Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
AnoushkaScaria icon

atlass-mcp-server

by AnoushkaScaria

Sec9

Provides a Model Context Protocol (MCP) server to automate interactions with Jira and Confluence.

Setup Requirements

  • ⚠️Requires active Jira and Confluence accounts with API access.
  • ⚠️Requires generation of Jira and Confluence API tokens for authentication.
  • ⚠️Python dependencies must be installed via `pip install -r requirements.txt`.
Verified SafeView Analysis
The server correctly uses environment variables for storing API keys and other sensitive credentials, preventing hardcoded secrets. There are no 'eval' statements, obfuscation, or immediately apparent malicious patterns. Network requests are made to specified Jira and Confluence URLs using standard authentication methods. Security primarily relies on the secure handling of the `.env` file and the security of the Atlassian platform.
Updated: 2026-01-18GitHub
0
0
Medium Cost
scho-to icon
Sec9

Provides a Message Communication Protocol (MCP) server for fetching Jira ticket information.

Setup Requirements

  • ⚠️Requires Node.js (recommended version: >= 20.x.x) and npm.
  • ⚠️Requires access to a Jira Cloud instance and a generated Jira API Token.
  • ⚠️Critical environment variables (JIRA_URL, JIRA_USER_EMAIL, JIRA_API_TOKEN) must be correctly configured.
Verified SafeView Analysis
The server correctly retrieves sensitive credentials (Jira URL, user email, API token) from environment variables, preventing hardcoding. It includes input validation for tool arguments, ensuring that client-provided data types match expected schema before API calls. Error handling uses the MCP protocol's `McpError` for clear communication of issues. No direct usage of 'eval' or similar dangerous patterns was identified. The use of StdioServerTransport suggests it's designed to run as a local process managed by an orchestrator, limiting network attack surface.
Updated: 2026-01-14GitHub
0
0
Medium Cost
Crosspiecedryingoil127 icon

k8s-observability-mcp

by Crosspiecedryingoil127

Sec6

Provides a comprehensive observability toolkit for monitoring and understanding Kubernetes environments, focusing on microservice performance and health.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer, which is a very specific and potentially challenging version requirement for many environments.
  • ⚠️Requires a running Kubernetes cluster with `kubeconfig` configured for access.
  • ⚠️Requires a running Prometheus instance (defaults to http://localhost:9090) for metrics.
  • ⚠️Requires a running Jaeger instance (defaults to http://localhost:16686) for tracing.
  • ⚠️Requires a running Neo4j instance (defaults to bolt://localhost:7687) with the service graph data loaded (e.g., from `hotel-reservation-datagraph.txt`).
Verified SafeView Analysis
The Prometheus API client connects with `disable_ssl=True`, which is a significant security risk if connecting to untrusted or public Prometheus instances. The Neo4j driver uses default credentials ('neo4j', 'neo4j') if environment variables are not set, which should be changed for production use. The application uses `kubernetes.config.load_kube_config()` which grants it the same access as the user's kubeconfig, requiring careful permission management. No `eval` or obvious malicious patterns were found.
Updated: 2026-01-19GitHub
0
0
Low Cost
KasunJ1984 icon

odoo-crm-mcp-server

by KasunJ1984

Sec8

An MCP server for analyzing Odoo CRM data with intelligent context management, designed for Claude's context window efficiency.

Setup Requirements

  • ⚠️Requires Odoo instance credentials (URL, DB, Username, Password) via environment variables.
  • ⚠️For browser-based Claude.ai, the server must be accessible via HTTPS, potentially requiring additional setup (e.g., ngrok, cloud deployment with TLS).
  • ⚠️Requires Node.js version 18.0.0 or higher.
Verified SafeView Analysis
The server explicitly relies on environment variables for Odoo credentials, preventing hardcoding. Input validation is performed using Zod schemas. File export operations write to a designated directory (`/mnt/user-data/outputs` by default), preventing arbitrary file writes. Cross-Origin Resource Sharing (CORS) is configured to allow all origins (`Access-Control-Allow-Origin: *`) for browser-based Claude.ai compatibility, but the README advises implementing proper authentication and IP whitelisting in production deployments for enhanced security. Uncaught exceptions and unhandled promise rejections are logged but do not crash the server, prioritizing resilience.
Updated: 2026-01-14GitHub
0
0
Medium Cost
vimalk78 icon

fs-mcp

by vimalk78

Sec4

Provides an MCP server for AI agents to access files across multiple local or remote repositories without changing the current working directory, supporting file listing, reading, and searching.

