Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
entro314-labs icon
Sec9

Generates a comprehensive set of web app icons, PWA manifest, and HTML integration snippets from a single source image, with framework auto-detection and MCP server capabilities.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️Needs a source image (SVG, PNG, or JPG), or 'app-icon.svg'/'app-icon.png' in the project root for auto-detection.
  • ⚠️Requires manual configuration in Claude Desktop's `claude_desktop_config.json` for MCP server usage, unless using the `.mcpb` extension.
Verified SafeView Analysis
The server uses file system operations (read/write) for icon generation and HTML modification, which is inherent to its functionality. Input validation for image paths and other arguments is handled. `child_process.spawn` is used internally to start the MCP server itself, not to execute arbitrary user input. The SVG monochrome conversion performs string replacements on specific attributes, which is generally safer than full SVG parsing/mutation. No hardcoded secrets or direct network access by the core logic were found. Risks are primarily associated with processing potentially malicious image files (e.g., malformed images causing crashes in `sharp`).
Updated: 2025-11-23GitHub
0
0
High Cost
Dazlarus icon
Sec7

Enables autonomous coding agents to escalate complex questions to the ChatGPT Desktop app via native UI automation on Windows.

Setup Requirements

  • ⚠️Windows 10/11 Only (macOS/Linux not supported)
  • ⚠️Requires ChatGPT Desktop app (Microsoft Store version) to be installed
  • ⚠️Requires Python 3.10+ with specific packages: `pywinauto`, `pyperclip`, `paddleocr`, `paddlepaddle`
  • ⚠️Automation controls the ChatGPT window; do not interact with it during escalations
Verified SafeView Analysis
The project demonstrates efforts to mitigate command injection (explicit `shell: false`, path validation for Python driver) and file permission issues (setting `0o700` for config directory). However, UI automation inherently carries risks if the target application's UI changes unexpectedly, leading to unintended actions. The provided `CODE_REVIEW.md` also suggests potential deeper 'process injection' risks and 'insufficient input validation' which could indicate unresolved vulnerabilities despite visible fixes for common attack vectors. The reliance on a local Python environment means a compromised Python installation could impact the system.
Updated: 2025-12-02GitHub
0
0
Medium Cost
Bin4yi icon
Sec9

An AI-powered pet care chatbot system integrating a secure Model Context Protocol (MCP) server with an intelligent LangGraph agent, using Asgardeo for authentication.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires an Asgardeo account and manual application setup (including specific redirect URLs: `http://localhost:8080/callback` for agent, `http://localhost:6274/oauth/callback` for MCP Inspector).
  • ⚠️Requires an OpenAI API Key (OpenAI is a paid service).
  • ⚠️Authentication requires user interaction to open a browser and log in to Asgardeo.
Verified SafeView Analysis
The server implements robust OAuth2/OIDC authentication using Asgardeo, including JWT token validation against a JWKS endpoint and PKCE for the agent. Environment variables are correctly used for sensitive credentials. A minor potential risk exists in `jwt_validator.py` where `ssl_verify` can be set to `False` for development, which should be explicitly set to `True` for production deployments. The `json.loads` in `suggest_pet_names` has basic cleaning and error handling, making it relatively safe.
Updated: 2025-12-02GitHub
0
0
Low Cost
fr0ster icon
Sec8

Proxies local MCP requests from SAP ABAP ADT clients to remote MCP servers, adding JWT authentication via service keys.

Setup Requirements

  • ⚠️Requires creating and securely managing JSON service key files (<destination>.json) in specific platform-dependent directories (e.g., ~/.config/mcp-abap-adt/service-keys/).
  • ⚠️Requires Node.js >= 18.0.0 and npm >= 9.0.0.
  • ⚠️For ABAP destinations, an OAuth2 browser flow might be triggered, requiring a browser to open on a specific 'redirectPort' (default 3001, configurable via --browser-auth-port or MCP_BROWSER_AUTH_PORT).
Verified SafeView Analysis
The server's design relies heavily on securely managed external service keys for authentication. Sensitive data (tokens, passwords, secrets) are redacted from logs. It defaults to in-memory session storage, with file-based persistence available via an explicit '--unsafe' flag. TLS certificate validation can be disabled via 'NODE_TLS_REJECT_UNAUTHORIZED=0', which poses a security risk if used in production.
Updated: 2025-12-31GitHub
0
0
Low Cost
admannon icon

mcp-wrapper

by admannon

Sec8

Acts as an MCP server wrapper to prefix tool names from multiple underlying MCP servers, preventing naming collisions.

