Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
kirha-ai icon

iowrapper

by kirha-ai

Sec3

Wraps stdio-based programs, particularly MCP servers, and exposes them as an HTTP JSON-RPC API.

Setup Requirements

  • ⚠️Requires careful management and sanitization of `CLI_TOOL_COMMAND` and `CLI_TOOL_ARGS` for security and correct functioning.
  • ⚠️The wrapped CLI tool and its runtime dependencies (e.g., `npx`, `npm`) must be installed and available in the execution environment.
Review RequiredView Analysis
The application executes arbitrary commands specified via the `CLI_TOOL_COMMAND` and `CLI_TOOL_ARGS` environment variables. This mechanism introduces a significant remote code execution (RCE) risk if these environment variables are not strictly controlled and secured. There is no explicit sanitization or validation of the command or its arguments within the provided source code. If deployed in an untrusted environment or with vulnerable configuration, this could allow an attacker to execute arbitrary code on the host system.
Updated: 2025-11-20GitHub
0
0
Low Cost
unk029-openconsultinguk icon

UNK029-MCP-SERVER

by unk029-openconsultinguk

Sec1

Analysis of the server's functionality is not possible as source code was not provided.

Setup Requirements

  • ⚠️Source code not available for review.
Review RequiredView Analysis
Source code was not provided for analysis. Therefore, a security audit cannot be performed. Without reviewing the code for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns, it is NOT safe to run any unknown server software.
Updated: 2025-11-25GitHub
0
0
High Cost
grzetich icon

eyeson

by grzetich

Sec8

AI-powered UX analysis of websites through a natural language interface, primarily for Claude Desktop and other LLMs.

Setup Requirements

  • ⚠️Requires Node.js 18+.
  • ⚠️Requires a Google Gemini API Key (paid service, usage-based billing applies).
  • ⚠️The UX Analyst AI backend server must be running separately on `http://localhost:3005` (or configured URL) for the MCP server to function.
  • ⚠️Requires using an absolute path to the `index.js` file in Claude Desktop's configuration.
Verified SafeView Analysis
The MCP server itself acts as a proxy, and its direct security risks appear low. It uses standard `node-fetch` for backend communication and retrieves API keys from environment variables. The overall security of the system heavily relies on the backend, which handles browser automation (Puppeteer) and external AI calls. The backend configuration uses `--no-sandbox` arguments for Puppeteer, which reduces isolation but is common in containerized environments. The architecture plan, however, indicates efforts towards robust error handling, resource management, and circuit breakers, which are positive for stability and resilience against certain types of attacks or resource exhaustion.
Updated: 2025-11-25GitHub
0
0
Medium Cost
ShayYeffet icon

mcp_server

by ShayYeffet

Sec6

Transforms an MCP-compatible client (like Claude Desktop) into a comprehensive development environment for coding, DevOps, data processing, and automation tasks.

Setup Requirements

  • ⚠️Many tools (`image_process`, `pdf_manipulate`, `send_notification` email, `cloud_storage`, `code_format`) provide only basic/placeholder functionality or have simplified, potentially insecure implementations due to missing third-party libraries (e.g., `sharp`, `pdf-lib`, cloud provider SDKs, formatters, linters) which are expected to be installed by the user for full or secure operation.
  • ⚠️The `docker_manage` tool requires Docker to be installed and accessible on the host machine.
  • ⚠️The `MCP_ALLOWED_COMMANDS` environment variable is critical and must be carefully configured by the user, explicitly listing every command (e.g., `npm`, `git`, `python`) the AI is permitted to execute, to maintain security.
Verified SafeView Analysis
The server implements robust local filesystem sandboxing and command allowlisting (using `shell: false` with `spawn` for commands), which is critical for preventing directory traversal and arbitrary code execution locally. However, the `cloud_storage` and `image_process` tools contain 'placeholder' or 'simplified' implementations that lack proper SDKs and secure authentication mechanisms (e.g., using basic auth for cloud storage instead of proper Signature V4 signing), potentially exposing credentials or leading to insecure interactions with external services if used without installing recommended libraries or implementing robust security. The claim of 'military-grade sandboxing' for cloud storage is not met by the current simplified code. The `send_notification` tool's webhook functionality also relies on basic HTTP requests without inherent advanced security features. Therefore, while local operations are well-secured, interactions with external services require careful user configuration and potentially additional secure library installations.
Updated: 2025-12-20GitHub
0
0
Low Cost
Stealinglight icon

StravaMCP

by Stealinglight

Sec9

A remote Model Context Protocol (MCP) server that enables AI assistants like Claude and ChatGPT to interact with a user's Strava data.