Setup Requirements

  • ⚠️Requires Go installation to build/install.
  • ⚠️SSH connections use `ssh.InsecureIgnoreHostKey()` which significantly compromises security against Man-in-the-Middle attacks. Do NOT use with untrusted SSH hosts or networks.
  • ⚠️Requires SSH key setup (`~/.ssh/id_rsa` by default) for remote repositories.
Review RequiredView Analysis
The server implements good path traversal protection and filters hidden files/node_modules. It provides read-only access. However, a critical security weakness exists for SSH repositories due to the use of `ssh.InsecureIgnoreHostKey()`, which disables host key verification and makes SSH connections vulnerable to Man-in-the-Middle attacks. This is noted as a 'TODO' in the source, but present.
Updated: 2025-11-26GitHub
0
0
Low Cost
dstconseils-web icon

guesty-mcp-server

by dstconseils-web

Sec3

Acts as an intermediary server to connect an AI assistant (Claude) to the Guesty API, providing structured data endpoints for listings and reservations.

Setup Requirements

  • ⚠️Requires Guesty API client ID and secret (`GUESTY_CLIENT_ID`, `GUESTY_CLIENT_SECRET`) to be set as environment variables for authentication with the Guesty API.
  • ⚠️Requires Node.js runtime installed to execute the server.
Review RequiredView Analysis
The server exposes Guesty data endpoints (e.g., /api/listings, /api/reservations, /api/rapport) without any authentication or authorization mechanisms on the MCP server itself. While Guesty API secrets are handled securely via environment variables, any client with network access to this server can query these endpoints and access Guesty data. Additionally, `cors()` is configured to allow all origins (`*`), which is a security risk if the server is exposed publicly without additional access control layers. Exposing this server directly to the internet is not recommended due to these vulnerabilities.
Updated: 2026-01-18GitHub
0
0
High Cost
AlexandrosMelis icon

mcp_project

by AlexandrosMelis

Sec7

An AI-powered chatbot for searching, extracting, and summarizing academic papers using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires uv package manager to be installed globally.
  • ⚠️Requires Node.js to be installed for npx command.
  • ⚠️Requires an Anthropic API Key (Paid service) for the AI model interaction.
Verified SafeView Analysis
The `extract_info` tool takes a `paper_id` as input, which is then used as a dictionary key to search within `papers_info.json` files. While the `topic` parameter for file path construction is sanitized (`lower().replace(" ", "_")`), direct user input for `paper_id` is not explicitly validated against path traversal characters. However, its use as a dictionary key rather than directly in file paths mitigates direct arbitrary file reading/writing. The server also uses `ANTHROPIC_API_KEY` from environment variables, which is a good practice. No 'eval' or other highly dangerous patterns were observed. Overall, it's moderately safe, but careful input sanitization for `paper_id` as a dictionary key is still recommended for robustness against potential argument injection attacks if the `papers_info.json` could be malformed or manipulated.
Updated: 2025-12-01GitHub
0
0
Low Cost
bioanywhere icon
Sec8

Provides a Docker-based deployment configuration for a generic MCP server application, facilitating its local development and production deployment.

Setup Requirements

  • ⚠️Docker required
  • ⚠️Application-specific environment variables for the server are not detailed in the provided source.
  • ⚠️The actual server application code and Dockerfile are not provided, limiting full system understanding.
Verified SafeView Analysis
The provided deployment configuration files (docker-compose.yml, run.sh) are standard Docker setups and do not contain obvious security vulnerabilities such as hardcoded secrets, 'eval' statements, or malicious patterns. Port 3000 is exposed, which is typical for a web server. A full security audit would require the Dockerfile and the application's source code, which are not provided in this truncated analysis.
Updated: 2025-12-01GitHub
0
0
Low Cost
Sangram03 icon

MCP-Server

by Sangram03

Sec6

Provides a WebSocket-based JSON-RPC server for exposing and invoking defined 'tools,' primarily intended for integration with AI models or agents.

