README warns against using this in production, its direct inclusion in the main entry point is a critical security vulnerability, as it makes the application susceptible to Man-in-the-Middle (MITM) attacks if deployed with this setting. No `eval` or obfuscation was found. API tokens are managed via environment variables, which is a good practice.
Updated: 2025-11-24GitHub
0
0
Medium Cost
k5tuck icon
Sec8

Provides a Model Context Protocol (MCP) interface to the Binelek Platform's knowledge graph, search, AI, and data pipeline services.

Setup Requirements

  • ⚠️Requires a running Binelek API Gateway instance (e.g., at `http://localhost:8092`)
  • ⚠️Requires a JWT token for full functionality, obtained via Binelek platform authentication
  • ⚠️Requires Node.js 18.0.0 or higher
Verified SafeView Analysis
The server acts as a proxy, forwarding requests to a configurable API Gateway. It does not contain hardcoded secrets or use dangerous functions like `eval`. All external calls go to `BINELEK_GATEWAY_URL`. Direct arguments from the MCP client are passed to gateway functions (e.g., Cypher queries, YAML content), which could pose a risk if the backend services (reachable via the gateway) are not robustly validating or sanitizing these inputs. However, this is inherent to powerful tool-calling agents and implies the backend services are responsible for deep input validation.
Updated: 2025-11-22GitHub
0
0
Low Cost
stevensblueprint icon

blueprint_mcp

by stevensblueprint

Sec9

Minimal Model Context Protocol (MCP) server for integrating custom tools with AWS Bedrock AgentCore.

Setup Requirements

  • ⚠️Python 3.10+ required for AWS Bedrock AgentCore deployment.
  • ⚠️AWS credentials must be configured for cloud deployment.
  • ⚠️An OAuth provider (e.g., AWS Cognito) is required for production deployment with AWS Bedrock AgentCore.
Verified SafeView Analysis
The provided server code is minimal, defining simple, non-malicious tools. It relies on the `mcp` library for protocol handling and `FastMCP` for the server implementation, which are presumed to be robust. No 'eval' or direct dangerous patterns are observed. The server itself does not handle sensitive data or external APIs directly. Deployment notes indicate OAuth is supported by AgentCore for production environments, enhancing security.
Updated: 2025-12-10GitHub
0
0
Low Cost
franciscocunha55 icon

kubernetes-mcp-server

by franciscocunha55

Sec2

This server exposes a set of Kubernetes cluster management tools (e.g., listing namespaces) and a basic 'hello world' utility via the Mark3Labs Protocol (MCP) over standard I/O or HTTP.

Setup Requirements

  • ⚠️Requires access to a Kubernetes cluster.
  • ⚠️Relies on a valid `~/.kube/config` file for Kubernetes authentication.
  • ⚠️If building from source, requires a Go development environment.
Review RequiredView Analysis
The server, when run in HTTP mode, exposes Kubernetes API functionality (e.g., listing namespaces) over an unauthenticated endpoint at `http://localhost:8080/mcp`. This allows any entity with network access to the server to perform Kubernetes operations with the permissions granted by the `~/.kube/config` file used by the server. This is a critical security vulnerability for a network-facing service and makes it unsafe to expose to untrusted networks or users without additional, external authentication/authorization layers.
Updated: 2025-12-10GitHub
0
0
Low Cost
robinmordasiewicz icon

f5xc-auth

by robinmordasiewicz

Sec9

Provides robust authentication and XDG-compliant profile management for Node.js applications interacting with F5 Distributed Cloud MCP (Multi-Cloud Platform) servers.

Setup Requirements

  • ⚠️Requires Node.js >= 18 environment.
  • ⚠️Requires valid F5 Distributed Cloud tenant credentials (API token, P12 certificate, or cert/key pair) for authenticated operations.
  • ⚠️Profile management involves file system access, requiring appropriate user permissions for `~/.config/f5xc/` and `~/.local/state/f5xc/` (or `XDG_CONFIG_HOME`/`XDG_STATE_HOME`).
Verified SafeView Analysis
The library demonstrates strong security practices. It uses XDG-compliant directories for profile storage, enforcing secure file permissions (0o600 for profiles, 0o700 for config directories). Critical path validation is implemented in `src/utils/path-security.ts` to prevent directory traversal attacks, including checks for null bytes and `..` patterns, before reading sensitive files (P12 bundles, certificates, keys). TLS verification is enabled by default, with explicit warnings printed to stderr and logs if `F5XC_TLS_INSECURE` is set. API tokens are masked in logs. Credentials are sourced from environment variables or profiles, avoiding hardcoding. The overall design prioritizes secure handling of sensitive information and file access.
Updated: 2026-01-16GitHub
0
0
Low Cost
Rajeshk0712 icon

ess-mcp-server

by Rajeshk0712

Sec8

This server provides a Micro-Copilot Protocol (MCP) interface to create mock food orders via "HungerBox" and generate dynamic greetings, intended for integration with conversational AI agents like Microsoft Copilot Studio.

