Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
Karen-Proyect-IA icon

remote-mcp-server-authless

by Karen-Proyect-IA

Sec8

A serverless Model Context Protocol (MCP) agent providing basic calculator tools, designed for deployment on Cloudflare Workers without authentication for easy integration with AI clients.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment and to utilize Cloudflare Workers and Durable Objects bindings.
  • ⚠️The server is intentionally designed to be authentication-less, making it publicly accessible to any client that knows its URL.
  • ⚠️Requires Node.js and npm/npx (or Cloudflare Wrangler CLI) for local development and deployment.
Verified SafeView Analysis
The server is explicitly designed to operate 'Without Auth', meaning it is publicly accessible. This is a design choice stated in the README, not a hidden vulnerability. The implemented tools ('add', 'calculate') perform simple arithmetic operations locally and do not involve external API calls, file system access, or use of 'eval' or other dynamic code execution, thus inherently limiting the scope of potential abuse. No hardcoded secrets were found in the provided source code snippets. While safe for its intended purpose, its authless nature makes it unsuitable for sensitive computations or applications requiring access control.
Updated: 2025-12-14GitHub
0
0
Low Cost
tim-minter icon
Sec9

Provides tools to interact with a Backstage software catalog to list entities, get details, and view ancestry.

Setup Requirements

  • ⚠️Requires Docker Desktop for containerized deployment.
  • ⚠️Requires an existing Backstage instance.
  • ⚠️Requires `BACKSTAGE_API_BASE` and `BACKSTAGE_BEARER_TOKEN` environment variables for full functionality.
Verified SafeView Analysis
The server correctly handles sensitive information (Backstage API bearer token) by loading it from environment variables or setting it at runtime. Network requests are made using the httpx library, and no dangerous functions like `eval` or direct shell execution are observed. The `BACKSTAGE_API_BASE` is configurable, preventing hardcoding. A potential risk could be if a malicious `BACKSTAGE_API_BASE` is configured, but this is an environment configuration issue rather than a code vulnerability.
Updated: 2025-11-19GitHub
0
0
High Cost
Consist-Systems icon

doxi-mcp-server

by Consist-Systems

Sec8

Manages Doxi Sign document signing flows, templates, and documents for AI clients (ChatGPT, Claude, etc.) via a JSON-RPC 2.0 API.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for AI-powered features (GPTDataExtraction).
  • ⚠️Requires Doxi Sign API access and credentials to manage document flows.
  • ⚠️Designed for Docker deployment, though local 'dotnet run' is also supported.
Verified SafeView Analysis
The server uses standard .NET Core practices for configuration and deployment (e.g., Docker, user secrets for sensitive data). No 'eval' or direct arbitrary code execution patterns were identified. Authentication relies on basic auth, requiring credentials to be passed with method calls, which should be protected via HTTPS in production. API keys (e.g., for GPT) are expected to be configured externally, preventing hardcoding. A potential risk lies in the 'AddTexts' method where AI interaction based on a 'prompt' could be susceptible to prompt injection against the upstream AI model, though this doesn't directly compromise the server's code execution.
Updated: 2025-12-16GitHub
0
0
Medium Cost
davetbo-amzn icon
Sec1

A backend server component responsible for managing and providing memory storage and retrieval functionalities for an AI agent system.

Setup Requirements

  • ⚠️Requires a persistent data store (e.g., database, vector store) for agent memory.
  • ⚠️Potential dependency on external AI services for advanced memory processing or embedding generation.
Review RequiredView Analysis
Security audit cannot be performed as source code was not provided. Consequently, all security aspects including potential vulnerabilities, hardcoded secrets, 'eval' usage, obfuscation, network risks, or malicious patterns are unknown. The score reflects this complete lack of visibility.
Updated: 2025-12-02GitHub
0
0
High Cost
jsamuel1 icon
Sec5

Analyzes OpenTelemetry traces for performance, error diagnosis, and offers LLM-assisted deep analysis.

