Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
zmlAEQ icon
Sec8

This server integrates FeiShu APIs (documents, bots, chats, multi-dimensional tables) with AI models via the Model Context Protocol (MCP) to enable tools-based RAG workflows and automated interactions.

Setup Requirements

  • ⚠️Requires Node.js 23.0 or higher.
  • ⚠️Requires pnpm package manager.
  • ⚠️Requires a valid FeiShu developer account and a custom application with appropriate permissions.
Verified SafeView Analysis
The server uses Zod for robust input validation in its tool layer and handles FeiShu API credentials via environment variables, with masking in logs. Fastify CORS is configured, mitigating common web security risks. While `JSON.parse` is used on certain inputs (like `cardContent` and `docType` strings), in the context of an MCP server, these inputs are typically generated by a controlled LLM or validated client, which reduces the risk. No `eval` or blatant hardcoded secrets were found.
Updated: 2025-12-01GitHub
0
0
Low Cost
tx7do icon
Sec8

A modular and observable recommendation microservice demonstrating Go-Kratos and MCP protocol integration for recall, ranking, and filtering stages.

Setup Requirements

  • ⚠️Go programming language (version 1.22+ recommended) must be installed.
  • ⚠️`buf` command-line tool for Protobuf schema management is required.
  • ⚠️`wire` command-line tool for Go dependency injection is required.
  • ⚠️Potential port conflicts if ports 8000 (HTTP) or 8080 (MCP) are already in use.
Verified SafeView Analysis
The code uses standard Go libraries and the Kratos framework, which are generally robust. No 'eval' or dynamic code execution from untrusted sources is observed. User input through MCP and HTTP is unmarshaled into Protobuf-generated structs, which helps in schema validation and prevents arbitrary deserialization attacks. Server endpoints bind to specified ports (8000 for HTTP, 8080 for MCP) without explicit TLS or authentication in the provided code, which is typical for internal microservices and implies external security layers (e.g., API Gateway, reverse proxy with HTTPS) are expected for production deployment. No hardcoded sensitive secrets are present in the provided snippets. The MCP tool input schema is explicitly defined in code, limiting the flexibility of untrusted input.
Updated: 2025-11-24GitHub
0
0
Low Cost
consultingwerkdev icon

sports2000demomcp

by consultingwerkdev

Sec8

Provides a web-based Model Context Protocol (MCP) server with OAuth2 authentication for interacting with Sports2000 customer data and supporting SmartComponent Library/SmartFramework development tasks.

Setup Requirements

  • ⚠️Requires a running Keycloak server configured with a specific realm and client for OAuth2 authentication.
  • ⚠️Requires a backend PASOE (Progress Application Server for OpenEdge) server for data access, configurable via `SMARTFRAMEWORKMCP_PASOE_URL`.
  • ⚠️For local client interaction, `mcp-remote` requires Node.js and npm (`npx`).
Verified SafeView Analysis
The server leverages robust industry-standard OAuth2/OpenID Connect protocols with Keycloak for authentication. JWT token validation (signature, expiration, issuer, JWKS) is explicitly handled by the `SmartMcpAuthentication` library. Initial discovery endpoints (`initialize`, `.well-known/*`) are publicly accessible, which is standard for OAuth2, while all other operational endpoints require a valid JWT. There are no direct indications of hardcoded secrets, 'eval', or code obfuscation in the provided snippets. The primary security considerations revolve around proper Keycloak configuration, secure handling of client secrets (if using confidential clients), and keeping .NET dependencies updated.
Updated: 2025-12-11GitHub
0
0
Low Cost

wikijs-mcp-server

by Barry-Anil

Sec3

A backend server component for managing or extending Wiki.js functionalities.

