Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
sedoglia icon

diabetes-m-mcp

by sedoglia

Sec10

Integrates Diabetes:M health data (glucose, insulin, food, personal metrics) with Claude Desktop via an MCP server for natural language conversations and analysis.

Setup Requirements

  • ⚠️Requires Node.js v18.0+ and npm v8.0+ to run.
  • ⚠️Relies on a reverse-engineered Diabetes:M API (analytics.diabetes-m.com) which may change without notice, potentially breaking functionality.
  • ⚠️Manual setup requires editing Claude Desktop's `claude_desktop_config.json` file to specify the server command and arguments.
Verified SafeView Analysis
The project demonstrates excellent security practices. Credentials and sensitive data (e.g., tokens, cache entries) are encrypted using AES-256-GCM with a master key stored in the OS-native keyring (macOS Keychain, Windows Credential Vault, Linux Secret Service) or a machine-specific encrypted file as a fallback. Credentials are never stored in plain text or configuration files. Comprehensive audit logging is implemented, with input data being hashed (not stored) for traceability, and separate logs for highly sensitive personal metrics access. Input validation using Zod schemas is in place, and the `searchFoods` tool includes explicit query sanitization to prevent injection attacks. Rate limiting and automatic re-authentication mechanisms are also built in. The primary security 'risk' is operational due to reliance on reverse-engineered Diabetes:M APIs, which could change without notice, but this is a functional fragility rather than a direct vulnerability in the server's code.
Updated: 2026-01-16GitHub
0
0
Medium Cost
lausser icon

omd-mcp

by lausser

Sec7

Provides an AI chatbot for managing Thruk monitoring systems through a Model Context Protocol (MCP) interface.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Requires Podman or Docker for containerized local deployment, or Kubernetes (k3s) for production.
  • ⚠️Requires an existing Thruk monitoring system instance.
  • ⚠️Requires a Thruk API Key and Thruk server URL.
  • ⚠️Requires an OpenAI-compatible API key (e.g., OpenAI, Anthropic, or a local LLM), which may incur costs.
Verified SafeView Analysis
The application handles sensitive Thruk monitoring data and API keys. Secrets (Thruk, OpenAI) are managed via environment variables and Kubernetes secrets, which is a good practice. However, the 'chatbot' service can dynamically add and run MCP servers using `subprocess.Popen` with commands defined in `MCPServerConfig`. If the `uiConfigMcps` setting in `chatbot.json` is set to `true` (it defaults to `false`), or if the `chatbot.json` configuration is compromised, it could potentially allow arbitrary command execution on the 'chatbot' container if the UI is exposed without proper authentication. Additionally, `THRUK_VERIFY_SSL` can be optionally set to `false` for development, which could lead to insecure communication if used in a production environment.
Updated: 2026-01-15GitHub
0
0
Medium Cost
aryanb12393 icon

sql-stock-mcp-server

by aryanb12393

Sec9

Provides secure access to Google stock price data, enabling retrieval of recent prices, visualization of trends, and identification of significant day-to-day changes.

Setup Requirements

  • ⚠️Requires local SQLite database to be seeded with data using `python3 seed_data.py` before tools can return meaningful results.
  • ⚠️Requires specific configuration within Claude Desktop (`claude_desktop_config.json`), including correct absolute paths to the server script and working directory.
  • ⚠️Python dependencies (`mcp`, `matplotlib`, `yfinance`) must be installed via `pip install -r requirements.txt`.
Verified SafeView Analysis
The server employs robust SQL injection prevention by using parameterized queries exclusively. Claude only provides simple integer parameters, and the server constructs all SQL internally. However, there's an inconsistency where the `id` column is listed as 'blocked' in the `DATABASE_SCHEMA` definition, but the `getRecentStockPrices` tool explicitly selects it. While `id` is a primary key and generally poses minimal security risk, this deviation from its own stated blocking rule is noteworthy. The sensitive 'author' column is correctly excluded from direct selection in tools. No use of `eval` or similar dangerous patterns was found.
Updated: 2025-11-27GitHub
0
0
Low Cost
uiff icon
Sec8

Acts as a gateway for AI agents to interact with a Weidmueller u-OS Data Hub via NATS, enabling reading and writing of PLC variables.

