Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Akungapaul icon

wp-design-mcp

by Akungapaul

Sec1

Manages WordPress custom CSS and color palette settings via an MCP server interface.

Setup Requirements

  • ⚠ī¸Requires a running WordPress instance reachable by the server.
  • ⚠ī¸Requires a WordPress Application Password for REST API authentication.
  • ⚠ī¸If WP-CLI features (e.g., color palette updates) are enabled, WP-CLI must be installed on the target WordPress server, and SSH access correctly configured (SSH host, user, key path) if remote execution is desired. This also introduces a critical command injection vulnerability if not used with extreme caution.
  • ⚠ī¸The 'update_color_palette' function, if enabled, is a severe command injection vulnerability if user-provided input is not rigorously sanitized, making it unsafe to expose to untrusted users.
Review RequiredView Analysis
The 'update_color_palette' tool uses WP-CLI to set theme modifications via `cliClient.exec`. The command is constructed using user-provided 'key' and 'value' strings directly injected into a shell command (`theme mod set ${key} "${value}"`). This is highly vulnerable to command injection, as malicious input in 'key' or 'value' could allow arbitrary code execution on the server where WP-CLI is run. For example, a 'key' like `foo"; rm -rf /; #` would execute `rm -rf /` on the host. This constitutes a critical security risk.
Updated: 2025-11-28GitHub→
0
0
Low Cost
JemiloII icon

mcp-server

by JemiloII

Sec4

An MCP server providing AI-powered tools for the game Umamusume Pretty Derby, assisting Claude AI with champion meeting information, rating calculations, and stamina validation.

Setup Requirements

  • ⚠ī¸Requires Node.js >= 24.0.0 and pnpm for development and execution.
  • ⚠ī¸Requires GOOGLE_API_KEY and SPREADSHEET_ID environment variables for the Rating Calculator's auto-update feature to function correctly.
  • ⚠ī¸Connecting to Claude Web necessitates external HTTPS exposure setup (e.g., Cloudflare Tunnel, ngrok) with a valid SSL certificate on ports 80/443.
Review RequiredView Analysis
The server auto-updates its critical data files (`umamusume_rating_calculator.xlsx`) by downloading them from a Google Sheet via the Google Sheets API. These downloaded XLSX files are then processed locally using `xlsx-calc`, a library that executes formulas within the spreadsheet. This introduces a significant supply chain security risk: if the configured Google Sheet (identified by `SPREADSHEET_ID`) were compromised, a malicious spreadsheet could be introduced, potentially leading to arbitrary formula execution or other exploits via `xlsx-calc`, thereby compromising the server. Additionally, sensitive `GOOGLE_API_KEY` and `SPREADSHEET_ID` are required environment variables, which, if exposed, could facilitate unauthorized access or manipulation of the data source.
Updated: 2025-12-05GitHub→
0
0
Medium Cost
jiahuidegit icon

office-mcp-server

by jiahuidegit

Sec3

This server enables AI agents to generate professional Word and Excel documents with various themes and embed Mermaid diagrams.

Setup Requirements

  • ⚠ī¸Requires Node.js 18+ runtime environment.
  • ⚠ī¸Requires internet access for Mermaid diagram rendering via kroki.io.
  • ⚠ī¸Generated documents using custom fonts (e.g., 'æ–šæ­Ŗ小标压įŽ€äŊ“') may not render correctly without these fonts installed on the viewing system. The server itself does not bundle or embed these fonts.
  • ⚠ī¸The `OUTPUT_DIR` environment variable is recommended to restrict output paths, but is not enforced by the tools' internal logic. Ensure the calling AI environment or user input strictly controls the `outputPath` argument to prevent arbitrary file writes.
Review RequiredView Analysis
The server's `word_create` and `excel_create` tools accept an `outputPath` argument directly from AI input. This allows writing files to arbitrary locations on the host system where the Node.js process has write permissions. An adversarial AI or prompt injection could exploit this to perform path traversal and write to sensitive system files (e.g., `/etc/passwd`, executable paths), leading to severe arbitrary file write vulnerabilities. While `OUTPUT_DIR` can be set via environment variables, the tool's internal logic does not enforce this restriction on the `outputPath` parameter, making it dependent on the calling environment's (AI client) sanitization or sandboxing, which is not guaranteed. Additionally, Mermaid diagram generation relies on an external service (kroki.io), which introduces a dependency on a third-party API and sends diagram code externally, posing a potential data privacy risk for sensitive diagram content.
Updated: 2026-01-18GitHub→
0
0
Low Cost
sharmaratnesh icon
Sec9

Provides a Model Context Protocol (MCP) server exposing tools for AI-assisted development workflows, designed for integration with clients like Cline.