Review RequiredView Analysis
No code or README provided for analysis; cannot assess security risks. Running software without source visibility is inherently risky.
Updated: 2025-11-19GitHub
0
0
Medium Cost
RandyNorthrup icon

advanced-powershell-mcp

by RandyNorthrup

Sec3

Provides comprehensive Windows system management capabilities through PowerShell, including network configuration, security management, registry operations, event log analysis, disk management, Windows Defender antivirus, CIS Benchmark security hardening, performance monitoring, database operations, and complete system administration.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️Requires PowerShell 5.1+ or PowerShell Core 7+.
  • ⚠️Many critical operations require Administrator privileges on the Windows host.
  • ⚠️Requires an MCP-compatible AI client to function (e.g., Claude Desktop, VS Code with Continue, Zed Editor).
Review RequiredView Analysis
The server executes PowerShell commands constructed using direct string interpolation of user-controlled parameters (e.g., log names, paths, search terms, user/group names, SQL queries, backup paths). This creates a significant risk of PowerShell command injection if an attacker can control or manipulate these inputs. While Zod validates input types, it does not sanitize against PowerShell-specific injection vectors. Many operations require administrator privileges and can perform destructive actions (e.g., formatting disks, deleting registry keys, clearing event logs). The CIS Benchmark tools, for example, build .inf files with interpolated user strings for `secedit` execution, which is a critical injection risk.
Updated: 2025-11-21GitHub
0
0
High Cost
deenrico icon

mcp-servers

by deenrico

Sec3

Provides a collection of zero-API-key FastMCP servers for local LLMs, enabling internet connectivity checks, German weather forecasts, Wikipedia searches, and general web scraping.

Setup Requirements

  • ⚠️Requires a local LLM (e.g., LMStudio or Ollama) running.
  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Relies on 'uv' for dependency management and project setup.
Review RequiredView Analysis
The 'Deep Search' tool in the 'web-search' server allows fetching content from arbitrary URLs provided as input. This creates a significant security risk, as a malicious prompt to the LLM could lead to Server-Side Request Forgery (SSRF) vulnerabilities, exposure to malicious web content, or interaction with internal network resources. While the code itself doesn't use 'eval' or hardcoded secrets, the ability to browse arbitrary external links via the LLM poses a critical external interaction risk if not run in a highly sandboxed environment.
Updated: 2025-11-19GitHub
0
0
Low Cost
nealrauhauser icon

Solr7-mcp

by nealrauhauser

Sec8

Provides an interface for Open Semantic Search (Solr 7.7.3) via fastmcp, enabling keyword searches and core listing with data sanitization.

Setup Requirements

  • ⚠️Python 3.12+ is required.
  • ⚠️Requires an accessible Solr 7.x instance (specifically Open Semantic Search 7.7.3).
  • ⚠️An SSH tunnel must be configured on a proxy server to expose the localhost-bound Solr instance to the network (e.g., using 'GatewayPorts').
  • ⚠️The 'fastmcp' and 'requests' Python libraries must be installed.
Verified SafeView Analysis
No 'eval' or hardcoded secrets found within the application code. It directly passes user queries to Solr's 'q' parameter; while Solr has internal protections, complex queries could impact performance. A critical setup requirement is an SSH tunnel with 'GatewayPorts' enabled on a proxy, which could expose the Solr instance if the proxy itself is not properly secured. The Solr instance at SOLR_URL should be secured, as the 'list_cores' tool can expose core status information.
Updated: 2025-12-01GitHub
0
0
Low Cost
SaadAJ icon

districts-mcp

by SaadAJ

Sec9

Provides geographic data and distance calculation tools for Riyadh districts via an MCP and HTTP server.

Setup Requirements

  • ⚠️Requires Python 3.10 or newer.
  • ⚠️Requires specific MCP client configuration (e.g., .cursor/mcp.json) for use as an MCP server.
Verified SafeView Analysis
No 'eval' or similar dangerous patterns observed. No hardcoded API keys or sensitive external secrets. Input validation for MCP tools is handled by Pydantic. District data is hardcoded within the repository, minimizing external data source risks. The service exposes a health check endpoint and MCP tools over HTTP; standard network security practices apply if exposed publicly.
Updated: 2025-12-02GitHub
0
0
Medium Cost
quinnjr icon

fruityloops-mcp

by quinnjr

Sec8

This server enables AI assistants to control FL Studio (Fruity Loops) for music composition and automation via its Python API and MIDI interfaces.

