Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
sbarysiuk icon

ddgs-search-mcp

by sbarysiuk

Sec9

Provides AI agents with web search capabilities by acting as a local Model Context Protocol (MCP) server that aggregates results from diverse web search services.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires absolute paths for the Python executable and `server.py` in the Claude Desktop configuration.
  • ⚠️Web search results can be unstable and prone to 403 errors/rate limits, requiring proxy or retry configuration in `settings.yaml`.
Verified SafeView Analysis
The server uses the `ddgs` library to perform web searches, which involves external network requests. Network settings like proxy, timeout, and retries are configurable via `settings.yaml`. There are no 'eval' statements, obvious obfuscation, hardcoded secrets, or malicious patterns observed in the provided source code. The main risk is inherent to any tool making external network calls, but the configuration options allow for some control.
Updated: 2025-12-05GitHub
0
0
Medium Cost
NNTin icon

mcp-act

by NNTin

Sec8

This server provides a Multi-Container Platform (MCP) interface to nektos/act, enabling AI agents and orchestrators to run GitHub Actions workflows locally inside Docker containers with controlled access to the host Docker daemon.

Setup Requirements

  • ⚠️Requires Docker Desktop with MCP Toolkit enabled.
  • ⚠️Requires the Docker MCP CLI plugin (`docker mcp` command).
  • ⚠️Requires mounting the host Docker daemon socket into the container (e.g., `-v /var/run/docker.sock:/var/run/docker.sock`).
  • ⚠️Requires mounting your repository containing workflows into the container (e.g., `-v /path/to/repo:/workspace`).
Verified SafeView Analysis
The server's source code includes input validation (e.g., `_is_safe_token` function, character whitelisting, argument count limits) to prevent direct shell injection into the `act` command. It runs as a non-root user. However, the core functionality of the server is to expose `nektos/act`, which is designed to interact with and spawn containers on the host Docker daemon. This grants workflows run through the server significant privileges on the host, making careful deployment and access control critical. The sanitization helps control the `act` command arguments, but not the inherent power of the `act` tool itself or the contents of the GitHub Action workflows it executes.
Updated: 2025-12-05GitHub
0
0
Medium Cost
ModelContextProtocol-Security icon

mcpserver-marketplace

by ModelContextProtocol-Security

Sec9

A security evaluation framework and tooling for auditing MCP (Model Context Protocol) marketplaces, clients, and servers, aiming to proactively identify and address security risks in the MCP ecosystem.

Setup Requirements

  • ⚠️Requires system tools: `curl`, `dig`, `openssl` to be installed.
  • ⚠️Requires Python 3.10+.
  • ⚠️For full functionality (especially GitHub API rate limits), `GITHUB_TOKEN` environment variable is recommended.
Verified SafeView Analysis
This repository is a security auditing tool, not an MCP server for end-user interaction. Its purpose is to identify security risks in *other* MCP components. The source code itself appears well-structured, uses standard libraries, and handles secrets (like GitHub tokens) via environment variables or command-line arguments, which is good practice for such a tool. It uses `subprocess.run` to execute external tools like `curl`, `dig`, and `openssl`, which is appropriate for its auditing functions. No obvious 'eval' or malicious obfuscation patterns were found within its own codebase.
Updated: 2026-01-09GitHub
0
0
Medium Cost
tarunn2799 icon

splitwise-mcp

by tarunn2799

Sec9

Enables AI agents to manage Splitwise expenses, groups, and friends using natural language commands.

