Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
premkalyan icon

confluence-mcp

by premkalyan

Sec8

A multi-tenant API Gateway for Confluence, providing a JSON-RPC 2.0 interface to automate page management, document operations, templates, macros, and Jira integration by fetching credentials dynamically from a project registry.

Setup Requirements

  • ⚠️Requires an API Key (Bearer Token) obtained from an external 'VISHKAR Project Registry' (`https://project-registry-henna.vercel.app`).
  • ⚠️Confluence credentials (URL, username/email, API token) must be configured in the external Project Registry for your project.
  • ⚠️The `canvas` library, listed as a direct dependency, is a native module that may require system-level build tools (e.g., C/C++ compilers, Cairo) for successful installation, which can be a point of friction on some environments.
Verified SafeView Analysis
The server securely fetches Confluence credentials from an external Project Registry based on a provided Bearer token, avoiding hardcoded secrets in the main application logic. However, the provided test scripts (`test-all-confluence-tools.js`, `test-image-embedding.js`) contain a hardcoded `BEARER_TOKEN`, which is a minor risk if these files are publicly accessible. The `upload_and_embed_document` tool, which can fetch files from an arbitrary `fileUrl`, could potentially be exploited for DoS if malicious actors upload extremely large files, as the server reads the entire file into memory without explicit size limits.
Updated: 2025-12-14GitHub
0
0
High Cost
iskifogl icon
Sec9

Integrates Google Workspace services (Gmail, Calendar) into a Model Context Protocol (MCP) compatible environment, enabling AI agents to interact with user data.

Setup Requirements

  • ⚠️Requires manual setup of Google OAuth 2.0 credentials (client ID, client secret, refresh token) via Google Cloud Console, including enabling APIs and configuring redirect URIs.
  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️The 'read_email' tool does not truncate the email body, meaning a single call can return extremely large amounts of text, potentially leading to high LLM token consumption.
Verified SafeView Analysis
The server correctly leverages environment variables for sensitive Google OAuth credentials (client ID, client secret, refresh token), promoting secure secret management by the host application. It uses official Google APIs and the Model Context Protocol SDK, which are well-vetted. No 'eval' or other inherently dangerous functions are found. Automatic token refresh is handled securely by the underlying Google API client. The server itself communicates over standard I/O (stdio), not exposing direct network interfaces for external requests. Security relies heavily on the host application's secure handling and injection of credentials.
Updated: 2025-11-19GitHub
0
0
High Cost
mcuellar icon

tuneit-ai-agent

by mcuellar

Sec8

Automates the process of tailoring resumes based on job descriptions by leveraging an AI agent and an MCP server.

Setup Requirements

  • ⚠️Requires an MCP Server running locally (default: http://localhost:8000) that exposes specific tool endpoints: `format_job_description`, `generate_tailored_resume`, `save_tailored_resume`, and `save_job_description`.
  • ⚠️Requires Python 3.11 or higher.
  • ⚠️The effectiveness and quality of resume tailoring are highly dependent on the underlying LLM models and logic implemented within the external MCP server.
Verified SafeView Analysis
The agent itself follows good security practices, utilizing environment variables for configuration and avoiding dangerous patterns like 'eval'. Network risks are limited as it's designed to connect to a local MCP server (default: http://localhost:8000). The primary security consideration lies with the external MCP server: if it's configured with a publicly accessible URL or implements insecure file writing based on unsanitized inputs (e.g., job titles used for filenames), it could introduce vulnerabilities. The agent itself does not perform direct file writing, but delegates filename generation to the MCP server. No hardcoded secrets were found.
Updated: 2025-12-08GitHub
0
0
Medium Cost
chaorenex1 icon
Sec8

A FastAPI-based MCP (Model Context Protocol) server template designed for hosting AI/ML tools, resources, and prompts, featuring API key authentication, Redis caching, database integration (SQLAlchemy), and optional Nacos service discovery.

Setup Requirements

  • ⚠️Requires database setup with `alembic` migrations (e.g., for PostgreSQL as `psycopg2-binary` is a dependency).
  • ⚠️If `REDIS_ENABLED` is true, requires a running Redis instance (or Sentinel/Cluster setup).
  • ⚠️If `DISCOVERY_SERVICE_ENABLED` is true and set to 'nacos', requires a running Nacos server for service discovery.
Verified SafeView Analysis
The server uses `bcrypt` for API key hashing and verification, which is a strong cryptographic practice. Configuration, including sensitive credentials for databases and Redis, is externalized via `pydantic-settings` (environment variables or remote config like Nacos), avoiding hardcoded secrets. Nacos integration introduces a dependency on the security of the Nacos server itself. No direct `eval` or other highly dangerous patterns were observed. Overall, it appears to follow good security practices for its components, but secure deployment relies heavily on proper environment configuration.
Updated: 2025-12-15GitHub
0
0
Low Cost
bioanywhere icon

night

by bioanywhere

Sec8

This repository provides client libraries for interacting with the World News API, allowing applications to access and process news data from various sources.