Setup Requirements

  • ⚠️Requires FL Studio (version 20.7+) running, with specific MIDI settings configured for both direct MIDI and Flapi communication.
  • ⚠️Requires 'loopMIDI' (Windows only) to create virtual MIDI ports (FLStudio_MIDI, Flapi Request, Flapi Response).
  • ⚠️Requires the 'flapi' library to be installed and its script configured within FL Studio for API access (`pip install flapi && flapi install`).
Verified SafeView Analysis
The server's design relies on the Model Context Protocol (MCP) and operates locally via stdio, limiting direct network exposure. It exposes specific FL Studio API and MIDI functionalities through predefined tools, not arbitrary code execution from external user input. While a compromised AI assistant could theoretically misuse the extensive control over FL Studio (e.g., generating loud or disorienting MIDI messages, rapid changes to project settings), this is within the intended scope of interaction. No direct hardcoded secrets or 'eval' of external input were found in the provided server source code.
Updated: 2025-12-29GitHub
0
0
High Cost
Savagekiller45 icon

Blender-MCP-Server

by Savagekiller45

Sec3

Controls Blender using AI agents through an API for 3D workflow automation.

Setup Requirements

  • ⚠️Requires Blender 3.0 or later to be installed and running.
  • ⚠️The `Config.POLYMCP_PATH` variable must be manually configured by the user to point to the `polymcp_toolkit` installation.
  • ⚠️The client (`blender_polymcp.py`) requires a separate Ollama server running with the 'gpt-oss:120b-cloud' model or a similar LLM configured.
Review RequiredView Analysis
The server exposes a large set of Blender's internal API functions (`bpy` module operations) over a network interface (defaulting to 0.0.0.0, making it accessible externally if not firewalled). Malicious actors could potentially use this to execute arbitrary Blender operations, corrupt files, or crash the application, especially if the `polymcp_toolkit` or AI agent's input validation is insufficient. The AI agent orchestration also introduces prompt injection risks, where a malicious prompt could trick the AI into issuing destructive commands. Furthermore, `Config.POLYMCP_PATH` is a user-configurable path that is appended to `sys.path`, presenting a potential arbitrary code injection vulnerability if its value is compromised or set to an untrusted location. No direct `eval()` or similar explicit dynamic code execution is observed in the provided code, but the indirect risks are substantial.
Updated: 2025-12-15GitHub
0
0
Medium Cost
Vishnudharshan-33 icon

youtube-transcript-mcp-server

by Vishnudharshan-33

Sec9

Enables AI assistants to fetch and read YouTube video transcripts for summarization and analysis.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires WEBSHARE_USERNAME and WEBSHARE_PASSWORD environment variables if proxy is enabled (default configuration).
Verified SafeView Analysis
The code uses `os.getenv` for proxy credentials, which is good practice for secret management. No `eval` or other obvious command injection vulnerabilities were found in the provided source. It relies on the security and robustness of the `youtube-transcript-api` library for transcript fetching.
Updated: 2026-01-19GitHub
0
0
Low Cost
nagareproject icon

publishers-mcp-stdio

by nagareproject

Sec9

Provides a standard input/output (STDIO) interface for a Nagare application server, enabling communication with a parent process.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires the 'nagare-server' package to be installed.
Verified SafeView Analysis
The component itself primarily handles STDIO redirection. Its security heavily relies on the upstream 'nagare-server' dependency correctly processing and sanitizing input passed to 'start_handle_request' within 'services_service'. No direct 'eval', hardcoded secrets, or malicious patterns found in the provided code.
Updated: 2025-12-12GitHub
PreviousPage 509 of 713Next