Setup Requirements

  • ⚠️Requires manual OAuth 2.0 application registration on Splitwise and running a Python setup script to obtain credentials (Consumer Key, Consumer Secret, Access Token).
  • ⚠️If installed in a Python virtual environment, the `command` in the MCP client's `mcp.json` must specify the absolute path to the Python executable within that environment.
  • ⚠️Either a complete set of OAuth credentials (SPLITWISE_OAUTH_CONSUMER_KEY, SPLITWISE_OAUTH_CONSUMER_SECRET, SPLITWISE_OAUTH_ACCESS_TOKEN) or a SPLITWISE_API_KEY must be provided via environment variables for authentication.
Verified SafeView Analysis
The server uses standard OAuth 2.0 or API key authentication. Sensitive credentials are expected to be provided via environment variables. The OAuth setup script uses `webbrowser.open` to guide the user to the legitimate Splitwise authorization page. No 'eval' or direct shell execution with user-controlled input was found, and HTTP requests are handled by `httpx`. Input validation is implemented in `errors.py` and applied in the tool functions.
Updated: 2025-11-23GitHub
0
0
Medium Cost
garethcull icon

sendgrid-mcp

by garethcull

Sec8

Automates SendGrid email template management, creation, and performance analytics for AI assistants and MCP clients via a Flask server.

Setup Requirements

  • ⚠️Requires a SendGrid API Key with sufficient permissions (read/write templates, fetch analytics).
  • ⚠️Requires setting the 'MCP_TOKEN' environment variable for server authorization.
  • ⚠️Requires Python environment setup (venv, pip install -r requirements.txt).
Verified SafeView Analysis
The server uses environment variables (MCP_TOKEN, SENDGRID_API_KEY) for secrets, which is good practice. It implements basic Bearer token authorization for the /mcp endpoint. No direct use of 'eval' or similar dangerous functions is observed. Input schemas are defined with 'additionalProperties: False', which helps limit unexpected arguments. The main security considerations are ensuring the SENDGRID_API_KEY has appropriate, least-privileged permissions and securing the MCP_TOKEN from unauthorized access. The conversion of tool results to 'str(data)' before sending to the client could potentially expose raw SendGrid API responses, which may contain sensitive details depending on the API response and the permissions of the key.
Updated: 2025-11-24GitHub
0
0
Medium Cost
hamcommania-design icon

my-mcp-server

by hamcommania-design

Sec9

A Model Context Protocol (MCP) server boilerplate implemented in TypeScript, providing various tools (calculator, multilingual greeting, timezone lookup, AI image generation) and system information resources (fake server stats, app settings) to an MCP client.

Setup Requirements

  • ⚠️Requires a Hugging Face API Token (HF_TOKEN) environment variable for the 'generate_image' tool.
  • ⚠️The 'smithery' CLI is used for building and development, which should be installed as a dev dependency.
Verified SafeView Analysis
The server follows good security practices by externalizing API tokens (HF_TOKEN) via configuration or environment variables. It handles potential errors like division by zero in the calculator tool. The 'code_review' tool generates a prompt but does not execute user-provided code locally, mitigating a significant risk. Communication is typically handled via standard I/O (stdio) or by the 'smithery' CLI which manages network exposure, rather than the server directly opening arbitrary ports.
Updated: 2025-11-27GitHub
0
0
Low Cost
DanielKluev icon

OwnAideMCP

by DanielKluev

Sec1

Serves as a server component for the OwnAide AI Assistant, likely managing interactions or specific functionalities related to the AI system.

Review RequiredView Analysis
No source code was provided for analysis beyond the README.md. A comprehensive security audit is impossible. The score of 1 reflects a complete lack of visibility into potential vulnerabilities, not an assessment of actual risks or a finding of specific issues.
Updated: 2025-12-02GitHub
0
0
Medium Cost
wyvern800 icon

mcp-figma

by wyvern800

Sec9

This server acts as a Model Context Protocol (MCP) interface to the Figma API, enabling programmatic export of design assets and data from Figma files for use in other systems or development workflows.

