Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
anandprasad29 icon

ai-finance-app

by anandprasad29

Sec8

An AI-powered personal finance assistant that integrates with Copilot Money and Google Sheets to answer finance-related questions via Claude Code CLI.

Setup Requirements

  • ⚠️Requires macOS for the Copilot Money application and its local data cache.
  • ⚠️Requires manual setup of a Google Cloud Project, enabling specific APIs (Sheets, Drive), and configuring OAuth 2.0 credentials.
  • ⚠️Relies on installing external Node.js (`copilot-money-mcp`) and Python (`google-workspace-mcp` via `uvx`) packages globally.
Verified SafeView Analysis
The project itself is configuration-only, relying on well-established, open-source MCPs. The `copilot-money-mcp` is 100% local and does not make network requests. The `google-workspace-mcp` interacts with Google APIs via standard OAuth 2.0. The setup instructions include `OAUTHLIB_INSECURE_TRANSPORT: "1"` which is generally insecure but noted for local development setup; users should be aware of this for temporary configuration. No 'eval', obfuscation, or hardcoded secrets are found in this repository's source code; sensitive credentials are explicitly handled as environment variables in the user's local Claude configuration.
Updated: 2026-01-19GitHub
0
0
Medium Cost
omriavigdor2210 icon

kotlin-web-context-mcp

by omriavigdor2210

Sec3

Serves as a backend web application or API server built with Kotlin and Ktor.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK)
  • ⚠️Requires Gradle to build and run
Review RequiredView Analysis
Source code was truncated/summarized, preventing a thorough security audit. Specific checks for 'eval', obfuscation, hardcoded secrets, or malicious patterns could not be performed. Running this project without full code review carries inherent unknown risks.
Updated: 2025-12-13GitHub
0
0
Medium Cost
yuu-git icon
Sec3

A system for managing public notes, including TODOs, ideas, guidelines, and code samples, likely facilitated by an AI-powered MCP server.

Setup Requirements

  • ⚠️Requires a running instance of 'ateliers-ai-mcpserver' as detailed in the linked repository (https://github.com/yuu-git/ateliers-ai-mcpserver).
Review RequiredView Analysis
No source code for this specific component was provided for analysis. Cannot perform a security audit for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. The README explicitly states it is managed 'via' an MCP server, detailed in a separate, unprovided repository (`ateliers-ai-mcpserver`), which would contain the critical implementation details for security assessment.
Updated: 2025-11-24GitHub
0
0
Medium Cost
andreasklae icon

MCP_server_for_apis

by andreasklae

Sec9

Provides a Model Context Protocol (MCP) server for Norwegian cultural heritage APIs, enabling AI agents to query Wikipedia, Store Norske Leksikon, and Riksantikvaren databases.

Setup Requirements

  • ⚠️Requires OpenAI API Key or Azure OpenAI credentials for chat features (paid services).
  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Session state is in-memory and non-persistent, meaning sessions are lost on server restart and it's not designed for horizontal scaling.
Verified SafeView Analysis
The server implements strong security measures including robust SSRF protection (`src/security/ssrf.py`) to prevent access to private IP ranges and cloud metadata endpoints. Authentication middleware (`src/security/auth.py`) is in place to protect sensitive endpoints with a configurable `MCP_AUTH_TOKEN`. Rate limiting (`src/utils/rate_limit.py`) is also implemented to mitigate abuse. Environment variables are used for sensitive information like API keys, preventing hardcoding. No 'eval' or obvious obfuscation was found.
Updated: 2026-01-19GitHub
0
0
Low Cost
pdebruin icon
Sec7

Provides sample code for learning about an MCP server, likely focused on development or specific network protocols.

Review RequiredView Analysis
Source code is too truncated (only README content provided) to perform a meaningful security audit. No executable code found to analyze for risks like 'eval', hardcoded secrets, or network vulnerabilities. The score reflects an inability to detect specific issues rather than proven safety.
Updated: 2025-11-26GitHub
0
0
High Cost
eagleisbatman icon

content-mcp-server

by eagleisbatman

Sec8

AI-powered content generation service for Vietnamese farmers, producing weekly podcasts and image articles based on agricultural data.