Setup Requirements

  • ⚠️Requires a valid WrapperConfig (name, version, servers) supplied via file, inline JSON, or environment variable.
  • ⚠️Requires at least one underlying MCP server (stdio-based via 'command' or HTTP-based via 'url') to wrap.
  • ⚠️Requires Node.js version 18 or higher.
Verified SafeView Analysis
The wrapper itself does not contain obvious malicious patterns or direct 'eval' usage. However, it is designed to execute arbitrary commands ('command' field) or connect to arbitrary URLs ('url' field) as defined in its 'WrapperConfig'. This means the security posture is heavily reliant on the trustworthiness of the provided configuration. If an attacker can manipulate the 'mcp-wrapper.json' file or the 'MCP_WRAPPER_CONFIG' environment variable, they could achieve arbitrary code execution or initiate malicious network requests. The tool does not perform dynamic code execution based on *runtime* untrusted input to its own API, mitigating some risks. Server names are validated against the separator and for uniqueness, but 'command' and 'url' values are executed/connected as configured.
Updated: 2025-12-06GitHub
0
0
Low Cost
NjugunaKelvin icon

mcp-server

by NjugunaKelvin

Sec2

Provides a command-line interface (CLI) based server built with a Python SDK, likely for a custom 'mcp' protocol or service.

Setup Requirements

  • ⚠️Requires Python installed
Review RequiredView Analysis
Security audit is critically incomplete as only the README.md was provided; no actual server source code was available for analysis. Cannot confirm absence of 'eval', hardcoded secrets, network vulnerabilities, or malicious patterns without the full codebase. Therefore, it is impossible to deem this safe without further code access.
Updated: 2025-11-27GitHub
0
0
Low Cost
aayush-dutta icon

health-mcp

by aayush-dutta

Sec9

Aggregates health and wellness data from sources like Oura Ring to provide insights and summaries via an MCP server.

Setup Requirements

  • ⚠️Requires obtaining Oura Developer credentials (Client ID and Secret) by creating an application on Oura's Dev Dashboard.
  • ⚠️Requires installation of Claude Desktop and manual configuration of its 'claude_desktop_config.json' file.
  • ⚠️Requires Python 3.14 or newer, and global installation of 'uv' for Python project management.
  • ⚠️The 'uv' command path in the Claude Desktop configuration needs to be an absolute path to the 'uv' executable.
Verified SafeView Analysis
The server uses environment variables for Oura API credentials and implements OAuth2 for authentication, including state validation and token refresh. OAuth tokens are stored locally in 'oura_token.json'. A local FastAPI server runs on 'localhost:8080' for the OAuth callback. No 'eval' or other obvious malicious code patterns were found. The local storage of the token is standard for a client-side OAuth flow.
Updated: 2025-12-14GitHub
0
0
Medium Cost
yuxi-TJU icon

CoChem-Agents

by yuxi-TJU

Sec8

Provides programmatic access to the PubChem database for chemical information retrieval and analysis.

Setup Requirements

  • ⚠️Requires Python 3.8+
  • ⚠️Requires internet access to query PubChem API
Verified SafeView Analysis
The server relies on `pubchempy` for interaction with the PubChem API. No direct use of `eval` or user-controlled shell commands. The `tool_get_bioassays`, `tool_find_similar`, and `tool_get_patents` methods are placeholders, reducing immediate network exposure. Potential risks include resource exhaustion from very large or malformed queries passed to `pubchempy`, which could cause denial-of-service, though `pubchempy` and the PubChem API generally handle this. When run in TCP mode, ensure proper network firewalling.
Updated: 2025-12-10GitHub
0
0
Low Cost
mudassar-awan icon