Setup Requirements

  • ⚠️Requires Rust toolchain for local building.
  • ⚠️Requires access to a NATS server (u-OS Data Hub).
  • ⚠️Requires a `credentials.env` file with `CLIENT_ID` and `CLIENT_SECRET` for NATS authentication.
Verified SafeView Analysis
The server correctly uses `serde` for JSON-RPC parsing, minimizing parsing vulnerabilities. Credentials are loaded from a file (`credentials.env`) via `OAuth2Credentials::from_env_file`, which is a standard and relatively secure approach for secrets, though proper file system permissions are critical. Communication is over stdin/stdout, reducing network attack surface compared to a direct API. The `write_variable` function currently only supports string values and is noted as incomplete, which is a functional limitation rather than an immediate security flaw, but future implementations should include robust type validation to prevent improper data writes to the PLC. No 'eval' or direct command injection vectors were found.
Updated: 2025-11-29GitHub
0
0
Low Cost
clintivins icon

ISC-SP-MCP-Server

by clintivins

Sec1

This server likely manages and controls a system, potentially handling multiple clients or components, given its 'MCP-Server' designation.

Review RequiredView Analysis
Unable to perform a security audit as no source code was provided for analysis. Therefore, the security posture is unknown and rated as very high risk.
Updated: 2025-11-22GitHub
0
0
Medium Cost
datons icon

CC

by datons

Sec9

Interact with AI assistants to query real-world medical and pharmaceutical data from PubMed and OpenFDA using Model Context Protocol (MCP) servers.

Setup Requirements

  • ⚠️Requires NCBI API Key (free, but requires registration and email).
  • ⚠️Requires FDA API Key (free, but registration needed for higher rate limits).
  • ⚠️Requires GitHub Copilot Chat (potentially paid subscription for Copilot) and VSCode with specific extensions.
Verified SafeView Analysis
The project integrates with well-known public APIs (PubMed, OpenFDA). API keys are managed via environment variables ('.env' file) and not hardcoded, which is good practice. MCP server communication uses 'stdio', reducing external network attack surface for internal communication. No 'eval' or obvious obfuscation detected in the provided code. As with any system interacting with external APIs, there's inherent reliance on the security of those external services.
Updated: 2025-12-05GitHub
0
0
Low Cost
aidenlab icon
Sec6

A Node.js server that acts as a Model Context Protocol (MCP) bridge, enabling AI clients (e.g., ChatGPT, Claude Desktop) to control and query a 3D model visualization application via WebSocket for real-time interaction.

Setup Requirements

  • ⚠️Requires Node.js (v18 or higher) and npm to run.
  • ⚠️A separate 'hello3dmcp-frontend' application is required for 3D model visualization (this server provides the backend logic, not the frontend UI).
  • ⚠️For external AI clients like ChatGPT, a tunneling service (e.g., ngrok, localtunnel) is necessary to expose the local server to a public URL.
  • ⚠️Specific client configurations (e.g., building an .mcpb package for Claude Desktop, adding '/mcp' suffix to the tunnel URL for ChatGPT) are needed to connect AI clients properly.
Verified SafeView Analysis
The server defaults to `cors({ origin: '*' })` (allowing all origins), which is a significant security risk for production deployment and should be restricted to specific trusted origins. WebSocket messages are JSON parsed, requiring robust input validation to prevent malformed data issues, though Zod schemas are used for tool parameters, reducing some risks. No explicit hardcoded secrets or direct command injection vectors from user-controlled input were found.
Updated: 2025-12-30GitHub
0
0
Medium Cost
mikdanjey icon
Sec9

The Snowflake MCP Server acts as a bridge, enabling LLM agents to securely connect to and execute SQL queries against Snowflake databases using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js 20.0.0 or higher
  • ⚠️Requires access to a Snowflake account and valid credentials
  • ⚠️SNOWFLAKE_PASSWORD is conditionally required for 'snowflake' authenticator, not for 'externalbrowser'
Verified SafeView Analysis
The server demonstrates strong security practices: comprehensive SQL validation with Zod schemas and custom pattern matching to prevent SQL injection, secure handling of credentials via environment variables and redaction in logs, and communication primarily over STDIO for its core MCP function, reducing direct network attack surface. Dependencies are standard and well-vetted.
Updated: 2025-11-19GitHub
0
0
High Cost
forgequant icon

context8-landing

by forgequant

Sec9

A modern, terminal-aesthetic landing page for Context8, offering crypto market intelligence to AI assistants via MCP integration, with user authentication, subscription management, crypto payments, and daily market reports.