Setup Requirements

  • ⚠ī¸Requires Python 3.8 or higher
  • ⚠ī¸Relies on the `fastmcp` Python library
Verified SafeView Analysis
The server's source code is simple, exposing only well-defined functions for greeting, calculation, and server information. It uses the FastMCP library to handle the protocol, which is designed for secure communication within an AI assistant context. There are no direct uses of eval(), exec(), os.system(), or other high-risk functions, nor any hardcoded sensitive information. The code appears safe given its intended use.
Updated: 2025-11-28GitHub→
0
0
Low Cost
CyprianFusi icon

mcpserver_example

by CyprianFusi

Sec9

Provides an MCP (Mathematical Computation Protocol) server exposing a simple integer addition function as a tool.

Setup Requirements

  • ⚠ī¸Requires Python 3.13 or higher.
  • ⚠ī¸Depends on the 'mcp' framework.
  • ⚠ī¸Primarily designed for integration with 'claude_desktop_config.json', suggesting a specific ecosystem dependency.
Verified SafeView Analysis
The server code is minimal, implementing only a basic integer addition function. No direct security risks like `eval`, `exec`, or network-related vulnerabilities were found within the provided source. Security largely depends on the underlying 'mcp' framework and the deployment environment.
Updated: 2025-11-29GitHub→
0
0
Low Cost
MahoneyContextProtocol icon

thermo-mcp-server

by MahoneyContextProtocol

Sec9

A minimal Model Context Protocol (MCP) server for managing and monitoring temperature data from external sources or scripts.

Setup Requirements

  • ⚠ī¸Requires Python 3 and its dependencies (FastMCP, etc.) installed via requirements.txt.
  • ⚠ī¸A virtual environment is recommended for dependency management.
  • ⚠ī¸Requires manual creation of the 'data' directory and an initial 'latest_temp.json' file before first run.
Verified SafeView Analysis
The server primarily performs local file I/O operations on a designated JSON file (`data/latest_temp.json`), whose path can be configured via an environment variable. There is no usage of 'eval' or similar dangerous functions. Input validation for `set_latest_temperature` relies on Python's type hints and JSON serialization, which is generally safe for its scope. No hardcoded secrets or explicit external network calls (beyond the MCP client connection) are present. The primary risk would be if the `THERMO_DATA_PATH` environment variable could be manipulated by a malicious actor to point to an arbitrary file location, but within the intended use as a local development/agent server, this is a low concern.
Updated: 2025-12-06GitHub→
0
0
Low Cost
engelkes-finstreet icon

context-forge-mcp

by engelkes-finstreet

Sec5

A Model Context Protocol (MCP) server for AI assistants to interact with finstreet/ui components by providing tools to fetch component stories, demo code, and installation guides, and manage tasks and subtasks.

Setup Requirements

  • ⚠ī¸Requires Docker for the recommended setup.
  • ⚠ī¸A GitHub Token is required in the `.env` file for accessing component data from GitHub. The `CLAUDE.md` warns about a potential hardcoding of this token in `src/utils/api.ts`, which needs verification.
  • ⚠ī¸Requires a PostgreSQL database instance for persistence, configured via `DATABASE_URL` in `.env`.
Review RequiredView Analysis
The project uses Zod for input validation, which is good for preventing injection vulnerabilities. Sensitive data like `GITHUB_TOKEN` is intended to be loaded from environment variables (`process.env.GITHUB_TOKEN` in `src/constants.ts`). However, the `CLAUDE.md` file explicitly states, "The GitHub token is currently hardcoded in `src/utils/api.ts` - should be moved to environment variable." Since the full `src/utils/api.ts` file (which is indicated as handling GitHub API integration) is not provided, this critical warning must be taken seriously, as hardcoding a GitHub token is a significant security risk. CORS is enabled globally without specific origin restrictions, which could be a minor risk in some deployment scenarios but might be acceptable for an internal/localhost-exposed server. The database interactions use Prisma and are abstracted, reducing direct SQL injection risks.
Updated: 2025-12-02GitHub→
0
0
Medium Cost
GHjiejie icon

git-mcp-server

by GHjiejie

Sec2

This server provides a Model Context Protocol (MCP) interface for executing Git operations and generating AI-powered weekly reports using a local Ollama instance.

Setup Requirements

  • ⚠ī¸Requires Ollama to be installed and running locally on http://localhost:11434.
  • ⚠ī¸Requires pulling a specific Ollama model (e.g., deepseek-r1:1.5b or deepseek-r1:7b).
  • ⚠ī¸Requires manual configuration in Claude Desktop's `claude_desktop_config.json` file.
Review RequiredView Analysis
The server uses `child_process.exec` to execute Git commands. Several handlers, such as `handleGitAdd`, `handleGitBranch`, and `handleGitRemote`, directly concatenate user-provided arguments (`files`, `branchName`, `name`, `url`) into shell commands without sufficient sanitization. This presents a critical shell injection vulnerability, allowing an attacker to execute arbitrary commands on the host system by crafting malicious input arguments. While `git_commit` attempts basic escaping for the message, it's not comprehensive enough for all shell contexts, and other commands lack even this basic protection. The `directory` argument is also directly used as `cwd`, which could be exploited in conjunction with injection to target specific paths.
Updated: 2025-11-30GitHub→
0
0
Medium Cost
divvi-xyz icon

divvi-mcp-server

by divvi-xyz

Sec8

Enables AI assistants to automatically integrate the Divvi referral SDK into JavaScript/TypeScript blockchain applications.

