Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
Theanh130124 icon

Hands_on_LLM

by Theanh130124

Sec3

Develop and demonstrate LLM agents interacting with external tools via MCP (Microservice Communication Protocol) servers, featuring prompt caching for efficiency and a Streamlit UI for a banking assistant.

Setup Requirements

  • ⚠️Requires a custom OpenAI-compatible LLM endpoint (e.g., vLLM, Ollama) running at `http://103.78.3.96:8000/v1`.
  • ⚠️Requires `MODEL_API_KEY` and `HF_API_KEY` environment variables.
  • ⚠️Requires local MCP server running on `http://localhost:8000` for tool execution.
  • ⚠️Requires `uv` package manager for `mcp/agent_call_mcp_sse.py`.
Review RequiredView Analysis
The LLM client configuration (`mcp/llm_call_mcp_sse.py` and `mcp/agent_call_mcp_sse.py`) uses hardcoded `api_key="FAKEAPI"` or `api_key="ANYTHING"` when connecting to a custom LLM endpoint (`http://103.78.3.96:8000/v1`). This indicates a lack of proper authentication for LLM calls and presents a significant security vulnerability if the target endpoint is exposed or not adequately secured. Additionally, prompt caching stores queries and responses in plain JSON files on the local filesystem, which could expose sensitive information.
Updated: 2025-11-27GitHub
0
0
Medium Cost
esinecan icon
Sec8

A lightweight MCP server that provides read-only GitHub operations by wrapping the `gh` CLI, with structured and pruned JSON responses.

Setup Requirements

  • ⚠️Requires Node.js 18+ installed.
  • ⚠️Requires `gh` CLI installed and authenticated (`gh auth login`).
Verified SafeView Analysis
The server primarily relies on executing `gh` CLI commands using `child_process.exec`. While arguments are constructed internally and are not directly concatenated with raw user input, any vulnerability in the `gh` CLI itself or an unforeseen shell injection vector could pose a risk. The `exec` calls do not use `shell: true` with raw input, which mitigates some common injection attacks, but `gh` commands themselves can be complex. There are no obvious `eval` or obfuscation patterns. Prerequisites include `gh` CLI authentication, which uses existing user credentials.
Updated: 2026-01-18GitHub
0
0
High Cost
QRpeachKZ icon

code-vectorizer

by QRpeachKZ

Sec5

This project vectorizes code in various programming languages to create embeddings for functions and files, transmitting them to an MCP Server to enhance LLM context management for code analysis and editing.

Setup Requirements

  • ⚠️Requires a running and configured 'MCP Server'.
  • ⚠️Requires Python environment with ML dependencies (e.g., embedding models, language parsers).
Review RequiredView Analysis
Only the README.md was provided for analysis. Without access to the actual source code beyond the README, a comprehensive security audit is not possible. Therefore, no specific security vulnerabilities (like 'eval', hardcoded secrets, network risks, or malicious patterns) could be identified or ruled out. The 'is_safe_to_run' status is based solely on the absence of executable code to review.
Updated: 2025-11-23GitHub
0
0
Medium Cost
Veraticus icon

redlib-mcp

by Veraticus

Sec8

Exposes Redlib's JSON API endpoints to LLMs for querying Reddit content.

Setup Requirements

  • ⚠️Requires a running Redlib instance accessible via network.
  • ⚠️Configuration of `REDLIB_URL` (env var or config file) is essential.
  • ⚠️Python 3.10+ required.
Verified SafeView Analysis
The server's outgoing requests depend on the `REDLIB_URL` configuration. If `REDLIB_URL` is configured to an untrusted or malicious host, the MCP will proxy requests to it. This is a configuration risk. Incoming MCP connections have DNS rebinding protection and allowed hosts configured via `MCP_ALLOWED_HOSTS`.
Updated: 2026-01-18GitHub
0
0
Low Cost
nschwermann icon

