Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
nathanstitt icon

shotter

by nathanstitt

Sec2

Automating iOS Simulator interactions and screenshot capture for AI assistants via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires macOS with Xcode installed (for iOS Simulator)
  • ⚠️Requires Node.js 18+
  • ⚠️Requires Facebook IDB (`brew install idb-companion`)
  • ⚠️Requires ANTHROPIC_API_KEY (paid API for AI agent functionality)
Review RequiredView Analysis
The server allows execution of arbitrary shell commands via the 'runBefore' field in workflow YAML files (src/workflow/runner.ts). The 'runBefore' script is spawned with `shell: /bin/bash` and directly uses the provided string from the workflow configuration. This is a critical remote code execution vulnerability if a malicious or untrusted workflow file is ever processed. Additionally, `xcrun simctl` commands are executed using `execSync` (src/utils/simulator.ts), though input for these is less directly user-controlled.
Updated: 2025-12-15GitHub
0
0
High Cost
iarwain1 icon
Sec2

Enables AI coding agents to interact with the ErgoAI reasoning engine for logic programming, query execution, and knowledge representation.

Setup Requirements

  • ⚠️Requires ErgoAI (a separate, complex knowledge representation and reasoning system) to be pre-installed and configured on the system.
  • ⚠️May require manually setting the `ERGOAI_PATH` environment variable if ErgoAI is not installed in a standard location.
Review RequiredView Analysis
Critical shell injection vulnerability identified: The `run_ergo_query` tool directly uses user-provided `query` strings in a `spawn` command where `shell: true` is enabled for Windows (via `spawn` options). This allows malicious shell metacharacters (e.g., `&`, `|`, `&&`, `||`) within the query to execute arbitrary commands via `cmd.exe` on Windows systems. On Linux/macOS, direct command injection into `runergo` itself (if it supports such escapes within its '-e' argument) is also a concern. While `run_ergo_code` and `check_ergo_syntax` write code to temporary files, `run_ergo_file` directly uses `file_path` as an argument, which could still be vulnerable to shell injection depending on the path's content. The overall lack of input sanitization for user-provided query strings and file paths before executing external processes makes this server unsafe to run without modifications.
Updated: 2025-12-10GitHub
0
0
Low Cost
Nik95 icon
Sec9

This server implements a Spring AI Micro-Agent Protocol (MCP) tool server, demonstrating a custom Jackson ObjectMapper configuration for serialization/deserialization.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) 17+.
  • ⚠️Requires Maven or Gradle to build and run.
Verified SafeView Analysis
The code is simple and straightforward, defining a basic MCP tool with custom Jackson ObjectMapper configuration. No 'eval' or dynamic code execution is present. Input is handled as simple strings, mitigating common injection risks. No hardcoded secrets or suspicious network activity are visible. 'failOnUnknownProperties(false)' is used, which could be a deserialization risk in more complex scenarios with untrusted inputs and vulnerable gadgets, but for this specific, simple tool, it does not pose an immediate or critical threat.
Updated: 2025-11-20GitHub
0
0
Medium Cost
NoSugarCoffee icon

youmind-mcp

by NoSugarCoffee

Sec8

Provides a Model Context Protocol (MCP) server to retrieve content from YouMind by craft ID for use with AI models.

Setup Requirements

  • ⚠️Requires a YouMind account and manual extraction of the 'YOUMIND_AUTH_TOKEN' cookie from the browser.
  • ⚠️Designed to be used with an existing MCP client (e.g., Claude Desktop, Cursor).
  • ⚠️Requires Python 3.8 or higher.
Verified SafeView Analysis
The server uses environment variables for authentication tokens, which is good practice. It handles common HTTP errors gracefully. No malicious patterns like 'eval' or hardcoded secrets were found. The primary security consideration for users is the sensitive nature of the 'YOUMIND_AUTH_TOKEN', which is a session cookie and requires careful handling to prevent unauthorized access to their YouMind account.
Updated: 2026-01-17GitHub
0
0
Low Cost
pankaj891 icon

