Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
tspenov icon
Sec9

Provides an Elixir-based Model Context Protocol (MCP) server exposing BJJ position and video data as tools for AI assistants.

Setup Requirements

  • ⚠️Requires Elixir to be installed.
  • ⚠️This is a skeleton/library; real data providers must be implemented in a private application to replace the mock data.
  • ⚠️The server runs within an Elixir application (e.g., Phoenix or Plug) and requires specific router configuration.
Verified SafeView Analysis
The server itself is a skeleton using mock data, so direct security risks within this repository's code are minimal. No `eval` or obvious malicious patterns are present. The primary security considerations will arise from the private application's implementation of 'real' data providers (e.g., proper database access controls, input sanitization for queries, handling of sensitive video URLs or metadata). The current setup explicitly delegates data access to the consuming application, making this library's code itself quite safe.
Updated: 2025-11-27GitHub
0
0
Low Cost
pentafive icon

your-spotify-mcp

by pentafive

Sec9

Connects AI assistants to Your Spotify for advanced music analytics and optional Spotify Web API control.

Setup Requirements

  • ⚠️Requires a self-hosted 'Your Spotify' instance to collect and store your listening history data.
  • ⚠️Tier 5 tools (Spotify Control) require separate Spotify Developer App credentials (Client ID, Client Secret, OAuth Access/Refresh Tokens) and will be disabled if not configured.
  • ⚠️Some Tier 4 Management tools (`analyze_affinity`, `rename_account`, `revoke_public_access`, `update_user_settings`) require an authenticated web session with Your Spotify, and cannot be used with a public token (read-only API limitation).
  • ⚠️The Your Spotify API typically limits data requests to 30 items, even if a higher limit is specified in a tool call.
Verified SafeView Analysis
The server uses environment variables for all sensitive API keys/tokens, which is a strong security practice. It communicates with AI clients via STDIO (standard input/output), eliminating local network listening vulnerabilities. HTTP requests to external APIs (Your Spotify and Spotify Web API) are handled securely with `axios` and rate limiting. Error messages are designed to be sanitized, preventing accidental exposure of sensitive information. The primary security considerations involve the user's secure management of environment variables and the underlying security of their self-hosted Your Spotify instance.
Updated: 2026-01-15GitHub
0
0
Low Cost
BryanSchuetz icon

mcp

by BryanSchuetz

Sec9

This repository contains Markdown files detailing numerous international development projects, likely intended for an organizational website or public-facing project portfolio.

Verified SafeView Analysis
The provided 'SOURCE CODE' consists of static Markdown content files (.md), not executable server-side code. Therefore, traditional security risks typically found in server applications (e.g., 'eval' usage, obfuscation, direct network access, hardcoded API keys/secrets, or malicious code patterns) are not present within this content. The files do embed content via `iframe` tags from external sources (Flickr, Vimeo), which introduces a dependency on the security of those third-party platforms and the client-side rendering environment. However, the content itself is non-malicious.
Updated: 2025-12-08GitHub
0
0
Low Cost
hgursel icon

NetContext-MCP

by hgursel

Sec6

AI-powered network automation and device management by enabling AI assistants to execute commands on network devices via Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires access to live or simulated network devices (e.g., physical switches, GNS3, or Docker test servers).
  • ⚠️SSH host key verification is disabled by default, requiring manual configuration to enable for secure production use (vulnerable to MitM if not enabled).
  • ⚠️Manual configuration of client-specific JSON file (e.g., `~/.claude.json`) with absolute paths and credentials, which is prone to errors.
  • ⚠️GNS3 setup requires specific Aruba AOS-CX simulator image and significant RAM (8GB+).
Review RequiredView Analysis
The primary security risk is that SSH host key verification is disabled by default (`SSH_VERIFY_HOST_KEY=false` in environment config and `ssh.ts`), making the server vulnerable to Man-in-the-Middle (MitM) attacks. This is a critical flaw for a network management tool and must be manually enabled for production. While strong command sanitization (`rm`, `erase`, command chaining, path traversal, redirection) and file path validation for documentation are implemented, and YAML parsing uses `FAILSAFE_SCHEMA` to prevent code execution, the default SSH setting significantly lowers the overall security posture. Hardcoded test credentials exist in development configurations, emphasizing the need for secure environment variable management in production.
Updated: 2025-11-20GitHub
0
0
Low Cost
bisVo159 icon
Sec3

A server for tracking and managing personal expenses via a FastMCP API.