Setup Requirements

  • ⚠️Requires Python 3.7+ (for Python client), CMake 3.2+ and Qt (for C++ client), or a compatible Java environment (for Java client).
  • ⚠️Requires an API key from World News API for service access.
  • ⚠️The client libraries are for integrating with an external API; an active internet connection is needed for functionality.
Verified SafeView Analysis
The repository contains client libraries for multiple programming languages, generated from an OpenAPI specification. OAuth2 flows are implemented in the C++ client using a local TCP server for redirects, which is a standard approach but relies on the host system's security configuration. API keys are handled by the client libraries and are expected to be provided by the user, preventing hardcoding. No 'eval', obfuscation, or direct malicious patterns were observed in the truncated code snippets. General network communication relies on standard HTTP/HTTPS protocols. The overall security profile is strong for client libraries, with typical considerations for API key management by the end-user application.
Updated: 2025-12-13GitHub
0
0
Low Cost
Sena1996 icon

sena-mcp-server

by Sena1996

Sec9

An AI intelligence enhancement system for Claude Desktop and Claude Code CLI, providing advanced tools for code analysis, security, performance, knowledge retrieval, and automated formatting with transparent execution.

Setup Requirements

  • ⚠️`uv` (Python package manager) is required, although the installer attempts to install it automatically.
  • ⚠️`Python 3.10+` is needed for the `uv` tool.
  • ⚠️Requires Claude Desktop or Claude Code CLI environment for full functionality and integration with its hooks and MCP tools.
Verified SafeView Analysis
The project explicitly documents and resolves several critical security vulnerabilities in its `docs/OPTIMIZATION_SUMMARY.md`, including command injection, code injection, and unvalidated command execution. It now uses `shlex.split()` and `shell=False` for `subprocess.run()`, disables dangerous methods like `intercept_tool()`, and handles user input via stdin in scripts to prevent injection. The primary MCP server (`src/sena_mcp/server.py`) runs locally and does not appear to perform external network requests from its core tools, relying on other MCP servers for integrations like GitHub or web search. Bash scripts, while inherently carrying some risk, are actively secured and transparently documented. The overall system is designed for local execution, reducing external attack surface.
Updated: 2025-11-24GitHub
0
0
Medium Cost
TokaMohsen icon

mcp-slack

by TokaMohsen

Sec9

Enables AI assistants to interact with a Slack workspace by exposing Slack Web API functionalities as tools.

Setup Requirements

  • ⚠️Requires Node.js 22+
  • ⚠️Requires a Slack Bot Token with specific OAuth scopes (e.g., channels:history, chat:write)
  • ⚠️Requires a Slack Team ID
  • ⚠️Requires creating and configuring a Slack App within your workspace
Verified SafeView Analysis
The server correctly reads sensitive information (Slack Bot Token, Team ID) from environment variables. There is no usage of 'eval' or other patterns that suggest arbitrary code execution. All network requests are made to the legitimate Slack API. The use of SLACK_CHANNEL_IDS for limiting access is a positive security feature. The primary security considerations involve properly configuring the Slack App's permissions, which is external to the server's code but well-documented.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Rotbarsch icon
Sec7

Enables AI agents (like GitHub Copilot) to query ReqnRoll binding information and documentation directly to simplify feature file creation and minimize AI hallucinations.

Setup Requirements

  • ⚠️.NET 10 SDK is required.
  • ⚠️Manual configuration of 'inputs.json' with correct DLL and XML documentation paths is necessary and critical for functionality.
  • ⚠️Ensuring all runtime dependencies of the configured assemblies are discoverable by the server can be complex.
  • ⚠️Requires GitHub Copilot extension in Visual Studio Code or Visual Studio to function as intended.
Verified SafeView Analysis
The server loads user-specified DLLs dynamically from 'inputs.json'. Loading untrusted or malicious DLLs could lead to code execution vulnerabilities. Users should only configure DLLs from trusted sources and ensure their dependencies are correctly placed. No direct 'eval' or obvious malicious patterns are present in the provided truncated source.
Updated: 2026-01-19GitHub
0
0
Medium Cost
abhayagarwalonline icon

mule-beta-mcp-server

by abhayagarwalonline

Sec8

Provides status and transaction details for an enterprise integration process, specifically tracking Purchase Order (PO) processing from JDE to SAP via MuleSoft.