Setup Requirements

  • ⚠️Requires Python 3.13+
  • ⚠️Requires `uv` package manager (installed via curl script)
Verified SafeView Analysis
The `startup.sh` script uses `curl | sh` to install `uv`, which is a common but generally discouraged practice due to potential supply chain risks. The `create_order` function currently mocks responses but notes a future need for 'credentials management' for Playwright automation, which will require careful secure handling if implemented. No hardcoded secrets or arbitrary code execution are present in the provided Python code.
Updated: 2025-11-25GitHub
0
0
Medium Cost
snirt icon

fzf-mcp

by snirt

Sec8

A high-performance MCP server for fuzzy searching files, content, and Git operations within a codebase.

Setup Requirements

  • ⚠️Requires Go 1.25+ (managed with `mise`)
  • ⚠️Optional: `ripgrep` for faster content search (falls back to native Go search if not found)
  • ⚠️Requires `git` command for Git integration tools
Verified SafeView Analysis
The server uses `exec.Command` to invoke external tools like `git` and `ripgrep`. Arguments are passed as separate strings, which generally mitigates shell injection risks. No `eval` or direct network listeners are present. The primary security consideration would be ensuring the integrity and security of the `git` and `ripgrep` executables themselves, and potential ReDoS vulnerabilities if the user-provided regex patterns are overly complex. No hardcoded secrets were identified.
Updated: 2025-11-19GitHub
0
0
Low Cost

contexta-cli

by usecontexta

Sec10

Provides local code context to AI assistants via a zero-configuration Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Python and pip for installation
Verified SafeView Analysis
Operates fully locally with no data sent to cloud. Starts a local HTTP server (127.0.0.1) for AI assistant communication, not publicly exposed.
Updated: 2025-11-19GitHub
0
0
Medium Cost
crew-of-one icon

mcp-server--atlassian

by crew-of-one

Sec9

Integrates Jira and Confluence functionalities with the Model Context Protocol (MCP), enabling AI agents to interact with Atlassian services for collaboration, project management, and knowledge base tasks.

Setup Requirements

  • ⚠️Requires an active Atlassian Jira and/or Confluence instance with appropriate API token, Personal Access Token (PAT), or OAuth 2.0 credentials configured.
  • ⚠️The OAuth 2.0 setup requires a local HTTP server callback, which may necessitate specific firewall rules or port availability (default 8000) on the host machine for successful authentication flow.
  • ⚠️Extensive use of environment variables for configuration. While flexible, this requires careful setup and management of many variables for full functionality (e.g., JIRA_URL, CONFLUENCE_API_TOKEN, ATLASSIAN_OAUTH_CLIENT_ID, proxy settings, etc.).
Verified SafeView Analysis
The server correctly leverages environment variables and a Python keyring for sensitive data (API tokens, OAuth credentials), avoiding hardcoded secrets. It supports configurable SSL verification and proxy settings, allowing secure network configurations. The `UserTokenMiddleware` handles authentication headers for incoming requests. Content processing (Markdown/HTML conversion) is performed using established libraries and temporary file cleanup. No direct `eval()` calls or immediately obvious malicious patterns were found. Minor risks related to external libraries or improper input sanitization in specific, less common code paths might theoretically exist, but the core design appears robust.
Updated: 2025-12-14GitHub
0
0
Low Cost
mikluko icon

mcp-proxy

by mikluko

Sec9

This Go proxy connects Model Context Protocol (MCP) clients to remote MCP servers, providing OAuth 2.0 authentication, flexible transport strategies, and tool filtering capabilities.

Setup Requirements

  • ⚠️Initial OAuth 2.0 authorization requires opening a browser and user interaction for login.
  • ⚠️Requires Go installed if installing from source (`go install`).
  • ⚠️Requires network access to the upstream MCP server.
Verified SafeView Analysis
The project demonstrates robust security practices, including OAuth 2.0 with PKCE, binding OAuth callback to localhost, and origin validation for SSE endpoints. No dynamic code execution or hardcoded secrets were found. A minor theoretical risk exists with `patternToRegex` if untrusted input were to be used for tool ignore patterns, but this is typically controlled by an administrator via CLI arguments.
Updated: 2025-11-23GitHub
PreviousPage 476 of 713Next