Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
alcides-nolasco icon

mcp-data-metadata

by alcides-nolasco

Sec9

Extracts metadata, statistics, and data samples from various file formats (CSV, Excel, JSON, Parquet) to enrich the context for language models or AI agents.

Setup Requirements

  • ⚠️Modifies user's shell configuration (`.bashrc`, `.zshrc`) to add the project to PATH.
  • ⚠️Modifies VSCode user settings (`mcp_servers.json`) for integration.
  • ⚠️Requires local file paths for data access and processing.
Verified SafeView Analysis
The server primarily uses established data processing libraries (Pandas, PyArrow) which are generally robust. No 'eval' or direct network risks were identified in the core server logic. The `start_mcp.sh` script modifies user shell configurations and VSCode settings, which is standard for setup but requires user awareness. File path handling relies on the client, so processing untrusted or malformed files could lead to library-specific issues, but not direct server RCE.
Updated: 2025-11-21GitHub
0
0
Medium Cost
sfc-gh-ncover icon

NiFi-MCP-Server

by sfc-gh-ncover

Sec9

Manages Apache NiFi flows, including monitoring, building, and configuring components, via Snowflake Openflow using Programmatic Access Tokens.

Setup Requirements

  • ⚠️Requires Snowflake Openflow base URL and Programmatic Access Token (PAT) as environment variables or via runtime tool `configure_connection()`.
  • ⚠️The recommended installation method requires `uv` (a fast Python package installer and resolver).
  • ⚠️JDBC drivers (for database processors/services) must be installed by a NiFi administrator directly on the NiFi server, not through this MCP server. This can lead to `ClassNotFoundException` if not addressed.
Verified SafeView Analysis
The server securely handles sensitive credentials (PAT tokens) by requiring them via environment variables or runtime tools, not hardcoding. It also includes explicit redaction for common sensitive fields in tool outputs. SSL verification is configurable, and the use of a standard `requests` library with retry logic is robust. No direct `eval` or obfuscation found.
Updated: 2025-12-01GitHub
0
0
Medium Cost
wenbo97 icon
Sec4

Enables AI agents to run commands in a persistent, stateful local shell session, eliminating re-initialization overhead.

Setup Requirements

  • ⚠️Requires .NET SDK and Claude CLI for setup.
  • ⚠️May require running the terminal as Administrator, posing a significant security risk.
  • ⚠️Requires careful configuration of absolute paths in the `.mcp.json` file.
  • ⚠️The persistent shell inherits environment variables (including PATH) from the terminal where the Claude CLI is launched, requiring careful pre-configuration of the environment.
Review RequiredView Analysis
The server's primary function is to execute arbitrary commands locally from an AI agent. This inherently poses a high security risk if the AI agent is not fully trusted, or if the system environment is not adequately sandboxed. The README explicitly suggests running the tool with 'Administrative Access' for certain workflows, which significantly escalates the potential impact of any malicious or erroneous command execution. This audit is limited as actual source code for internal implementation (e.g., named pipe handling, command sanitization) was not provided, but the operational model itself is a major security concern without robust external controls.
Updated: 2026-01-17GitHub
0
0
High Cost
cordlesssteve icon

token-analyzer-mcp

by cordlesssteve

Sec7

Independent verification and analysis of token consumption and context volume for Model Context Protocol (MCP) server configurations to optimize Claude Code setups.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️Requires local MCP server configurations to exist in standard locations or user-defined paths for analysis.
  • ⚠️Each MCP server configured for analysis will be spawned as a child process, involving network I/O and CPU-intensive tokenization, which can be slow and resource-heavy for multiple servers.
  • ⚠️The analysis involves executing the `command` specified in each MCP server's configuration; ensure these commands are trustworthy before running a full analysis.
Verified SafeView Analysis
The `MCPSchemaExtractor` module utilizes `child_process.spawn` to execute commands and arguments defined in local MCP configuration files (e.g., `claude_desktop_config.json`). This is fundamental to the tool's functionality, as it needs to run configured MCP servers to extract their schemas. While the analyzer itself does not introduce arbitrary command injection, it acts as an executor for locally defined server configurations. Users should ensure that their MCP configuration files do not contain malicious or untrustworthy commands, as this tool will execute them with the user's privileges.
Updated: 2025-11-23GitHub
0
0
Medium Cost
bermingham85 icon

n8n-mcp

by bermingham85

Sec1

An extension or integration for n8n, likely for managing or connecting to multi-cloud or platform services within automated workflows.