remote-mcp-server

by pankaj891

Sec9

An MCP server for tracking, listing, and summarizing personal or business expenses, designed to be interacted with via an LLM tool-calling interface.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer, which is currently in pre-release (alpha/beta) and not widely adopted, posing a significant compatibility challenge for most users.
  • ⚠️The SQLite database is stored in a temporary directory (`tempfile.gettempdir()`), meaning all expense data will likely be lost upon system reboot or temporary file cleanup.
Verified SafeView Analysis
SQL queries are properly parameterized, effectively mitigating common SQL injection vulnerabilities. No 'eval', code obfuscation, or hardcoded secrets are present. The server binds to 0.0.0.0, which is standard for accessibility but in production environments would ideally be restricted or placed behind a firewall/reverse proxy. The database resides in a temporary directory, which is safe from a security standpoint but implies non-persistence.
Updated: 2025-11-22GitHub
0
0
Medium Cost
jmstone617 icon

brewfather-mcp

by jmstone617

Sec8

Provides an MCP server to connect LLMs with BrewFather, allowing retrieval of brewing data and basic calculations like ABV.

Setup Requirements

  • ⚠️Requires Node.js v18 or higher.
  • ⚠️A BrewFather account with API access is required (Premium subscription needed for BrewFather API access).
  • ⚠️BrewFather API credentials (BREWFATHER_USER_ID, BREWFATHER_API_KEY) must be provided in a .env file or environment variables.
Verified SafeView Analysis
The server correctly retrieves API keys from environment variables. It makes external HTTP requests to the BrewFather API. Input validation for tool arguments relies on the Model Context Protocol SDK's Zod schemas and basic JavaScript type coercion (e.g., parseFloat, type casting), which is generally sufficient but could be hardened with more explicit numeric validation before calculations or URL parameter usage. No 'eval' or direct arbitrary command execution found.
Updated: 2026-01-16GitHub
0
0
Low Cost
Tocky14 icon
Sec9

Fetches trending articles from the Qiita API based on specified tags, intended as a component of a larger Microservice Composer Platform (MCP) server.

Setup Requirements

  • ⚠️Requires Node.js environment (version 18+ recommended based on package-lock.json).
  • ⚠️Requires `npm install` to resolve dependencies like axios and development tools (TypeScript, ts-node).
  • ⚠️The provided code is a service class, not a complete executable server application. An additional entry point (e.g., `index.ts`) would be needed to instantiate and expose this service as a functional server within an MCP.
Verified SafeView Analysis
The code primarily involves making HTTP GET requests to the public Qiita API using axios. User input for 'tag' and 'per_page' is passed as query parameters, which is handled safely by axios and the Qiita API, reducing direct injection risks. No 'eval', 'child_process', or direct execution of untrusted input is observed. No hardcoded secrets are present. Error logging is implemented.
Updated: 2025-12-07GitHub
0
0
Medium Cost
selvanayaki678 icon

k8s-ai-agent

by selvanayaki678

Sec4

An AI agent that allows users to query and manage their Kubernetes cluster using natural language questions.

Setup Requirements

  • ⚠️Requires an AWS Account with configured credentials (paid services will be incurred for EKS and Bedrock).
  • ⚠️Requires a Docker Hub account to build and push the MCP Server image.
  • ⚠️Manual configuration updates needed in `deployment.yaml` (Docker Hub username) and `k8s-ai-agent.py` (LoadBalancer URL).
Review RequiredView Analysis
The MCP Server deployment configuration (`deployment.yaml`) grants extremely broad ClusterRole permissions, including 'create', 'update', 'patch', 'delete' on core Kubernetes resources (pods, services, deployments, etc.) and 'get', 'list', 'watch' on ALL resources in ALL API groups. This level of access is explicitly noted as 'full read/write access for troubleshooting' but presents a critical security risk if the MCP server is compromised. Furthermore, the MCP server is exposed to the internet via a LoadBalancer service. The internal source code for the MCP server Docker image itself is not provided, preventing a full audit of its implementation and potential vulnerabilities that could exploit these excessive permissions.
Updated: 2025-11-27GitHub
0
0
High Cost
beamuu icon

kubscan-mcp

by beamuu

Sec2

The MCP server acts as an intermediary, exposing a suite of tools to interact with the Kubscan blockchain explorer API, enabling agents to query blockchain data such as addresses, blocks, transactions, and statistics.