Setup Requirements

  • ⚠️Requires Google Gemini API Key (Paid service for text, images, and TTS generation)
  • ⚠️Requires Cloudinary API Key and Secret (Paid service for image/audio storage)
  • ⚠️Requires PostgreSQL database connection (Self-hosted or Managed)
  • ⚠️Requires external Backend API URL for trend analysis
Verified SafeView Analysis
No direct 'eval' or obvious command injection vectors found in the provided truncated code. Database interactions leverage parameterized queries, which is good practice against SQL injection. Sensitive API keys and database credentials are expected to be handled via environment variables. Many core AI generation and planning functions are marked as 'TODO', meaning their security will depend heavily on future implementation. The default 'CORS_ORIGIN=*' is broad and should be tightened for production environments.
Updated: 2025-11-30GitHub
0
0
Low Cost
agentic-forge icon

forge-anvil

by agentic-forge

Sec8

A client tool for testing and interacting with MCP (Microservice Communication Protocol) servers, offering both CLI and web UI interfaces.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires `uv` for dependency management and running (e.g., `uv sync`, `uv run`).
  • ⚠️Primarily designed to test *other* running MCP servers; it does not provide an MCP server itself, but rather a client and a local UI server.
Verified SafeView Analysis
The server is a client tool for interacting with arbitrary, user-specified MCP servers. While the tool itself appears to handle input and internal operations safely (e.g., uses `json.loads` for parsing JSON arguments, not `eval`), the inherent nature of connecting to any user-provided URL means the user could direct it to a malicious remote server. The local web UI server (`SimpleHTTPRequestHandler`) serves static files and injects a default server URL; this particular injection method does not present an immediate XSS risk from user input. No hardcoded secrets were found.
Updated: 2026-01-15GitHub
0
0
Low Cost
guilhermetechmakers icon
Sec3

A cross-platform personal sleep coach application generating daily personalized pre-sleep and morning rituals, with sleep tracking and journaling features.

Setup Requirements

  • ⚠️Requires a separate backend API server to be running and accessible at the EXPO_PUBLIC_API_URL environment variable, as this repository only contains the frontend code.
  • ⚠️Full payment processing for subscriptions relies on a Stripe backend integration (including tokenization and webhook handling), which is not part of this frontend codebase and will need significant development.
  • ⚠️Wearable API integrations (Apple Health, Google Fit, Oura, Fitbit, Garmin) are only conceptual in the frontend types and hooks; the actual integration and backend synchronization logic are missing.
Review RequiredView Analysis
CRITICAL SECURITY RISK: The `PaymentForm` component is designed to collect raw credit card information (card number, expiry date, CVV, cardholder name, zip code) directly on the client side. Storing this sensitive, un-tokenized data in client-side state (`paymentMethod` in `Pricing.tsx`) is a severe PCI DSS violation and highly insecure. Real-world applications must use a payment gateway's client-side SDK (e.g., Stripe React Native SDK) to tokenize card data before it ever touches the application's internal state or custom backend. Minor Risk: Authentication tokens are stored using `AsyncStorage` in `src/lib/api.ts`. While common in React Native, `AsyncStorage` is not truly secure storage. `expo-secure-store` is available in the dependencies but not used for tokens, which would provide better protection on rooted/jailbroken devices. No obvious 'eval', obfuscation, or other direct malicious patterns were found.
Updated: 2025-11-26GitHub
0
0
High Cost
pietro-della-peruta icon

quantum_mcp_server

by pietro-della-peruta

Sec4

An MCP server that provides an interface to IBM Quantum computing services for listing backends and executing quantum circuits.