Setup Requirements

  • ⚠️Requires 'uv' for dependency management, not 'pip'.
  • ⚠️Expense data is stored in the system's temporary directory, which may not be persistent across reboots or system cleanups, leading to potential data loss.
  • ⚠️Lacks any authentication or authorization, making it unsafe to expose on untrusted networks or use in multi-user environments.
Verified SafeView Analysis
The application critically lacks any authentication or authorization mechanisms. Any client capable of connecting to the server (which defaults to '0.0.0.0:8000') can perform all CRUD operations on expense data. This poses a severe privacy and security risk if the server is exposed to an untrusted network. Data is stored in the system's temporary directory, which can lead to data loss due to system cleanup processes. While SQL injection is mitigated by using parameterized queries, the complete absence of access control for sensitive financial data is a major vulnerability.
Updated: 2025-12-17GitHub
0
0
Low Cost
Ce-terminals-02 icon
Sec1

Provides instructions or automation for deploying a Minecraft server on Amazon Web Services (AWS).

Setup Requirements

  • ⚠️Requires an AWS account and appropriate credentials for deployment.
Review RequiredView Analysis
A comprehensive security audit cannot be performed as no actual source code was provided beyond the README.md file. Without the implementation details, it's impossible to check for malicious patterns, 'eval' usage, obfuscation, network risks, or hardcoded secrets.
Updated: 2025-12-02GitHub
0
0
Low Cost
web-dev-lab-official icon

mcp-server

by web-dev-lab-official

Sec7

Integrates AI applications with Google Calendar by exposing calendar functionalities as MCP tools, resources, and prompts.

Setup Requirements

  • ⚠️Requires Google Cloud Project with Calendar API enabled
  • ⚠️Requires `credentials.json` file from Google Cloud in the project root
  • ⚠️Requires Python 3.13+
  • ⚠️Requires `uv` package manager for setup and running
Verified SafeView Analysis
The server relies on `token.json` and `credentials.json` for Google OAuth, which contain sensitive `client_id`, `client_secret`, and refresh tokens. The `https://www.googleapis.com/auth/calendar` scope grants full access to the user's calendar. While standard for Google API integration, these files must be securely handled and protected to prevent unauthorized calendar access. The HTTP server (`server_http.py`) is exposed on localhost by default; exposure to public networks would require additional security measures. No malicious patterns or `eval` statements were found in the provided source code.
Updated: 2025-12-09GitHub
0
0
Low Cost
ishant1234567890 icon

LLM_with_MCP_server

by ishant1234567890

Sec8

Facilitates real-time, AI-powered chat interaction between a Large Language Model and players within a Minecraft Pi Edition server.

Setup Requirements

  • ⚠️Requires a specific llama.cpp compatible LLM model file (e.g., ggml-model-q4_0.bin) placed at './models/7B/' (or specified via LLM_MODEL_PATH).
  • ⚠️Requires a running Minecraft Pi Edition server accessible to the script (default 'localhost:4711').
  • ⚠️Requires the 'llama_cpp' Python library, which can have complex installation requirements, especially for GPU support.
Verified SafeView Analysis
The server does not contain 'eval' calls, obfuscated code, or apparent hardcoded secrets. It connects to a local LLM and a Minecraft server, posting LLM responses to chat. The primary security consideration would be the content generated by the LLM if deployed in an uncontrolled environment, but the code itself does not introduce direct system vulnerabilities.
Updated: 2025-11-23GitHub
0
0
Low Cost
mave007 icon
Sec8

This server controls Philips Hue smart lights via API v2, enabling comprehensive management of lights, rooms, scenes, and sensors.

Setup Requirements

  • ⚠️Requires physical access to the Philips Hue Bridge to press the link button during initial authentication setup.
  • ⚠️Requires Python 3 and dependencies installed via `pip install -r requirements.txt`.
  • ⚠️The Hue Bridge must be on the same local network as the server for discovery and communication.
Verified SafeView Analysis
The server securely authenticates with the Philips Hue Bridge using an application key generated via a physical button press on the bridge. Configuration (including the API key) is stored in a YAML file, not hardcoded. It uses HTTPS for communication with the bridge. A minor security note is the explicit disabling of SSL certificate verification (`verify_ssl: false`), which is a documented requirement for Hue bridges due to their self-signed certificates on the local network. The server itself communicates via stdio, limiting direct network exposure.
Updated: 2025-11-23GitHub
0
0
High Cost
Amri854 icon
Sec8

A comprehensive Model Context Protocol (MCP) server for Obsidian that provides powerful vault access, knowledge graph analysis, and advanced integration features, often for AI tools and automation.