Setup Requirements

  • ⚠️Requires the Bun runtime environment.
  • ⚠️Communicates with kubscan.com/api/v2, an external API. While no API key is specified in the code, external API dependencies always carry potential rate limiting or availability issues.
  • ⚠️Disables TLS certificate verification, which is a critical security risk and not suitable for production deployments without significant modification.
Review RequiredView Analysis
The KubscanClient explicitly disables TLS certificate verification (`tls: { rejectUnauthorized: false }`) when making `fetch` requests to `kubscan.com/api/v2`. This is a critical security vulnerability that exposes the application to man-in-the-middle attacks, allowing attackers to intercept or alter communication between the server and the Kubscan API. This should never be used in a production environment. Additionally, error logging includes stack traces, which could expose internal paths and details if not properly managed.
Updated: 2025-11-24GitHub
0
0
Low Cost
dmarsters icon
Sec9

Generate structured compositional parameters and thematic guidance from astronomical constellation patterns for AI image generation.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Relies on external network access to 'cdn.jsdelivr.net' to fetch optional constellation geometry data; functionality for this specific feature may be impacted if the CDN is unreachable.
Verified SafeView Analysis
The code is generally clean, well-structured, and does not use dangerous functions like 'eval' or contain hardcoded secrets. It makes a single external HTTP request to 'cdn.jsdelivr.net' to fetch constellation geometry data. While this is a standard CDN, reliance on external network resources always carries a minor inherent risk of unavailability or, in a highly unlikely scenario, compromise of the CDN serving malicious data. Input validation with Pydantic is robust.
Updated: 2025-11-29GitHub
0
0
Medium Cost
alibahadircoskun icon

ansible-network-mcp

by alibahadircoskun

Sec5

Manages Ansible environments and executes network automation tasks on network devices via conversational AI (Claude Desktop).

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires Claude Desktop application for primary use case.
  • ⚠️Default installation (via `install.sh`) creates hardcoded root credentials, which must be immediately changed.
  • ⚠️Disables SSH host key checking by default, making it susceptible to MITM attacks.
Review RequiredView Analysis
CRITICAL: The `install.sh` script creates `group_vars/qfx_switches.yml` with hardcoded default credentials (`ansible_user: root`, `ansible_password: Admin123_`). This is a severe security risk, as these are exposed and may be forgotten. Users are strongly advised to change these immediately and consider Ansible Vault for sensitive data. CRITICAL: The server explicitly sets `ANSIBLE_HOST_KEY_CHECKING=False` in its subprocess calls and recommends it in `ansible.cfg` and Claude Desktop configuration. This disables host key verification, making it vulnerable to Man-in-the-Middle (MITM) attacks during SSH/NETCONF connections. POSITIVE: Input sanitization functions (`sanitize_input`, `sanitize_filename`) and path traversal checks (`safe_path_join`, `full_path.startswith(ANSIBLE_DIR)`) are implemented, which helps mitigate command injection and file system access vulnerabilities within the tool's operations. File operations are restricted to the configured Ansible directory.
Updated: 2025-11-26GitHub
0
0
Medium Cost
tokligence icon

mcp-server

by tokligence

Sec5

A server application designed to host or manage a game, likely Minecraft, facilitating multiplayer interaction and custom server functionalities.

Setup Requirements

  • ⚠️Requires Java Runtime Environment (JRE) if it's a Java-based server (common for Minecraft).
  • ⚠️Requires appropriate network configuration and port forwarding for external access.
Review RequiredView Analysis
Source code was not provided, preventing a detailed security audit. Consequently, specific checks for 'eval', obfuscation, hardcoded secrets, or malicious patterns could not be performed. General server application risks regarding network exposure and input validation are assumed to exist but unverified.
Updated: 2025-11-19GitHub
PreviousPage 525 of 713Next