Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
ravi-edutech icon

mcp-ai-weather-server

by ravi-edutech

Sec9

Provides current weather alerts and detailed forecasts by integrating with the National Weather Service (NWS) API, designed to extend the capabilities of an AI agent through the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Only supports US locations for weather forecasts (NWS API limitation)
Verified SafeView Analysis
The server securely interfaces with the official National Weather Service (NWS) API using standard HTTP requests and a specific User-Agent. Input parameters for tools (state, latitude, longitude) are strictly validated using Zod, effectively preventing common injection attacks and ensuring data integrity. There are no hardcoded secrets, 'eval' statements, or other obvious malicious patterns found in the source code. Error handling for NWS API requests is implemented with try-catch blocks, and informative messages are returned on failure. The scope is limited to a well-known public API, reducing the external attack surface.
Updated: 2025-12-03GitHub
0
0
Low Cost
shawaizshabbir icon
Sec7

Provides a unified multi-cloud data management gateway for secure cross-source data access and AI-driven data operations.

Setup Requirements

  • ⚠️Requires Alibaba Cloud Access Key ID (ALIBABA_CLOUD_ACCESS_KEY_ID)
  • ⚠️Requires Alibaba Cloud Access Key Secret (ALIBABA_CLOUD_ACCESS_KEY_SECRET)
  • ⚠️Requires Python 3.12 or newer
  • ⚠️Requires `uv` for running as per client configuration example (though it can be run via python directly)
Verified SafeView Analysis
The `executeScript` tool allows the execution of arbitrary SQL scripts, which poses a significant risk if the input `script` is not strictly controlled and validated by the caller (e.g., an upstream AI agent). While Alibaba Cloud DMS is an abstraction layer and credentials are handled via environment variables, direct execution of unvalidated SQL can lead to data manipulation or loss if misused. Input validation is present for some parameters but the core SQL script itself is passed directly.
Updated: 2025-12-15GitHub
0
0
Medium Cost
JamesANZ icon

evm-mcp

by JamesANZ

Sec8

Provides comprehensive access to Ethereum Virtual Machine (EVM) JSON-RPC methods for AI coding environments, enabling querying of any EVM-compatible network through various node providers.

Setup Requirements

  • ⚠️Requires Node.js 18+ and npm to be installed.
  • ⚠️The `RPC_URL` environment variable is mandatory and must be explicitly set to a valid EVM node endpoint (e.g., Infura, Alchemy, or local node) for the server to operate. The server will exit if this is not configured.
  • ⚠️For Claude Desktop integration, an additional configuration step (manual or via `npm run configure-claude`) is necessary after installation to embed the `RPC_URL` and `CHAIN_ID` environment variables into Claude's settings.
Verified SafeView Analysis
The server functions as an RPC proxy, forwarding requests to a user-configured EVM node. It does not handle private keys; transaction submission requires pre-signed transaction data. RPC endpoints (RPC_URL, CHAIN_ID) are configured via environment variables, preventing hardcoded secrets. The `postinstall` script automatically modifies Claude Desktop's configuration file (`claude_desktop_config.json`) for seamless integration, which is a privileged file system operation but is documented and expected for its intended purpose. No direct 'eval' or malicious patterns were identified in the core logic beyond standard library usage.
Updated: 2025-12-10GitHub
0
0
Low Cost
abahgat icon

timcp

by abahgat

Sec8

Provides an MCP server to calculate flight emissions using the Google Travel Impact Model API for AI assistants and reporting.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher
  • ⚠️Requires a Google Travel Impact Model API key (usage may incur costs)
  • ⚠️Docker is recommended for easier setup
Verified SafeView Analysis
The server correctly uses environment variables for the Google Travel Impact Model API key. It documents security considerations for production, such as restricting CORS origins and using HTTPS, which is a good practice. The API key is passed as a URL query parameter to the Google API, which is a method Google uses for authentication but is less ideal than header-based authentication. No 'eval' or other dynamic code execution is present, and error handling is structured, preventing raw traceback leakage.
Updated: 2026-01-18GitHub
0
0
High Cost
thoreinstein icon