Setup Requirements

  • ⚠️Requires a Figma API token, which must be manually obtained from Figma account settings.
  • ⚠️Requires Node.js 18+ and TypeScript 5.0+ (for building).
  • ⚠️Large Figma files exported via `exportFullFile` can result in very large JSON outputs, potentially incurring higher token costs for consuming LLMs.
Verified SafeView Analysis
The server correctly handles the Figma API token by allowing it to be passed via environment variables (`FIGMA_API_TOKEN`) or as a tool parameter, avoiding hardcoding. There is no use of `eval`, `child_process`, or other inherently dangerous functions. Logging is directed to stderr to prevent interference with JSON-RPC communication on stdout. The project's `README.md` also provides clear security guidelines regarding token handling.
Updated: 2025-11-19GitHub
0
0
Medium Cost
JanProvaznik icon

cd-mcp

by JanProvaznik

Sec9

This server provides AI assistants with tools to search for Czech railway connections, stations, prices, and passenger types.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
Verified SafeView Analysis
The server explicitly implements read-only operations, intentionally excluding booking/payment for security. It uses stdio transport, reducing external network exposure. Input validation is performed with Zod, and comprehensive error handling is in place. While `APP_ID` and `USER_DESC` are hardcoded in the API client, they appear to be static client identifiers for a public mobile API and not sensitive user secrets, thus posing a low risk.
Updated: 2025-11-30GitHub
0
0
Medium Cost
swannysec icon

mcp-server-searxng

by swannysec

Sec7

Provides privacy-focused web search and URL reading capabilities for the Zed AI assistant via SearXNG instances.

Setup Requirements

  • ⚠️Requires Zed Editor version 0.205.x or higher.
  • ⚠️Requires Node.js version 20 or higher for npx functionality.
  • ⚠️Authentication credentials (username/password) are stored unencrypted in Zed settings and visible as environment variables.
  • ⚠️Requires access to a SearXNG instance (self-hosted or public); public instances may log queries depending on their privacy policy.
Verified SafeView Analysis
The project transparently discloses a critical security consideration: authentication credentials (`auth_username`, `auth_password`) are stored unencrypted in Zed's `settings.json` file and passed as environment variables, making them visible in process lists. Recommendations are provided to mitigate this risk (e.g., self-hosting without authentication or using a reverse proxy). Strong input validation is implemented for URLs, User-Agents, and proxy settings, including SSRF protection (configurable) and path traversal checks. The `mcp-searxng` npm dependency is version-pinned (0.8.0) to enhance supply chain security. Despite the plaintext credential storage, the comprehensive validation and clear disclosure indicate a strong focus on security best practices where possible.
Updated: 2025-11-23GitHub
0
0
Low Cost
WhenjaySun icon

mcp-server-time

by WhenjaySun

Sec3

Provides time-related functionality or information, possibly for a Minecraft Protocol (MCP) server.

Setup Requirements

  • ⚠️Source code files were not provided, making it impossible to identify specific setup requirements (e.g., dependencies, configuration steps, required runtimes).
Review RequiredView Analysis
CRITICAL: Cannot perform a comprehensive security audit as the provided 'SOURCE CODE' only contains the project's README. No actual code files (e.g., JavaScript, Python, Java) were provided to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. The score reflects the severe lack of auditable code.
Updated: 2025-12-02GitHub
0
0
Medium Cost
PawelK2012 icon
Sec8

A Go-based MCP server that provides a JSON-RPC API for executing SQL SELECT queries, prepared statements, and retrieving schema information for PostgreSQL databases.

Setup Requirements

  • ⚠️Requires Docker for a complete environment setup (PostgreSQL + pgAdmin)
  • ⚠️Requires Go development environment if not using Docker to run the server directly
  • ⚠️Requires an .env file to be configured with PostgreSQL and pgAdmin credentials
Verified SafeView Analysis
The server uses parameterized queries (`ExecPrepared`, `GetSchema`, `GetStatus`) which effectively prevents SQL injection for these operations. For `execute_query`, there is an explicit check (`internal/utils/utils.go:CheckFirstWord`) to ensure the query starts with 'SELECT', significantly mitigating risks of arbitrary DDL/DML execution. Environment variables are used for sensitive database credentials. Direct SQL execution for 'SELECT' queries still carries inherent risks, but the implemented controls greatly reduce the attack surface. No 'eval' or similar dangerous patterns are used.
Updated: 2025-11-28GitHub
PreviousPage 486 of 713Next