Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
Ariel-Fam icon
Sec7

An AI agent application that leverages Firecrawl for web scraping and data extraction, providing a Streamlit-based chat interface for user interaction and specialized analysis of developer tools.

Setup Requirements

  • ⚠️Requires OpenAI API Key for 'gpt-4.1' model (Paid Service)
  • ⚠️Requires Firecrawl API Key (Paid Service)
  • ⚠️Requires Node.js and npm/npx installed for 'firecrawl-mcp'
  • ⚠️The 'main.py' application runs as a Streamlit server, requiring 'streamlit' to be installed and run via 'streamlit run'.
Verified SafeView Analysis
The application uses Firecrawl for web scraping, which by its nature involves making requests to arbitrary external URLs. This capability, especially when driven by an LLM agent, could potentially be misused for SSRF or other network-based attacks if user input is not carefully constrained or validated by the LLM's guardrails. No hardcoded secrets or 'eval' statements were found. API keys are loaded from environment variables, which is good practice.
Updated: 2025-11-28GitHub
0
0
Low Cost
Blacol icon
Sec6

Manages personal calendar events and to-do items on a CalDAV server, enabling automation and interaction through large language models.

Setup Requirements

  • ⚠️Requires access to a CalDAV server and its credentials (URL, username, password).
  • ⚠️Credentials must be stored in 'config.json' file.
  • ⚠️The server listens on port 20002; this port needs to be opened/forwarded for external access.
  • ⚠️Requires Python 3.11+ and 'uv' for dependency management and execution.
Verified SafeView Analysis
The CalDAV server credentials (URL, username, password) are read from a 'config.json' file, which is less secure than using environment variables, especially for production deployments. Direct 'json.loads' is used on model inputs, which could be a concern if malicious JSON strings can be crafted, though the subsequent usage of these parsed values in CalDAV operations appears to mitigate direct code injection risks. The server binds to '0.0.0.0' and listens on port 20002, requiring the user to manage network exposure.
Updated: 2025-12-22GitHub
0
0
Low Cost
FranklynChimobi icon

locusts_mcp

by FranklynChimobi

Sec9

A dynamic performance testing application using Locust for simulating user traffic and API load, with a roadmap to become an MCP-ready server.

Setup Requirements

  • ⚠️Requires Python 3.11+ for execution, as specified in the plan.md.
  • ⚠️Requires Locust 2.x to be installed as a dependency (`pip install "locust>=2.23,<3"`).
  • ⚠️Relies on JSON configuration files for test scenarios; understanding their structure is crucial.
Verified SafeView Analysis
The core `locustfile.py` is well-structured and avoids obvious direct security vulnerabilities like `eval`. Configuration is loaded from JSON files and environment variables, with precedence for CLI overrides. The primary security consideration is the trustworthiness of the configuration files (`data/config.json`, `data/config.example.json`, or a path specified by `CONFIG_PATH`). A malicious configuration could direct the load test to unintended targets or send harmful payloads, but this is inherent to the nature of a configurable load testing tool. Example config files contain a 'test-token', which is appropriate for examples. The `seed` is redacted in logs, showing good practice for sensitive configuration values.
Updated: 2026-01-19GitHub
0
0
Low Cost
Victors081 icon

obsidian-mcp-server

by Victors081

Sec9

Enables Model Context Protocol (MCP) clients, such as Claude Desktop, to seamlessly interact with Obsidian vaults for knowledge management and automation.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Advanced Obsidian integration features (e.g., executing commands, opening files in UI) require the 'Obsidian Local REST API' plugin to be installed and enabled in your Obsidian vaults.
  • ⚠️Currently requires installation from source via 'git clone', 'npm install', and 'npm run build', as it's not yet published to npm.
Verified SafeView Analysis
The server demonstrates strong security practices. It includes robust path validation to prevent traversal attacks and ensures symlink targets are within allowed directories. REST API commands are limited to an explicit allowlist. API keys are discovered from Obsidian plugin configuration, cached in memory, and not serialized to disk. Rate limiting is implemented globally, per-vault, and per-operation to prevent abuse. File locking is used to ensure data integrity during concurrent access. Auto-configuration logic is designed to add safe parent paths (under user home directory) to allowed locations, avoiding system directories. The primary communication channel is stdio, limiting external network attack surface directly from this server process.
Updated: 2026-01-17GitHub
0
0
Low Cost
HermeticOrmus icon
Sec10

Provides a personalized greeting message via a simple MCP tool, serving as the simplest possible example for new MCP server developers.

Setup Requirements

  • ⚠️Requires Python 3.9 or higher.
  • ⚠️Requires 'fastmcp' library to be installed (`pip install fastmcp`).
  • ⚠️Requires absolute path configuration in `~/.claude/mcp.json`.
Verified SafeView Analysis
The server exposes a single tool `say_hello` which takes a string `name`. Input validation for `name` ensures it's a non-empty string. The response is a simple f-string interpolation of the validated input. No external system calls, network requests, file I/O, or dynamic code execution are present, minimizing attack surface. No hardcoded secrets. It is extremely safe for its intended purpose.
Updated: 2025-11-20GitHub
0
0
Low Cost
shaik2025 icon