Setup Requirements

  • ⚠️Source code was not provided, preventing specific setup requirements from being identified. Assume standard n8n node development requirements and potential external API keys for connected services.
Review RequiredView Analysis
CRITICAL: No source code was provided for analysis. Therefore, a comprehensive security audit cannot be performed. The score of 1 reflects this inability to verify and potential unknown risks. It is NOT safe to run without prior code review.
Updated: 2025-12-02GitHub
0
0
Low Cost
Oscar-wu747 icon

Diana_mcp

by Oscar-wu747

Sec8

Control a Diana robotic arm via a Model Context Protocol (MCP) server, offering API tools for connection, status monitoring, and motion control.

Setup Requirements

  • ⚠️Requires a native C/C++ library (`libDianaApi.so` or `DianaApi.dll`) to be present in the `lib/` directory or specified by `DIANA_API_LIB_DIR`. Without it, robot control will not function beyond stub implementations.
  • ⚠️The `environment.yml` specifies Python 3.11.14, which should be used for optimal compatibility, although `setup.py` indicates `>=3.8`.
  • ⚠️Requires a physical Diana robot to be connected on the network for actual control functionality; otherwise, only mocked operations will succeed.
Verified SafeView Analysis
The system relies on dynamically loading a native C/C++ library (`libDianaApi.so` or `DianaApi.dll`) using `ctypes`. The security of the entire system heavily depends on the trustworthiness of this native library. Assuming the native library is from a trusted vendor and the MCP server is run in a secure local environment (via stdio), the Python code itself does not expose obvious vulnerabilities like `eval()` or unauthenticated network services beyond its intended local MCP interface. Dynamic module loading from project root (`spec.loader.exec_module`) is for internal package structure and is considered safe within this context.
Updated: 2025-12-25GitHub
0
0
Medium Cost
neokikeia-ship-it icon

mcp-flujos-server

by neokikeia-ship-it

Sec8

A backend server application built with Spring Boot, designed to manage and execute business flows or processes within a larger microservices ecosystem.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) installed (likely JDK 17+)
Verified SafeView Analysis
Standard Spring Boot application. No 'eval', obfuscation, or hardcoded secrets found in the provided truncated code. Full security assessment would require analysis of authentication, authorization, and data validation layers not fully visible.
Updated: 2025-12-13GitHub
0
0
Low Cost
recursive-reshy icon

mcp-gcal-server

by recursive-reshy

Sec8

Provides a Model Context Protocol (MCP) server exposing Google Calendar functionalities as tools for AI agents, enabling them to manage events and check availability.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with the Google Calendar API enabled.
  • ⚠️Requires a Google Service Account with appropriate Calendar permissions.
  • ⚠️Requires the 'GOOGLE_APPLICATION_CREDENTIALS' environment variable to be set, pointing to the JSON key file for the Google Service Account.
Verified SafeView Analysis
Credentials are securely loaded via the 'GOOGLE_APPLICATION_CREDENTIALS' environment variable. Input validation relies on Zod schemas, which the Model Context Protocol SDK is expected to enforce. No direct command injection or 'eval' vulnerabilities are apparent in the provided code snippets. Potential for exposing stack traces in logs during errors, but this is typical for development and should be managed by a robust logging strategy in production.
Updated: 2025-11-24GitHub
0
0
Medium Cost
shimizumasaru icon

adaptus-mcp-server

by shimizumasaru

Sec2

The Adaptus MCP server provides tools and resources for code quality analysis, technical debt scoring, design improvement proposals, and test generation for Python projects.

Setup Requirements

  • ⚠️Requires Python 3.10 or newer.
  • ⚠️Relies on specific resource and template files being present in the package structure.
  • ⚠️The `verify_patch` tool requires external build/test command-line tools to be installed and available in the server's environment.
Review RequiredView Analysis
The `verify_patch` tool uses `subprocess.call(..., shell=True)` with user-provided commands (`cmd_build`, `cmd_test`). This is a critical command injection vulnerability, allowing arbitrary code execution if an attacker can control the input to these parameters. The server also lacks explicit authentication/authorization mechanisms in its basic implementation, making it vulnerable if exposed on a network with untrusted clients.
Updated: 2025-11-23GitHub
0
0
Low Cost
Subham-CB icon

MCP_Server

by Subham-CB

Sec6

Provides a natural language interface to query a relational database by generating and executing SQL through an AI model.