agent_fabric

by nschwermann

Sec7

Enables AI agents to safely interact with paid APIs and on-chain workflows on Cronos EVM using scoped, programmable permissions via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a PostgreSQL database for data storage.
  • ⚠️Requires a securely generated RSA private key (`SERVER_PRIVATE_KEY`) for hybrid encryption of sensitive data (session keys, API headers).
  • ⚠️Full smart account functionality (EIP-7702 signing) may require specific wallet support (e.g., Rabby with experimental features enabled).
Verified SafeView Analysis
The project demonstrates robust security practices with the core smart contract design, implementing ERC-7702 delegation with session key support for granular control (least privilege, time bounds, revocability). Sensitive data like session key private keys and API headers are handled using standard, strong hybrid encryption (RSA-OAEP and AES-256-GCM), protecting them at rest and in transit. The API proxy URL validation (blocking localhost/private IPs) helps prevent Server-Side Request Forgery (SSRF) attacks. A potential area for concern lies in the workflow engine's expression resolution (`resolveAllExpressions`). While it does not use `eval` and employs regex for path parsing, if malicious users could create or inject arbitrary workflow definitions, they might theoretically craft expressions to disclose sensitive information from the `WorkflowContext` (which includes wallet addresses and session IDs). However, this risk is mitigated by the fact that workflow definitions are typically created and managed by authenticated users with appropriate permissions. The permissive CORS configuration (`origin: true`) means clients must be diligent in verifying origins, but this is a common setup for public-facing APIs.
Updated: 2026-01-19GitHub
0
0
Medium Cost

i18n-mcp-translator

by ChaoTzuJung

Sec7

An automated i18n translation server based on Model Context Protocol (MCP) for processing and refactoring source code files with AI.

Setup Requirements

  • ⚠️Requires Node.js v22.0.0 or above.
  • ⚠️Requires a Google Generative AI API Key (a paid service) for full functionality.
  • ⚠️Needs a compatible Model Context Protocol (MCP) client to interact with, as it does not have a standalone UI.
Verified SafeView Analysis
This tool interacts with the local filesystem (modifying source code and translation JSON files), executes `git` commands (add, commit, push), and makes external API calls to Google Generative AI. Communication occurs over stdio, not an open network port, reducing external network attack surface for the server itself. However, it relies on client requests for file and git operations, requiring trust in the MCP client and its configuration to prevent unintended modifications or data loss.
Updated: 2025-11-19GitHub
0
0
Low Cost
bioanywhere icon

yoyo

by bioanywhere

Sec8

This repository provides client libraries for interacting with the World News API, enabling access to news sources and semantic search capabilities.

Setup Requirements

  • ⚠️Requires API keys for the external World News API (likely a paid service).
  • ⚠️Requires Python 3.7+ for the Python package, or CMake 3.2+, Qt, and a C++ Compiler for the C++ client.
Verified SafeView Analysis
The codebase consists of auto-generated API client libraries (C++, Java, Kotlin, Angular, Perl, C#, Go, Dart, JavaScript, PHP, Haskell, Rust, Elixir, Lua, Python) using standard HTTP and JSON parsing libraries. URL encoding for parameters is consistently applied (`QUrl::toPercentEncoding`, `URLEncoder.encode`), which is good for preventing URL injection. API keys and other credentials are handled via programmatic setting, with examples showing placeholder values. There are no obvious hardcoded production secrets or malicious patterns (like `eval` on untrusted input). A potential, non-critical risk exists if downloaded filenames derived from `Content-Disposition` headers are not thoroughly sanitized before being used to write files to the local disk, which could lead to path traversal vulnerabilities in the consuming application. The C++ OAuth `ReplyServer` binds to a local port (9999) and sends static HTML, which is generally acceptable for local development and redirect handling.
Updated: 2025-12-13GitHub
0
0
Low Cost
BlockRunAI icon

awesome-data-mcp

by BlockRunAI

Sec10

A curated list of Model Context Protocol (MCP) servers and AI skills relevant to data engineering, analytics, and business intelligence.

Verified SafeView Analysis
This repository (awesome-data-mcp) is a curated list of MCP servers and AI skills, not an MCP server itself. The provided source code consists solely of markdown files (README.md, CONTRIBUTING.md). There is no executable code (e.g., JavaScript, Python) within this repository to audit for runtime security risks like 'eval', obfuscation, network vulnerabilities, or hardcoded secrets. The security score reflects that the repository itself is static documentation and poses no direct runtime security threats.
Updated: 2026-01-17GitHub
0
0
Low Cost
SolaceLabs icon
Sec5

The Solace TryMe CLI MCP Server enables Large Language Models to interact with Solace event brokers by wrapping Solace Try-Me CLI (STM) commands, primarily for event feed management, generation, and basic messaging operations.