Setup Requirements

  • ⚠️Requires Bun runtime installed.
  • ⚠️Requires AWS SAM CLI installed and AWS CLI configured.
  • ⚠️Requires manual retrieval of Strava API Refresh Token via a local web server and browser interaction.
Verified SafeView Analysis
No 'eval' or code obfuscation found. Hardcoded secrets are avoided by loading all sensitive data (Strava API credentials, AUTH_TOKEN) from environment variables. All tool inputs are validated using Zod schemas, mitigating injection risks. Access to the Lambda function URL is secured by a Bearer token authentication middleware that validates against an `AUTH_TOKEN` environment variable. While a broad CORS policy (`AllowOrigins: '*'`) is configured, access remains protected by the required `AUTH_TOKEN`. The `StravaClient` handles OAuth 2.0 token refreshing securely and automatically.
Updated: 2026-01-19GitHub
0
0
Medium Cost
CodeKeanu icon

steam-mcp

by CodeKeanu

Sec8

Integrates Steam Web API with AI assistants to query game, player, and community data.

Setup Requirements

  • ⚠️Requires a Steam Web API Key (free to obtain).
  • ⚠️Requires your SteamID64 configured as STEAM_USER_ID for 'me'/'my' profile queries.
  • ⚠️Requires Python 3.12+ for developer setup.
  • ⚠️Designed to run as a Model Context Protocol (MCP) `stdio` server, typically integrated with AI assistants like Claude Desktop.
Verified SafeView Analysis
The server correctly uses environment variables for API keys, includes rate limiting and retry mechanisms for external API calls, and handles potential HTML error responses. Input sanitization for Steam IDs is performed. The `get_raw` client method, while general-purpose, is currently only used for specific public Steam Store review endpoints, mitigating immediate risk. HTML parsing within `_html_to_text` and the use of `strip_description_bbcode` help prevent injection, but HTML processing is always a potential area for subtle vulnerabilities.
Updated: 2025-12-31GitHub
0
0
High Cost
seanshin0214 icon

qualai-mcp

by seanshin0214

Sec9

QualAI is an AI-powered qualitative research server that provides automated coding, thematic analysis, grounded theory building, and methodology selection via a community-driven, RAG-enhanced framework, designed for seamless integration with Claude Desktop.

Setup Requirements

  • ⚠️Requires Claude Desktop as the client to interact with the server.
  • ⚠️An OpenAI API Key (a paid service) is required for semantic search and RAG functionality (when Qdrant is enabled).
  • ⚠️A Qdrant vector database (either via Docker or Qdrant Cloud) is highly recommended for optimal methodology recommendations and RAG capabilities.
  • ⚠️Node.js version 18 or higher is a prerequisite for running the server.
Verified SafeView Analysis
The project demonstrates good security practices by utilizing prepared statements in its SQLite adapter to prevent SQL injection. External API keys for OpenAI, Qdrant, and GitHub are managed via environment variables (process.env) rather than being hardcoded. User research data is stored locally by default, enhancing privacy. There is no visible use of 'eval' or other obviously malicious patterns. Overall, the server appears safe to run.
Updated: 2025-11-28GitHub
0
0
Low Cost
zq940222 icon
Sec7

Spring Boot Starter for building custom MCP (Micro-Agent Protocol) servers with dynamic, runtime toolset discovery and registration based on request parameters.

Setup Requirements

  • ⚠️Requires Java 21+
  • ⚠️Requires Spring Boot 4.0+ (this version might be a typo, as Spring Boot 3.x is current; compatibility with 3.x is more likely and implied by dependencies)
Verified SafeView Analysis
The server dynamically loads and invokes tool methods based on user-controlled `toolset` and `toolName` parameters. While tool classes are scanned from a controlled classpath, using reflection (`method.invoke()`) with external input always carries a risk of unintended method execution if not coupled with strict input validation, authorization, and method access control beyond what is visible in the provided snippets. The default empty `crewplus.mcp.server.scan-base-package` property could, if not properly overridden or configured, lead to wider classpath scanning than intended.
Updated: 2025-11-26GitHub
0
0
Low Cost
sabatajoxicraft icon

mcp-server

by sabatajoxicraft

Sec10

This repository appears to be a project backup for a server application, but no specific functionality can be determined from the provided source code.