claude-code

by thoreinstein

Sec9

An AI-powered system designed to assist software developers and SREs with various engineering tasks through specialized agents.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for LLM classification/summarization.
  • ⚠️Requires `overmind` and `Procfile.dev` for local service orchestration.
  • ⚠️Requires a running Redis server and Supabase (PostgreSQL) instance.
  • ⚠️Stripe webhooks need local forwarding for billing functionality (e.g., `stripe listen`).
  • ⚠️Go 1.23+ and Node.js/npm are required for backend and frontend development, respectively. Python dependencies must use virtual environments.
Verified SafeView Analysis
The source code itself does not contain 'eval', obfuscation, hardcoded secrets, or malicious patterns. Instead, it includes extensive guidance and dedicated agents (`entsec-engineer`, `devops-engineer`, `terraform-engineer`, `github-actions-engineer`) that emphasize strong security practices, such as avoiding hardcoded secrets, using least-privilege permissions, secure input handling, and regular security reviews. The `CLAUDE.md` also explicitly reinforces critical security best practices. The allowed Bash commands in `settings.json` are generally safe for a development environment. The inherent risk of code generation is present, but the system's design principles are highly security-conscious.
Updated: 2025-12-10GitHub
0
0
Medium Cost
fabio-pardo icon

mxp-mcp-server

by fabio-pardo

Sec8

The MCP Server bridges Virgin Voyages' MXP system data and functionality to AI assistants via the Model Context Protocol (MCP) and to traditional applications via a REST API, enabling LLM-powered data access and integration.

Setup Requirements

  • ⚠️Requires access to an external Virgin Voyages MXP system (via HTTP endpoint).
  • ⚠️Requires access to an external Microsoft SQL Server database.
  • ⚠️Utilizes Google Cloud Vertex AI for RAG, requiring a configured project and corpus (and associated billing).
  • ⚠️Requires Python 3.12+.
Verified SafeView Analysis
The server uses environment variables for all sensitive credentials (MXP and database). SQL queries from the LLM-exposed `execute_read_only_query` tool are intended to be parameterized, which helps prevent SQL injection, though a poorly instructed LLM could theoretically bypass this if it embeds values directly into the query string. The prompt template `sql_query_from_natural_language` explicitly guides the LLM to generate read-only SQL and use parameterized calls, acting as a safeguard. The REST API has open CORS (`allow_origins='*'`) which is acceptable for development/testing but should be restricted in production environments. Communication with the MXP backend uses HTTP Basic Authentication, which requires HTTPS for secure transport in production. Overall, it follows good security practices for credential management and SQL interaction, with appropriate cautions for deployment.
Updated: 2025-11-19GitHub
0
0
Low Cost
luw2007 icon

skim-mcp-server

by luw2007

Sec9

Optimizes LLM context windows by intelligently compressing code for AI coding assistants like Claude Code, enabling analysis of larger projects.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️Relies on the external 'skim' Rust CLI binary; automatic installation is attempted during 'npm install', but manual installation (npm or cargo) may be required if it fails.
  • ⚠️Requires specific configuration in the client (e.g., Claude Code's config.json) to register the MCP server as a tool.
  • ⚠️Path validation restricts file operations to explicitly allowed base paths, which must be configured via the `SKIM_ALLOWED_PATHS` environment variable (defaults to the current working directory).
Verified SafeView Analysis
The server demonstrates strong security practices. It implements robust path validation (blocking traversal, enforcing absolute paths, symlink resolution), input sanitization (maximum size and null byte detection), and command injection prevention (using `spawn` with `shell: false` and whitelisting arguments passed to the external `skim` CLI). There is no 'eval' or code obfuscation, and no hardcoded secrets were found. The primary communication mechanism is via standard I/O, which inherently limits network attack surface for the server itself. While it relies on an external `skim` binary, the interaction is securely managed.
Updated: 2025-12-17GitHub
0
0
Medium Cost
marcelkurvers icon

local-testing-agent

by marcelkurvers

Sec3

Automates multi-language test discovery, planning, and execution for AI assistants across Python, JavaScript/TypeScript, Go, Rust, Java, and Ruby projects.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires manual installation of language-specific test frameworks (e.g., `npm install -g jest`, `gem install rspec`, `mvn`/`gradle` for Java toolchains) which are not handled by `pip install -r requirements.txt`.
  • ⚠️Assumes Go and Rust toolchains are pre-installed for respective language support.
Review RequiredView Analysis
The server extensively uses `subprocess.run` and `subprocess.Popen` with `shell=True` to execute language-specific test commands. This introduces a significant command injection risk. While `project_root` is passed as `cwd`, the `detect_test_frameworks` function reads external project configuration files (like `package.json` or `Gemfile`) to derive test commands. If a malicious `project_root` contains specially crafted configuration files with harmful test scripts, these could be executed due to the `shell=True` flag, leading to arbitrary code execution on the host system. This makes the server vulnerable to untrusted input.
Updated: 2025-12-12GitHub
0
0
Medium Cost
suvires icon
Sec2