test-remote-mcp-server

by mudassar-awan

Sec9

This server provides a set of simple mathematical and random number generation tools accessible via the FastMCP protocol.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer, which might not be commonly installed as it's still in pre-release stages.
  • ⚠️Requires 'fastmcp' dependency to be installed.
Verified SafeView Analysis
The server's code is simple and does not use inherently dangerous functions like 'eval'. It exposes basic arithmetic and random number generation. Binding to '0.0.0.0' means it listens on all interfaces, which is standard for a server but requires appropriate network configuration (e.g., firewall) if not intended for public exposure. No hardcoded secrets or complex input processing that could lead to injection are present.
Updated: 2025-11-22GitHub
0
0
Low Cost
areeba-awan icon

Gemini-CLI-Mcp-Server

by areeba-awan

Sec10

This file serves as a personal biography or author description within the context of the larger Gemini-CLI-Mcp-Server project, providing information about a Web and AI Developer.

Verified SafeView Analysis
The provided source code consists solely of a markdown file (`Areebaawan.md`) containing a personal biography. No executable server code is available for security analysis. Consequently, no security risks such as 'eval', obfuscation, network vulnerabilities, hardcoded secrets, or malicious patterns could be identified within the given snippet.
Updated: 2025-12-03GitHub
0
0
Medium Cost
stex2005 icon
Sec8

This server processes videos, RTSP streams, and images using OpenAI's GPT-4.1 Vision models to generate summaries, perform custom analyses, and count specific objects.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid)
  • ⚠️Requires Python 3.10+
  • ⚠️OpenCV-Python installation can have system-specific dependencies (e.g., build tools, ffmpeg libs) depending on OS.
Verified SafeView Analysis
The server uses environment variables for the OpenAI API key, which is good practice. No 'eval' or direct execution of arbitrary shell commands from user input was found. File path arguments (video_path, image_path) are local paths, meaning the server expects these files to be pre-existing. While the code does not perform explicit sanitization against path traversal for these arguments, the server operates on a local file system, and general best practice would be to ensure client-provided paths are restricted to safe directories. RTSP URLs have basic format validation. The system relies on well-maintained libraries (OpenCV, OpenAI).
Updated: 2025-12-01GitHub
0
0
Low Cost
a-pogany icon

librarian-mcp

by a-pogany

Sec8

An enterprise-grade documentation search system that makes technical documentation accessible to LLMs and humans through an MCP (Model Context Protocol) server with advanced Retrieval Augmented Generation (RAG) capabilities.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires approximately 2GB RAM and 2GB disk space for RAG features and model storage (initial download of ~1.4GB models).
  • ⚠️If using the Node.js Agent Layer for Web UI, Node.js 18+ and npm are required.
  • ⚠️If LLM query rewriting is enabled (via `AGENT_USE_LLM=true` in agent_layer/.env), an OpenAI API Key (paid) or a locally running Ollama server will be required, depending on `LLM_PROVIDER`.
Verified SafeView Analysis
The system generally follows good security practices by running on localhost by default and loading sensitive API keys (OpenAI) from environment variables. There is no direct evidence of 'eval' or other highly dangerous functions being used without justification. File operations are confined to a configurable 'docs_root'. Potential risks include: - The Node.js agent layer uses `app.use(cors())` without explicit origin configuration, which defaults to allowing all origins. While the server defaults to localhost, if deployed publicly without proper CORS configuration, this could expose the API to cross-site request forgery (CSRF) or data exfiltration. - If LLM query rewriting (via OpenAI/Ollama) is enabled and configured with an external provider like OpenAI, user queries may be sent to a third-party LLM service. This is an inherent privacy consideration for RAG systems, but the option to use a local Ollama server or disable rewriting mitigates this. Users should be aware of data handling policies if using external LLMs. - The system indexes files from a `docs_root` path. If this path contains highly sensitive information and the server were compromised or exposed via an unforeseen vulnerability (not evident in the provided code), it could lead to information disclosure.
Updated: 2026-01-11GitHub
PreviousPage 489 of 713Next