Setup Requirements

  • ⚠️Requires absolute paths for local vault configuration, environment variables, and Claude Desktop setup.
  • ⚠️For full Obsidian app integration (e.g., opening notes in Obsidian, executing commands), the 'Local REST API' community plugin must be installed and running in Obsidian.
  • ⚠️The 'remote' vault type is designed for self-hosted REST API servers that the user must implement themselves, NOT for Obsidian Sync or other third-party cloud services.
  • ⚠️Requires Node.js version 18 or higher.
Verified SafeView Analysis
The server's core MCP communication happens over standard I/O (stdio), which limits direct network exposure for the protocol itself. Configuration for vault access and Obsidian API can involve sensitive data (API keys, vault paths). These are handled through environment variables or configuration files, which is good practice. Direct file system access by the LocalConnector requires trusted vault paths. RemoteConnector and ObsidianAPI rely on external HTTP endpoints; the security of these endpoints (e.g., Obsidian's 'Local REST API' plugin or custom servers) is outside the scope of this server's control and must be secured independently by the user. No direct 'eval' or obvious malicious patterns were identified in the provided source code snippets for the server's core logic.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Vid-Juric icon

mcp-servers-test

by Vid-Juric

Sec4

This repository serves as a test suite for validating MCP (Model Context Protocol) configuration discovery and vulnerability scanning tools.

Setup Requirements

  • ⚠️Requires various cloud/service API keys (e.g., AWS, Alibaba Cloud, Firecrawl, Context7) for different server configurations.
  • ⚠️Requires Docker, Node.js/NPM, and Python environments to run the diverse set of configured MCP servers.
  • ⚠️Involves executing external scripts/packages directly from GitHub or other sources, which requires careful security vetting and may introduce additional dependencies.
Review RequiredView Analysis
The repository's configuration files define multiple MCP servers, many of which involve executing third-party npm packages (e.g., '4oimage-mcp', 'abp-io-mcp-server', '@agent-infra/mcp-server-browser', '@upstash/context7-mcp') or a Docker image ('ashgw/s3-mcp:latest'). Crucially, one configuration directly specifies running a package from a GitHub URL ('github:hongsw/aligo-sms-mcp-server'), which is a significant security risk as it allows arbitrary code execution from an unverified source. Furthermore, while API keys and secrets are represented by placeholders (e.g., 'YOUR_API_KEY', 'your_access_key'), the configuration structure encourages direct embedding of sensitive credentials, posing a risk for misconfiguration if not properly managed. The use of 'powershell' to execute a local '.ps1' script also carries risk if the script's content is not fully audited. No obfuscation or 'eval' statements were explicitly found within the truncated source code.
Updated: 2025-12-03GitHub
0
0
High Cost
kuyaxx icon
Sec3

Provides a Salesforce Model Context Protocol (MCP) server with enhanced UI capabilities for interacting with Salesforce data through queries, DML, and metadata operations.

Setup Requirements

  • ⚠️Requires Node.js and npm for installation and execution.
  • ⚠️Requires Salesforce CLI to be installed and an authenticated org for 'Salesforce_CLI' authentication method.
  • ⚠️Requires Salesforce API credentials (e.g., username/password/token, or client ID/secret) configured as environment variables depending on the chosen authentication method.
Review RequiredView Analysis
The server's implementation of `salesforce_query_records` and `salesforce_aggregate_query` tools directly concatenates user-provided string arguments (`whereClause`, `orderBy`, `havingClause`) into SOQL queries without explicit sanitization by the server itself. This creates a significant SOQL injection vulnerability, contradicting the claim in `SECURITY.md` that all SOQL inputs are sanitized. A malicious or poorly designed AI agent could exploit this to perform unauthorized data access or manipulation. While `execAsync` is used for Salesforce CLI authentication, the command itself is hardcoded, limiting the immediate risk from arbitrary command execution, but its presence signals a need for caution. Hardcoded secrets are avoided by requiring environment variables for authentication.
Updated: 2026-01-19GitHub
PreviousPage 513 of 713Next