Setup Requirements

  • ⚠️Requires a compatible JDBC database (e.g., PostgreSQL) with connection details (URL, username, password) configured.
  • ⚠️Requires an API key and a configured model for an AI provider compatible with Spring AI (e.g., OpenAI API Key).
  • ⚠️Requires the 'mcp.allowed.tables' property to be explicitly configured with a comma-separated list of tables accessible by the service.
Review RequiredView Analysis
The server attempts to mitigate SQL injection by whitelisting only 'SELECT' queries, explicitly banning DML/DDL statements, and validating referenced tables against an 'mcp.allowed.tables' configuration. However, a critical oversight is the lack of column-level access control; the 'allowedColumns' map is initialized but never used. This means that if the AI generates a query selecting sensitive columns from an allowed table, those columns would be exposed. The regex used for extracting table names is relatively simple and might not catch all complex SQL constructs, potentially allowing clever bypasses if the AI generates such a query. No direct 'eval' or similar patterns for arbitrary code execution were found, but the potential for unauthorized data exposure via SQL generation is a significant concern.
Updated: 2025-12-12GitHub
0
0
Low Cost
xavdp-pro icon

aj8-mcp-servers

by xavdp-pro

Sec8

Integrate SMS sending and management capabilities for an AJ8 multi-agent chatbot via the SMS Partner API.

Setup Requirements

  • ⚠️Requires `SMS_PARTNER_API_KEY` environment variable for SMS functionality (SMS Partner is a paid service).
  • ⚠️The `mcp-whatsapp` server requires Node.js and npm to run its Baileys bridge component alongside the Python MCP server.
  • ⚠️The WhatsApp integration (via Baileys) uses an unofficial API, which carries a risk of WhatsApp account suspension or ban if misused.
Verified SafeView Analysis
The `mcp-sms-partner` component correctly handles the API key via environment variables and uses HTTPS for communication with the SMS Partner API, posing minimal direct security risks. The `mcp-whatsapp` component, while not the primary focus of the initial prompt, uses an unofficial WhatsApp Web API (Baileys), which inherently carries an operational risk of account suspension/ban. Both servers avoid 'eval' or other direct code injection vulnerabilities. Downloaded media files in `mcp-whatsapp` are stored locally; while the `baileys` bridge exposes a `/downloads` endpoint, it's typically intended for localhost access, mitigating direct public exposure risks.
Updated: 2025-12-14GitHub
0
0
Medium Cost
GloriaAmarilla icon

poly-k8s-mcp

by GloriaAmarilla

Sec6

Provides an MCP (Model Context Protocol) server to enable AI assistants and other clients to manage Kubernetes clusters using kubectl, Helm, and Kustomize CLI tools.

Setup Requirements

  • ⚠️Requires Deno runtime (v2.0+) to be installed.
  • ⚠️Requires kubectl, Helm (optional), and Kustomize (optional) CLIs to be installed and accessible in the system's PATH.
  • ⚠️Operates with the Kubernetes cluster credentials of the user running the server; careful kubeconfig and RBAC configuration is critical to limit the scope of actions possible through the MCP server.
Verified SafeView Analysis
The server explicitly requires Deno's `--allow-run` permission to execute external CLI commands (kubectl, helm, kustomize). This means an MCP client (e.g., an AI assistant) can perform any action that the user running the server can, using their configured kubeconfig and credentials. There are no additional authentication layers between the MCP client and the underlying CLIs. The README explicitly warns that the security boundary is the local kubectl/helm/kustomize configuration. While there are no hardcoded secrets, 'eval' usage, or obvious malicious patterns in the provided source code, the inherent functionality grants significant control over Kubernetes clusters. Users must ensure proper RBAC is configured for the kubeconfig used by the server. The `--allow-net` permission is also granted, which could allow arbitrary network requests, although the provided code mainly focuses on spawning local CLI processes.
Updated: 2026-01-19GitHub
PreviousPage 487 of 713Next