The server acts as a multi-tenant Model Context Protocol (MCP) gateway, exposing Moodle API functionalities as tools for integration with AI agents or other services.

Setup Requirements

  • ⚠️Requires a pre-configured Moodle instance with enabled web services and a valid Moodle user token for each tenant.
  • ⚠️Requires setting up multiple environment variables for each tenant, specifically `TENANTx_MOODLEURL` and `TENANTx_MOODLETOKEN`.
  • ⚠️The multi-tenant configuration is hardcoded in the source file (`src/index.ts`), requiring code changes and redeployment to add or modify tenants.
Review RequiredView Analysis
The server has critical security vulnerabilities. Moodle API tokens are included directly as query parameters (`wstoken`) in the URL for all Moodle API calls, which means they are highly susceptible to leakage through server logs, proxy logs, and network interception, even over HTTPS. Additionally, default API keys ('key_demo_1', 'key_demo_2') are hardcoded, potentially leading to predictable authentication in misconfigured environments. API keys are also passed in the URL path, which is not ideal for sensitive information.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Polaralias icon

Skills-MCP-Server

by Polaralias

Sec7

A server that exposes a collection of markdown-based skills as Model Context Protocol (MCP) prompts and resources, enabling LLMs to access specialized knowledge and workflows.

Setup Requirements

  • ⚠️Requires Node.js runtime (version >=18).
  • ⚠️Skill content (manifests, prompts, resources) must be correctly structured within the specified ROOT_DIR.
  • ⚠️For production deployment, Docker and a container registry are required, following the Smithery custom container deployment model.
Verified SafeView Analysis
The server uses `cors` with `origin: "*"`, which allows requests from any origin. While common for public APIs, this means cross-origin requests are unrestricted. It relies on the integrity of local skill manifest, prompt, and resource files (`fs.readFile`). Assuming these files are trusted and the host environment is secure against file tampering, the risk is mitigated. No `eval`, dynamic untrusted code execution, or obvious command injection vulnerabilities were found in the provided source.
Updated: 2025-12-20GitHub
0
0
Medium Cost
laxmimerit icon
Sec9

Provides a Model Context Protocol (MCP) server for accessing Yahoo Finance data for AI assistants.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Relies on external Yahoo Finance API (subject to their terms and potential rate limiting)
Verified SafeView Analysis
The server acts as a wrapper around the `yfinance` library. No `eval`, hardcoded secrets, or obvious malicious patterns were found. Communication is via `stdio` transport, which is generally secure as it relies on the security of the client invoking it. The `yfinance` library itself makes external network requests to Yahoo Finance, which is an inherent part of its functionality.
Updated: 2025-12-11GitHub
0
0
Medium Cost
jeanlopezxyz icon

mcp-alertmanager

by jeanlopezxyz

Sec9

Enables AI assistants to monitor Prometheus Alertmanager, manage alerts and silences, and understand notification routing within an infrastructure.

Setup Requirements

  • ⚠️Requires Java 21+ runtime environment to execute the core server JAR.
  • ⚠️Requires a running Prometheus Alertmanager instance that is network accessible from where this server is run.
  • ⚠️Requires Node.js and npm/npx to run the provided `mcp-alertmanager` CLI wrapper.
Verified SafeView Analysis
The server uses `execSync` in its Node.js wrapper for a `java -version` check, which is generally low risk given the static command. It properly handles Kubernetes ServiceAccount bearer tokens for authentication. The Java JAR is downloaded from the project's own GitHub releases, a trusted source for the component itself. There are no hardcoded secrets, as the Alertmanager URL is configured via environment variable. No obvious malicious patterns or obfuscation were found.
Updated: 2025-12-11GitHub
PreviousPage 500 of 713Next