Setup Requirements

  • ⚠️Requires AWS credentials configured (via environment variables, ~/.aws/credentials, or IAM roles) for X-Ray and CloudWatch functionality.
  • ⚠️Requires Python 3.11 or newer.
  • ⚠️Relies on 'uv' or 'uvx' for installation and execution.
  • ⚠️Sensitive trace data may be sent to an LLM provider during 'deep_analyze' calls.
Review RequiredView Analysis
The `load_trace` tool's `path` parameter directly reads content from the specified file path using `Path(path).read_bytes()`. If an attacker can control this parameter, it could lead to arbitrary local file disclosure. Additionally, the `search_genai_traces` tool's `filter_query` for CloudWatch Logs Insights could allow for query injection, though the impact is likely limited to manipulating log queries rather than code execution. The `deep_analyze` tool sends the full trace data to an LLM provider, which poses a data privacy/confidentiality risk if sensitive information is present in the traces.
Updated: 2026-01-19GitHub
0
0
Low Cost
NailaOfficial icon

mcp-server

by NailaOfficial

Sec10

This repository provides documentation for installing the Google Gemini Command Line Interface (CLI) to interact with Google's Gemini AI services.

Setup Requirements

  • ⚠️Requires Python 3.8 or higher
  • ⚠️Requires `pip` for package installation
Verified SafeView Analysis
The provided source code consists solely of Markdown documentation files, which do not contain executable code. Therefore, it does not pose direct security risks such as 'eval' usage, obfuscation, network vulnerabilities, or hardcoded secrets. Any potential security concerns would originate from the `google-gemini-cli` package itself, which is installed from PyPI as per the instructions and is external to the provided source.
Updated: 2025-12-05GitHub
0
0
Low Cost
lehoangnb icon

xiaozhi-mcp

by lehoangnb

Sec2

Provides real-time Vietnamese financial data, news, radio, and music streaming via MCP servers for AI integration.

Setup Requirements

  • ⚠️Requires `MCP_ENDPOINT` environment variable to be set for the WebSocket connection.
  • ⚠️The MP3 proxy service (`mp3-proxy`) is a Node.js application that relies on `ffmpeg` for real-time transcoding of live streams. `ffmpeg` must be available in the execution environment (e.g., within the Docker image).
  • ⚠️The `SECRET_KEY` environment variable for the `mp3-proxy` service is set to a placeholder and should be replaced with a strong, unique secret for production deployment.
Review RequiredView Analysis
The `calculator.py` script uses `eval(python_expression)` directly on user-provided input. This is a critical remote code execution vulnerability, allowing arbitrary Python code to be executed on the server. Additionally, placeholder `SECRET_KEY=your-esp32-secret-key-2024` in `docker-compose.yaml` implies a secret that should be configured securely and not committed as a placeholder.
Updated: 2025-11-26GitHub
0
0
Medium Cost
yaacov icon
Sec7

Provides an AI assistant with the capability to manage Migration Toolkit for Virtualization (MTV) operations in a Kubernetes cluster, including querying resources, monitoring migrations, and controlling the migration lifecycle.

Setup Requirements

  • ⚠️Requires `kubectl-mtv` CLI installed and available in PATH for local execution of commands.
  • ⚠️Requires access to a Kubernetes cluster with Migration Toolkit for Virtualization (MTV) deployed.
  • ⚠️Requires appropriate RBAC permissions on the Kubernetes cluster for `kubectl-mtv` and `kubectl` operations.
  • ⚠️If using SSE mode without `--tls-cert` and `--tls-key`, communication will be over unencrypted HTTP, which is insecure for sensitive data like Kubernetes tokens.
Verified SafeView Analysis
The server executes `kubectl-mtv` and `kubectl` commands. While arguments are passed safely as `[]string` (mitigating shell injection), the underlying commands grant powerful control over a Kubernetes cluster, including creation, modification, and deletion of resources. If the server or the AI assistant interacting with it is compromised, it could lead to significant cluster alterations or data loss. SSE mode defaults to HTTP, which is insecure for sensitive communication (e.g., passing Kubernetes tokens) if not explicitly configured with TLS (--tls-cert, --tls-key). Token authentication via the Authorization header is supported in SSE mode; while tokens are sanitized for display/logging, they are passed directly to `kubectl`/`kubectl-mtv` for authentication.
Updated: 2025-11-28GitHub
0
0
Medium Cost
zenvite2 icon
Sec3

Integrates a self-hosted Bitbucket Server with the MetaMCP protocol, providing programmatic access to Bitbucket functionalities for potential AI agent interaction.