Setup Requirements

  • ⚠️Requires extensive Supabase project setup, including creating multiple tables (`profiles`, `usage_metrics`, `api_keys`, `subscriptions`, `payment_submissions`, `daily_reports`, `admin_settings`), configuring Row Level Security (RLS) policies, and deploying SQL functions and triggers. This setup is crucial for database functionality and security.
  • ⚠️Requires multiple paid API keys for full functionality: an OpenAI API Key (using `gpt-4o` can incur high costs) for AI analytics and daily report generation, and a Context8 API Key (implied to be from a Pro subscription) for external crypto data fetching.
  • ⚠️Optional but detailed Telegram bot setup for admin notifications involves creating a bot via @BotFather, configuring webhooks, and setting `TELEGRAM_BOT_TOKEN` and `TELEGRAM_ADMIN_SECRET` in Supabase Edge Functions environment variables.
  • ⚠️Hardcoded placeholder crypto wallet addresses in `src/data/walletAddresses.ts` must be manually replaced with real wallet addresses for Ethereum, Polygon, and BSC before deploying for live payments.
Verified SafeView Analysis
The project demonstrates robust security practices: secrets are securely managed via Supabase Edge Function environment variables and not exposed client-side. Client-side code exclusively uses public Supabase API keys. Public crypto wallet addresses are hardcoded for receiving payments, which is acceptable for their function, but private keys are correctly kept off-chain. API key management is implemented with hashing and prefixing, and Supabase Row Level Security (RLS) is enabled and configured for data protection. Webhooks are secured with `WEBHOOK_SECRET`. No 'eval' or intentional obfuscation was observed. A minor consideration is ensuring the hardcoded wallet addresses are indeed updated for production, and the reliance on an external `context8.fastmcp.app` MCP server means its security is a dependency.
Updated: 2025-12-24GitHub
0
0
Low Cost
bigbag icon

mcpsnag

by bigbag

Sec9

A curl-like CLI tool for testing and debugging Model Context Protocol (MCP) servers over HTTP.

Setup Requirements

  • ⚠️Requires Go installation to build the binary.
  • ⚠️Requires an operational MCP server to interact with (e.g., http://localhost:3000/mcp for local testing).
  • ⚠️Some advanced scripting examples in the README rely on 'jq' for JSON parsing.
Verified SafeView Analysis
The codebase is a client-side command-line interface (CLI) tool written in Go, which generally benefits from Go's memory safety and concurrency primitives. It does not expose any network services itself, mitigating server-side vulnerabilities. The tool takes arbitrary URLs and HTTP headers as user input; therefore, security risks primarily stem from how a user interacts with potentially malicious remote servers or provides sensitive information via headers to untrusted endpoints. There are no obvious hardcoded secrets or 'eval'-like dangerous patterns. The HTTP client includes a configurable timeout, adding a layer of robustness. Overall, the code itself appears robust and follows standard practices for a CLI client.
Updated: 2026-01-19GitHub
0
0
Medium Cost
toolate28 icon

coherence-mcp

by toolate28

Sec3

Serves as an MCP server providing coherence validation, governance primitives, decision tracking, and documentation search for the SpiralSafe ecosystem, primarily designed for AI agent interaction.

Setup Requirements

  • ⚠️Requires the 'SpiralSafe' repository to be cloned adjacent to the project at `../SpiralSafe` for many tools to function correctly.
  • ⚠️Relies on external API tokens (e.g., `SPIRALSAFE_API_TOKEN`) to interact with the SpiralSafe API, which must be configured in a `.env` file.
  • ⚠️The internal test suite is currently broken due to architectural changes, impacting developer confidence and making contributions harder to verify.
Review RequiredView Analysis
The server, as implemented, explicitly lacks built-in authentication, rate limiting, and audit logging, despite documentation claiming these features. This makes it highly vulnerable if exposed directly. There is a potential for path traversal in the 'context_pack' tool via user-supplied document paths and for command injection in gate transitions if 'context' parameters can be crafted to execute shell commands. TypeScript's strict mode is disabled, increasing the risk of runtime errors and vulnerabilities. While it references external security practices in `SECURITY.md`, the core server itself does not enforce them.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Ekestfa icon

LightRAG-mcp

by Ekestfa

Sec8

The LightRAG MCP Server acts as an API gateway for AI assistants and language models to interact with various Retrieval-Augmented Generation (RAG) microservices through a standardized interface, handling routing, validation, and aggregation.

Setup Requirements

  • ⚠️Requires other LightRAG microservices to be running (e.g., Software Engineering RAG, Entrepreneur RAG) for full functionality.
  • ⚠️Requires a `.env` file for configuration (e.g., KODABI_BASE_IP, KODABI_BASE_PORT, RAG_API_TOKEN, RAG_BASE_URL).
  • ⚠️Optimal operation and deployment imply a Docker/Kubernetes environment for managing microservices.
Verified SafeView Analysis
The server uses `dotenv` for environment variable loading, which is good practice to avoid hardcoding secrets. It currently only exposes a basic `/health` endpoint, minimizing immediate attack surface. The MVP specification outlines plans for robust security, including API token authentication and input validation, but the implementation of these more complex security features is not visible in the provided truncated Rust code. The use of `127.0.0.1` as a default IP is safe for local development, but broader deployment would require careful configuration of `KODABI_BASE_IP`.
Updated: 2026-01-19GitHub
PreviousPage 485 of 713Next