Setup Requirements

  • ⚠️Requires Solace Try-Me CLI (STM) v0.0.83+ installed and available in the system's PATH.
  • ⚠️Interactive STM CLI commands (e.g., those requiring user prompts for confirmation or data entry) are not fully supported via the CLI wrapping approach, leading to limitation messages for certain operations (e.g., `stm_feed_generate`'s full interactive flow). Messaging tools like `stm_receive`, `stm_request`, and `stm_reply` have been intentionally removed from the MCP server due to their interactive nature, meaning LLMs cannot use them.
  • ⚠️Requires pre-configuration of STM CLI with broker connection details (e.g., URL, VPN, credentials) for actual message publishing or resource management, typically done via `stm config init`.
Review RequiredView Analysis
The server uses `child_process.exec` to run STM CLI commands, which is inherently risky due to potential shell injection vulnerabilities. Although a `sanitizeCommand` function attempts basic sanitization by removing common shell metacharacters, the source code explicitly states this is 'basic sanitization' for a POC and that a 'full implementation would be more thorough'. This indicates an acknowledged risk for shell injection if a sophisticated bypass were found. The server also handles sensitive connection parameters (URL, username, password) that are passed to the underlying CLI, which could be a vector for credential exposure or misuse if not properly secured at the system level.
Updated: 2025-11-24GitHub
0
0
Low Cost
muskke icon
Sec6

A remote Model Context Protocol (MCP) server providing basic calculator functionality on Cloudflare Workers, designed to be authentication-less for demonstration or private network usage.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment and associated billing for Cloudflare Workers.
  • ⚠️Requires Cloudflare's 'wrangler' Command Line Interface (CLI) tool for local development and remote deployment.
  • ⚠️The server is 'authless' by design; deploying it publicly without adding custom authentication is a critical security risk and should only be done for non-sensitive data or within a secure, private network.
Review RequiredView Analysis
The server is explicitly designed to operate 'authless' (without authentication), as clearly stated in its name and README. This means that if deployed publicly without additional, custom authentication measures, its functionality will be accessible to anyone. This poses a significant security risk for any sensitive data or operations. The core calculator logic (add, calculate) within `src/index.ts` does not exhibit obvious code-based vulnerabilities like command injection or SQL injection. The primary security concern stems from its intended lack of access control.
Updated: 2025-12-11GitHub
0
0
Medium Cost
akhenakh icon

codemcp

by akhenakh

Sec9

Provides structural code search for Go codebases, integrating AST analysis and Gopls for AI agents via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Go 1.22+ installed locally.
  • ⚠️Requires `gopls` to be installed and in PATH for dependency search capabilities (`go install golang.org/x/tools/gopls@latest`).
Verified SafeView Analysis
The server correctly restricts file access for the `read_file` tool to explicitly allowed directories (project root, Go Module Cache, Go Standard Library) using `isAllowedPath` checks and path sanitization, preventing arbitrary file system access. It spawns trusted system commands (`gopls`, `go env`, `git ls-files`) as subprocesses. No 'eval' or hardcoded secrets were found, and it communicates over stdio, limiting external network attack surfaces.
Updated: 2026-01-17GitHub
0
0
High Cost
developerlabsai icon

debug-mcp-server

by developerlabsai

Sec9

Bridge web browsers and Claude Code for seamless debugging workflows, capturing debug data, and facilitating interactive Q&A.

Setup Requirements

  • ⚠️Requires Node.js version 20.x or higher.
  • ⚠️The server runs on localhost only; client applications (browser widgets, Claude Code) must be able to access 127.0.0.1 on the configured port.
  • ⚠️Requires write access to the local filesystem for its storage path (default: ~/.debug-mcp).
Verified SafeView Analysis
The server is explicitly designed to run on 'localhost' (127.0.0.1) only, binding to this address and using CORS middleware to restrict origins to localhost/127.0.0.1. This significantly mitigates external network risks. No hardcoded secrets, obfuscation, or direct 'eval' usage were found. It is very safe for its intended local development environment use.
Updated: 2025-11-26GitHub
PreviousPage 545 of 713Next