Setup Requirements

  • ⚠ī¸Requires Node.js 22+
  • ⚠ī¸Requires an MCP-compatible AI assistant (e.g., Claude Desktop, Cursor)
  • ⚠ī¸User must provide a 'consumerAddress' for Divvi dapp wallet.
Verified SafeView Analysis
The server itself is primarily an instruction provider for AI agents via the Model Context Protocol (MCP). It uses standard libraries (fastmcp, zod) and does not contain obvious vulnerabilities like direct `eval` of user input or hardcoded secrets in the main runtime. Shelljs `exec` is used in testing/example scripts, not the main server. The primary security consideration shifts to the AI assistant's interpretation and execution of the provided instructions, specifically when it's directed to read external documentation and modify a codebase. However, the server itself's code is robust for its intended function.
Updated: 2026-01-19GitHub→
0
0
Medium Cost
itsgrimetime icon

decomp-me-mcp

by itsgrimetime

Sec8

An MCP server that enables AI assistants to interact with the decomp.me API for video game decompilation projects.

Setup Requirements

  • ⚠ī¸Requires Python 3.10 or higher.
  • ⚠ī¸Manual configuration of Claude Desktop's `claude_desktop_config.json` is necessary, pointing to the virtual environment's Python executable.
  • ⚠ī¸Interaction with the public decomp.me API might require a `CF_CLEARANCE` cookie via an environment variable, depending on Cloudflare settings.
Verified SafeView Analysis
The server primarily interacts with the decomp.me API and manages local state files. No direct 'eval' or malicious code execution patterns are evident. File I/O for claims, scratch tokens, completed functions, and cookies uses a temporary directory by default, which is configurable via environment variables. File locking is used for concurrency with local state files. The `decomp_search_context` tool uses regular expressions (`re.compile`) where the `pattern` parameter comes from user input, which could theoretically be susceptible to ReDoS if an extremely complex and untrusted pattern is provided, but this is mediated by the AI assistant. `DECOMP_API_BASE` is configurable via an environment variable, which, if misconfigured to a malicious endpoint, could lead to unintended data exchange.
Updated: 2025-12-26GitHub→
0
0
Medium Cost
syphrpunk icon

-mcp

by syphrpunk

Sec2

A Model Context Protocol server for executing any Open Source tool via `pkgx` within a sandboxed environment on macOS, or unsandboxed on Linux.

Setup Requirements

  • ⚠ī¸No robust sandboxing for Linux, leading to full file system read/write access for executed commands.
  • ⚠ī¸Requires Node.js 20+ and `ts-node` to be available in the execution environment, even if `pkgx` is capable of downloading other tools.
Review RequiredView Analysis
The server explicitly states it is a 'dangerous tool' that allows AI to read almost any file on the user's computer. While it implements macOS-specific sandboxing to prevent arbitrary file writes (except to /tmp, /var, /private), it does not restrict file reads (except ~/.ssh, ~/.aws). Crucially, there is no sandboxing implemented for Linux, making it highly vulnerable to arbitrary command execution with full file system access on that platform. Execution of arbitrary commands (via `execSync` and `spawn`) based on AI input is a severe risk, despite attempts to parse command lines and prevent root execution.
Updated: 2026-01-18GitHub→
0
0
Medium Cost
nityeshaga icon
Sec8

Provides an MCP server to enable AI agents (like Claude Code) to interact with Google Docs, Sheets, Drive, Gmail, and Calendar APIs for reading, creating, editing, and managing data.

Setup Requirements

  • ⚠ī¸Requires a Google Cloud Project, with specific APIs (Docs, Sheets, Drive, Gmail, Calendar) enabled.
  • ⚠ī¸Requires manual configuration of an OAuth Consent Screen, which can be 'External' and require adding test users.
  • ⚠ī¸Requires obtaining a Google Refresh Token manually via the Google OAuth 2.0 Playground, which is a multi-step process.
  • ⚠ī¸Requires Node.js version 18 or higher.
Verified SafeView Analysis
The server relies on environment variables for Google OAuth credentials (client ID, client secret, refresh token), which is a good security practice. It interacts with Google APIs using the official `googleapis` library. Temporary files are created locally for handling attachments and exported Google Workspace documents, with unique filenames to mitigate simple overwrite risks. Input schemas are defined using Zod, offering validation. No 'eval' or obvious obfuscation found. The primary security consideration lies in the sensitive nature of the Google API access and the potential for an agent to misuse granted permissions if not carefully constrained by the orchestrating system.
Updated: 2026-01-17GitHub→
PreviousPage 488 of 713Next