Review RequiredView Analysis
Only a README.md file was provided in the source code. No executable code was available for analysis of security risks such as 'eval', obfuscation, network vulnerabilities, hardcoded secrets, or malicious patterns. Based solely on the provided text file, no immediate risks are apparent.
Updated: 2025-12-13GitHub
0
0
Medium Cost
renoblabs icon

coolify-mcp-server

by renoblabs

Sec4

Enables AI clients (e.g., Claude Desktop, Antigravity) to manage and automate Coolify deployments and infrastructure through natural language commands.

Setup Requirements

  • ⚠️Requires Coolify API Token (from your Coolify instance)
  • ⚠️Requires Python 3.8+ and FastMCP library dependencies
  • ⚠️Remote access (SSE mode) requires network accessibility to the server and potentially Cloudflare Tunnel setup
  • ⚠️Hardcoded API tokens in many helper/test scripts pose a significant security risk if run without modification.
Review RequiredView Analysis
The core server.py file attempts to handle secrets securely via environment variables and implements a Bearer token authentication middleware for SSE mode. However, a critical security risk exists due to numerous instances of hardcoded API tokens (Coolify, Cloudflare, MCP) found in various helper scripts, test files, and example configurations (e.g., coolify_for_openhands.py, deploy_mcp_to_coolify.py, deploy_realestate.py, configure_domain.py, verify_realestate.py, audit_coolify.py, audit_health.py, and most test_*.py files). While documentation strongly advises against this, the presence of these active tokens directly in the codebase poses a severe risk of accidental credential exposure if these files are run or shared. The server binds to 0.0.0.0, but it is behind an authentication middleware.
Updated: 2025-12-11GitHub
0
0
Low Cost
jermeyyy icon

kortex

by jermeyyy

Sec7

An MCP server that provides AI coding assistants with advanced capabilities for working with Kotlin Multiplatform (KMP) and Compose Multiplatform (CMP) projects, including LSP-based code analysis, navigation, editing, and planning.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires Kotlin Language Server to be installed and in PATH
  • ⚠️Optionally requires SourceKit-LSP for Swift/iOS support
  • ⚠️Optionally requires clangd for Objective-C/iOS support
Verified SafeView Analysis
The server uses `asyncio.create_subprocess_exec` to run external Language Server Protocol (LSP) binaries (Kotlin, Swift, Objective-C). While necessary for its core functionality and typically discovers trusted executables via `shutil.which` or hardcoded paths, this introduces a dependency on external tools. A compromised LSP executable or path could lead to unexpected behavior. No direct 'eval' or hardcoded secrets were found. JSON-RPC communication is handled, which can be vulnerable to malformed or oversized payloads if not robustly validated, though typical LSP usage is generally trusted.
Updated: 2025-11-29GitHub
0
0
Medium Cost
agentoauth icon

openapi-to-mcp

by agentoauth

Sec8

Provides a Model Context Protocol (MCP) interface to the National Weather Service (NWS) API, enabling AI assistants to access weather-related data and forecasts.

Setup Requirements

  • ⚠️Requires API_BASE_URL environment variable (configured in wrangler.toml for Cloudflare Workers, but essential for any deployment).
  • ⚠️Requires Node.js 18+ and `npm` for building and deployment.
  • ⚠️Requires outbound network access to the configured `API_BASE_URL` (https://api.weather.gov).
Verified SafeView Analysis
The server acts as an API proxy, forwarding requests to an external weather API. It uses environment variables (`API_BASE_URL`, `USER_AGENT`) for configuration. Path and query parameters are URL-encoded before being used in `fetch` requests, mitigating direct URL injection risks. The code does not use `eval` or other dynamic code execution from user input. Error responses may expose underlying HTTP status and response bodies from the external API, which is standard for proxies but could reveal minor details in specific error scenarios. Assuming the deployment environment (e.g., Cloudflare Workers) securely manages environment variables and network access, the generated server code is robust for its intended purpose. The broader 'openapi-to-mcp' project's 'mcp-hub' component does contain `exec` calls for build/deploy processes, but these are not part of the 'weather-mcp' server's runtime.
Updated: 2025-12-10GitHub
PreviousPage 505 of 713Next