Setup Requirements

  • ⚠️Requires an active IBM Quantum account and API Token (QISKIT_IBM_TOKEN env var), which may incur costs for running on real quantum hardware or cloud simulators.
  • ⚠️The client example (`shor_example.py`) depends on the `shor_15_7.qasm` file being present. If missing, it requires running `python generate_shor_qasm.py` first.
  • ⚠️Requires specific Qiskit versions: `qiskit>=1.0.0` and `qiskit-ibm-runtime>=0.20.0`.
Review RequiredView Analysis
CRITICAL: The `qiskit_tools.py` file contains a line `print("Using token: ", token, file=sys.stderr)` within the `get_service()` function, which logs the `QISKIT_IBM_TOKEN` to standard error. This is a severe security vulnerability as it exposes a sensitive API key, which could be captured by logging systems or visible in terminal output. This line should be removed or the token should be masked. Additionally, the `run_circuit` tool accepts raw QASM code as a string input, which, while not immediately exploitable for arbitrary code execution (as QASM is a domain-specific language), could potentially be used for denial-of-service attacks if extremely large or malformed circuits are submitted without proper resource limits or validation. However, the primary critical risk is the token leak.
Updated: 2025-12-10GitHub
0
0
Low Cost
ShreyKamdar0503 icon
Sec4

An AI healthcare receptionist for a dental clinic, handling multi-agent voice conversations for appointment scheduling, patient intake, insurance checks, and call logging.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for GPT-4o-mini.
  • ⚠️Requires VAPI platform setup and configuration.
  • ⚠️Requires an n8n instance with configured workflows for CRM, scheduling, etc.
  • ⚠️Requires Google Sheets access for CRM and call logging, and Twilio for telephony.
Review RequiredView Analysis
The provided `andrea-assistant-config-full.json` explicitly states `"isServerUrlSecretSet": false`. This indicates that the VAPI platform is configured to call the MCP server without a shared secret for authentication, making the MCP server's endpoint vulnerable to unauthorized access if exposed publicly. Without the actual MCP server source code, it's impossible to audit for other risks like hardcoded secrets, input validation, or internal vulnerabilities.
Updated: 2025-12-12GitHub
0
0
Medium Cost
evgenygurin icon

r2r-ultra-mcp-server

by evgenygurin

Sec9

Provides an enterprise-grade Model Context Protocol (MCP) server that integrates with an R2R (Retrieval & RAG) backend, offering tools for hybrid search, RAG queries, multi-turn agent conversations, collection management, document upload, and automated workflows, optimized for client applications like Cursor or Claude Desktop.

Setup Requirements

  • ⚠️Requires an external R2R API instance to be running and accessible.
  • ⚠️Requires an R2R API_KEY for authentication with the R2R backend.
  • ⚠️Requires Python 3.10 or higher.
Verified SafeView Analysis
The server employs good security practices, including loading API keys from environment variables, implementing rate limiting, and using an ErrorHandlingMiddleware to prevent exposure of raw internal exceptions. Input validation is also demonstrated as a best practice. The overall security relies on proper configuration and the underlying R2R instance's security.
Updated: 2025-11-26GitHub
0
0
Medium Cost
skanga icon

CodeSeek

by skanga

Sec9

Provides semantically-aware, fast code search and context management for AI coding agents, offering ranked file results and code analysis.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) to build using Maven.
  • ⚠️Requires Java Runtime Environment (JRE) to run the compiled JAR.
Verified SafeView Analysis
The application uses `ProcessBuilder` in `GitUtils.java` to execute `git` commands for repository metadata. The arguments passed to `git` appear to be well-controlled and not susceptible to arbitrary command injection directly from user queries. File I/O for caching and sessions is restricted to the `.codeseek` directory within the project root. A potential, but common, risk in AI agent integrations is the `cwd` (current working directory) parameter in tool calls like `search_files`. If an untrusted agent could specify an arbitrary `cwd` outside the intended project, it could theoretically be used to scan unintended file systems. However, this is typically mitigated by running agents within sandboxed or controlled environments and trusting the agent's intent. No hardcoded secrets or 'eval'-like constructs for arbitrary code execution from user input were found in the provided source.
Updated: 2026-01-18GitHub
PreviousPage 507 of 713Next