MCP-server-example

by shaik2025

Sec9

Provides a Micro-Agent Compute Protocol (MCP) server exposing basic arithmetic operations (add, subtract, multiply, divide) as callable tools.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer, which is currently a pre-release version.
  • ⚠️Requires `mcp` and `httpx` Python packages to be installed.
Verified SafeView Analysis
The source code implements simple arithmetic operations without any discernible security risks. There are no uses of 'eval', obfuscation, direct network risks (as it defaults to stdio transport), or hardcoded secrets. The mathematical operations are inherently safe.
Updated: 2025-12-06GitHub
0
0
Medium Cost
TheClusterFlux icon
Sec9

Enables AI assistants to discover, inspect, and safely interact with services deployed in a Kubernetes cluster via a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires access to a Kubernetes cluster API (either in-cluster or via kubeconfig).
  • ⚠️API keys must be securely configured via a Kubernetes secret (mcp-server-api-keys) before deployment.
  • ⚠️For HTTP API mode, an Ingress controller, a designated hostname (e.g., mcp-cluster-services.theclusterflux.com), and TLS certificates are required for HTTPS access.
Verified SafeView Analysis
The server demonstrates strong security practices including read-only Kubernetes RBAC, API key authentication (fail-safe by default), rate limiting, robust SSRF protection (restricting requests to cluster-internal *.svc.cluster.local domains and allowed ports), HTTPS enforcement, comprehensive input validation, error sanitization to prevent sensitive data leakage, and request size limits. A 'DEV_MODE' exists to bypass authentication, which should only be enabled in isolated development environments. Overall, the security implementation is well-considered and robust.
Updated: 2025-11-23GitHub
0
0
Medium Cost
BootcampToProd icon
Sec8

Acts as an intelligent MCP client that translates natural language commands into file operations orchestrated through an AI agent.

Setup Requirements

  • ⚠️Requires OpenRouter (or OpenAI-compatible) API Key
  • ⚠️Requires a separate MCP server running at http://localhost:8080
  • ⚠️Java Development Kit (JDK) required
  • ⚠️Maven required to build and run
Verified SafeView Analysis
The application uses an AI agent to interpret natural language commands and invoke file operation tools provided by an external MCP server. It explicitly uses an API key (OPENAI_API_KEY) for the OpenRouter AI service, expected to be passed as an environment variable, preventing hardcoding. There are no direct uses of 'eval' or arbitrary code execution within the client. Logs can expose prompts and LLM responses if Verbosity is set to show them (as it is in the FileOperationsController), which could be a concern for sensitive data in production environments. The primary security considerations shift to the security of the connected MCP server and the trustworthiness of the LLM outputs. The client's role is primarily orchestration and natural language interpretation.
Updated: 2025-12-22GitHub
0
0
Medium Cost
JAI0705 icon
Sec9

An MCP server for tracking personal expenses, storing them in a local SQLite database and providing tools to add, list, and summarize expenses.

Setup Requirements

  • ⚠️Requires Python 3.13 or higher.
  • ⚠️Manual configuration of `~/.cursor/mcp.json` is needed, including the absolute path to `main.py` for integration with Cursor IDE.
Verified SafeView Analysis
The server uses parameterized SQL queries via `sqlite3.connect` for all database operations (INSERT and SELECT), which effectively prevents SQL injection vulnerabilities. There is no usage of `eval`, `exec`, `subprocess.run`, `os.system`, or direct execution of unsanitized user input. File paths are handled with `os.path.join`. No hardcoded secrets or sensitive external network interactions are evident. The `categories()` resource reads a local, static JSON file.
Updated: 2025-11-20GitHub
0
0
Low Cost
JB181-test icon
Sec1

Serves as an edge-based proxy or server utilizing Cloudflare's network infrastructure, likely for routing requests or providing application logic.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment.
  • ⚠️Requires `wrangler` CLI installed for development and deployment.
  • ⚠️Requires domain and DNS configuration for production deployment.
Review RequiredView Analysis
Source code was not provided, therefore a comprehensive security audit could not be performed. Running unverified code carries inherent risks, including the potential for 'eval' usage, hardcoded secrets, or malicious patterns that could not be checked.
Updated: 2025-11-26GitHub
0
0
Low Cost
bioanywhere icon

central

by bioanywhere

Sec8

The World News API client provides easy access to thousands of news sources for integration into various applications.

Setup Requirements

  • ⚠️Requires a World News API Key (likely paid service for extensive use).
  • ⚠️Python client requires Python 3.7+ and pip installation.
  • ⚠️C++ client requires CMake 3.2+ and Qt for building applications that use it.
Verified SafeView Analysis
This project is an API client library, not a server. API keys are expected to be provided by the user and are not hardcoded in the library. File handling in the C++ client (OAIHttpRequestWorker::process_response) might be vulnerable to directory traversal if filenames from Content-Disposition headers are not properly sanitized by the consuming application, but this risk pertains to library usage rather than the library's inherent maliciousness.
Updated: 2025-12-13GitHub
0
0
Low Cost
sasanka0212 icon

test-mcp-server

by sasanka0212

Sec1

A placeholder for a test server application, likely intended for simulating or interacting with a specific network protocol, possibly related to Minecraft Protocol (MCP) development or testing.

Review RequiredView Analysis
No source code was provided for analysis, making a security audit impossible. Running this project without reviewing its code is highly risky, as it could contain arbitrary malicious patterns, backdoors, or critical vulnerabilities. Therefore, a score of 1 is assigned.
Updated: 2025-11-29GitHub
PreviousPage 531 of 713Next