Setup Requirements

  • ⚠️Requires Node.js v18.0.0 or higher.
  • ⚠️WebSocket server runs on port 3000, consider explicit host binding for production if not 'localhost'.
Verified SafeView Analysis
The server uses `JSON.parse` directly on incoming WebSocket messages, which is generally safe from arbitrary code execution itself. However, the dynamic tool invocation mechanism (`tools[toolName](args)`) without explicit validation beyond checking `tools[toolName]` means that if future tools were to implement sensitive operations based on unvalidated user input, it could lead to vulnerabilities. The current 'hello' tool is benign. The WebSocket server is initiated with `{ port: 3000 }` without an explicit host, which might default to `0.0.0.0` (all interfaces) potentially exposing it beyond `localhost` if not secured by a firewall. No hardcoded secrets or 'eval' are present.
Updated: 2025-11-20GitHub
0
0
Medium Cost
aruc-dev icon
Sec9

An AI agent client that integrates weather information and task management using a multi-server Model Context Protocol (MCP) architecture.

Setup Requirements

  • ⚠️Requires Google Gemini API Key (Paid, depending on usage)
  • ⚠️Requires OpenWeatherMap API Key with 'One Call by Call' subscription (potentially paid, depending on usage tier)
  • ⚠️Python 3.11+ recommended
Verified SafeView Analysis
API keys are handled securely via environment variables (.env). Subprocess execution is limited to hardcoded Python scripts within the project, reducing command injection risks from user input. File operations for task management and resources are on fixed local filenames. 'shlex.split' is used for parsing arguments, which is safer than simple string splitting. No 'eval' or other highly dangerous patterns were observed being used with untrusted input.
Updated: 2025-11-28GitHub
0
0
Medium Cost
fvegiard icon

mcp-memory-gpu

by fvegiard

Sec9

MCP Server providing semantic memory with FAISS + SQLite hybrid storage and optional GPU acceleration for applications like Claude Desktop.

Setup Requirements

  • ⚠️Requires local Ollama running (or an accessible Ollama API) for CPU-based embeddings by default.
  • ⚠️Optional: Requires a separate GPU server running the provided Flask bridge code for GPU-accelerated embeddings.
  • ⚠️Requires FAISS installation (`faiss-cpu` or `faiss-gpu`) which can have specific system dependencies.
  • ⚠️Python 3.10+ required.
Verified SafeView Analysis
Uses parameterized SQL queries to prevent injection. Network calls to embedding services (Ollama, GPU bridge) use configurable URLs and environment variables for authentication tokens. No hardcoded secrets or 'eval' found in the main server code. Note: The example GPU bridge server code provided in the README for users to deploy separately does include a hardcoded `AUTH_TOKEN` placeholder which should be replaced by a secure secret in a production setup.
Updated: 2025-12-14GitHub
0
0
Low Cost
juniorrash-d icon

deli_store_system

by juniorrash-d

Sec2

An AI-powered management system for deli and liquor stores, automating inventory, pricing, and operations via microservices.

Setup Requirements

  • ⚠️Docker is required for deploying the MCP servers.
  • ⚠️Requires Python 3.8+.
  • ⚠️The 'AI-driven analysis' in the MCP servers is currently mocked, providing static responses rather than actual AI model inference.
Review RequiredView Analysis
Both 'pricing_mcp/pricing_server.py' and 'inventory_mcp/inventory_server.py' Flask applications are run with 'debug=True' and bound to '0.0.0.0'. This is a critical security vulnerability as it allows arbitrary code execution via the debugger if an unhandled exception occurs and the server is accessible on the network. This configuration is highly unsafe for any production or exposed environment.
Updated: 2025-11-19GitHub
PreviousPage 479 of 713Next