Setup Requirements

  • ⚠️Requires Mule Runtime 4.9.3+ (specific Mulesoft licensing might apply)
  • ⚠️Requires Java 17 SDK
Review RequiredView Analysis
The provided source code snippets (test.json, mule-artifact.json) are configuration and test data, and do not contain executable logic from the server itself. Therefore, it is not possible to perform a meaningful security audit of the 'mule-beta-mcp-server' application based on this limited information. There are no patterns like 'eval', obfuscation, network risks, or hardcoded secrets visible in the provided files. Without access to the actual Mule flows, connectors, and any custom code, a comprehensive assessment of the server's security cannot be made.
Updated: 2025-12-07GitHub
0
0
Low Cost
cgjdparashar icon

mcp-server-and-prompts

by cgjdparashar

Sec7

This repository provides MCP prompt definitions for orchestrating Azure DevOps, Playwright testing, and MySQL queries, enabling AI assistants to automate common development workflows.

Setup Requirements

  • ⚠️Requires an MCP-enabled client (e.g., VS Code with GitHub Copilot and MCP extension).
  • ⚠️Application code for Playwright and MySQL prompts MUST be located in the `/project/src/` folder.
  • ⚠️Requires setting multiple environment variables for Azure DevOps integration (e.g., AZDO_ORG_URL, AZDO_PROJECT, AZDO_TEAM, AZDO_USER_EMAIL).
Verified SafeView Analysis
The system design explicitly uses environment variables for sensitive credentials (Azure DevOps, MySQL) rather than hardcoding. It also includes safety features like 'CONFIRM_ASSIGN' for dry-run mode in Azure DevOps prompts and 'READ_ONLY' flags for MySQL queries, reducing accidental destructive operations. The primary security risk comes from the powerful access granted to external services via AI-driven prompts, requiring careful configuration and oversight by the user and secure hosting of the underlying MCP servers (which are external to this repo). No 'eval' or obfuscation is apparent in the provided README.
Updated: 2025-12-02GitHub
0
0
Medium Cost
makesh-kumar icon

spotify-mcp-server

by makesh-kumar

Sec9

Enables AI assistants to control Spotify playback and manage playlists through the Model Context Protocol.

Setup Requirements

  • ⚠️Requires a Spotify Premium account for full playback control features.
  • ⚠️Requires creating and configuring a Spotify Developer Application (Client ID, Client Secret, Redirect URI).
  • ⚠️Manual creation and initial editing of 'spotify-config.json' is necessary before running the 'npm run auth' script.
Verified SafeView Analysis
The server correctly handles Spotify OAuth 2.0 authorization with client secrets stored in a local config file, not hardcoded. It explicitly enforces localhost redirect URIs during authentication to prevent token interception. The `@spotify/web-api-ts-sdk` is used for API interactions, which is a reputable library. There are no 'eval' statements or obfuscation. A minor note is that `handleSpotifyRequest` might suppress specific JSON parsing errors as successful operations, which could hide API response issues but is not a direct security vulnerability.
Updated: 2025-12-06GitHub
0
0
High Cost
ryan-lingle icon

farm-os

by ryan-lingle

Sec6

Provides AI assistant integration for a farm management system, enabling natural language interaction to manage farm assets, logs, locations, and tasks.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid): Uses OpenAI's `gpt-4o` model by default, necessitating a paid API key via `OPENAI_API_KEY`.
  • ⚠️Docker recommended: While possible to run standalone, the provided `docker-compose.yml` orchestrates the entire multi-service application (DB, API, Client, MCP Server) for seamless setup.
  • ⚠️High token usage potential: Tool outputs can be up to 10,000 characters and chat history up to 20 messages, leading to substantial token consumption per complex interaction.
Review RequiredView Analysis
The server exposes an API endpoint with `CORSMiddleware(allow_origins=['*'])` set in `http_server.py`. This allows requests from any origin, posing a significant security risk in a production environment where client origins should be restricted to known domains. Hardcoded default PostgreSQL password 'password' in `docker-compose.yml` is a common development anti-pattern that needs to be secured for production.
Updated: 2026-01-18GitHub
PreviousPage 482 of 713Next