Setup Requirements

  • ⚠️Requires access to a self-hosted Bitbucket Server instance (not Bitbucket Cloud).
  • ⚠️Requires Python 3.10+ and the UV package manager for dependency management.
  • ⚠️Requires explicit configuration of Bitbucket Server credentials (URL, username/password or token) in a `.env` file.
Review RequiredView Analysis
CRITICAL: The `BitbucketClient` explicitly disables SSL verification (`verify_ssl: False`) by default, making connections vulnerable to man-in-the-middle attacks. This is a severe security risk. Additionally, hardcoded Bitbucket credentials (`viettq32`, `Tqv@@@4302`) are present in test files (`test_connection.py`, `comprehensive_test.py`, `test_mcp_client.py`), posing a risk of credential exposure.
Updated: 2025-11-24GitHub
0
0
Low Cost
netbuffer icon
Sec9

This server provides real-time host system information (CPU, memory, disk, OS) via a Model Context Protocol (MCP) interface, designed for integration with Spring AI applications.

Setup Requirements

  • ⚠️Requires Java 17 or higher
  • ⚠️Requires Maven 3.6.3 or higher for building
  • ⚠️Requires MCP client configuration for integration (e.g., ~/.mcp/config.json)
Verified SafeView Analysis
The server uses the OSHI library to collect read-only system information. It does not involve dynamic code execution, 'eval' functions, or direct network listening (configured as 'web-application-type: none' and uses stdio for MCP). No hardcoded secrets were found. The primary risk would be if the MCP client is compromised and misuses the system information, or if a highly sensitive system runs this in an untrusted environment.
Updated: 2025-12-07GitHub
0
0
Medium Cost
mstfcck icon
Sec8

The API BDD Test Case Generator is an MCP (Model Context Protocol) server that automatically generates BDD (Behavior-Driven Development) test scenarios in Gherkin format from OpenAPI 3.0/3.1 specifications, enabling deep API analysis, comprehensive test generation (happy path, validation, security, edge cases), and export to multiple formats.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️Requires TypeScript for building (if not using npx directly or a pre-built image).
  • ⚠️Requires Docker for containerized deployment.
Verified SafeView Analysis
The server uses Node's native 'fs/promises' for file operations, which are appropriately used for reading input specifications and writing generated output files. When deployed via Docker Compose, these file system operations are confined to designated read-only (input specs) and read-write (output features) directories, limiting potential for unintended file access. The 'RefResolver' in its current implementation specifically handles local references ('#/') and would throw an error for external file or HTTP references, mitigating a potential arbitrary file loading risk. No 'eval' or direct command execution vulnerabilities are present in the provided source code. No hardcoded credentials were identified.
Updated: 2025-12-07GitHub
0
0
High Cost
consigcody94 icon

sentinel-ai

by consigcody94

Sec8

Provides real-time, pattern-based security scanning for code, specifically targeting vulnerabilities in AI-generated code, integrated via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Requires TypeScript 5.7.2 or higher for building from source.
  • ⚠️Requires local setup and configuration within an MCP client (e.g., Claude Desktop config file).
  • ⚠️The tool needs read access to the target code directories and files being scanned.
Verified SafeView Analysis
The server's internal code appears secure and primarily focuses on detecting vulnerabilities in scanned code rather than introducing them. It uses `path.resolve()` for user-provided file paths, which helps mitigate simple path traversal but does not inherently sandbox file access; a malicious AI client could potentially request scans of sensitive system files if the server process has read permissions. No internal use of `eval` or `child_process.exec` with user input was observed. Communication occurs via standard I/O, limiting direct network attack vectors.
Updated: 2025-11-22GitHub
PreviousPage 535 of 713Next