Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
digit1024 icon

mcp_openapi_bridge

by digit1024

Sec8

A Model Context Protocol (MCP) server that dynamically exposes REST API endpoints as MCP tools by reading OpenAPI specifications.

Setup Requirements

  • ⚠️Requires Rust/Cargo toolchain for building.
  • ⚠️Requires `BASE_URL` and `DOC_URL` environment variables.
  • ⚠️The `INSECURE` environment variable allows disabling SSL certificate validation, which poses a security risk if misused.
Verified SafeView Analysis
The server can be configured to accept invalid certificates via the `INSECURE` environment variable (`danger_accept_invalid_certs(true)`), which is a significant security risk for Man-in-the-Middle (MITM) attacks if used in untrusted environments. This feature is intended for testing or self-signed certificates in controlled environments and logs a warning when enabled. No other obvious vulnerabilities like `eval` or hardcoded secrets were found in the provided source code. Outbound API calls are central to its function.
Updated: 2025-12-07GitHub
0
0
Medium Cost
pophalea icon

thingsboard-mcp

by pophalea

Sec7

Enables AI assistants to interact directly with ThingsBoard instances for managing IoT assets, devices, telemetry, and alarms via a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires 'tb-rest-client' Python package to be installed.
  • ⚠️Needs ThingsBoard URL, username, password, and edition (CE/PE) configured via environment variables.
  • ⚠️Initial tool generation script (`generate_thingsboard_mcp.py`) must be run first to create the API wrappers.
Verified SafeView Analysis
The server uses environment variables for ThingsBoard credentials, which is good practice. No direct 'eval' or similar arbitrary code execution found within the MCP server's own Python code. However, several tools (e.g., `rule_chain.test_script`, `converter.test_down_link_converter`, `converter.test_up_link_converter`) explicitly take string arguments that are then executed as scripts (JavaScript) on the remote ThingsBoard platform. This exposes a vector for server-side script injection on the ThingsBoard instance if the AI assistant is not constrained from providing malicious scripts, though this is an inherent feature of ThingsBoard's rule engine and converter capabilities, not a vulnerability in the MCP server's direct execution context.
Updated: 2026-01-18GitHub
0
0
Medium Cost
Daniel-Warner-X icon

mcp-deployment

by Daniel-Warner-X

Sec8

Deployment and management of Model Context Protocol (MCP) servers on OpenShift Local for integrating tools like ToolHive and Google Workspace.

Setup Requirements

  • ⚠️Requires OpenShift Local (CRC) with `cluster-admin` access.
  • ⚠️Significant memory constraints on OpenShift Local necessitate resource reduction (e.g., lower Helm values, `oc patch` for pods).
  • ⚠️Manual Google Cloud Console setup for OAuth 2.0 Client ID is required.
  • ⚠️OAuth authentication for Google Workspace MCP requires `oc port-forward` for callback handling during initial tool calls.
Verified SafeView Analysis
The deployment guide explicitly advises `.gitignore`ing sensitive files like Google OAuth credentials (`client_secret_*.json`) and Kubernetes secrets/values files, which is a strong security practice. The deployment is targeted at OpenShift Local, limiting external exposure. The primary security consideration outside of this documentation lies in the trustworthiness of the referenced third-party GitHub repositories for ToolHive and Google Workspace MCP, which are not analyzed here.
Updated: 2025-12-05GitHub
0
0
Low Cost

mcp-custom-test

by mengxuwen

Sec2

Exposes system information, database queries, and external API calls as remote tools via an SSE-based server, often proxied by Ngrok, for remote execution and monitoring.

Setup Requirements

  • ⚠️Requires Ngrok executable installed and configured with a Windows-specific path (e.g., `D:\Downloads\ngrok-v3-stable-windows-amd64\ngrok.exe`) in `server_config.json`.
  • ⚠️Requires access to a specific MySQL database (`db_d_iot_complaint`) with provided credentials and schema (`iot_it_complaint_form` table).
  • ⚠️Requires a valid AMap (Gaode Map) API key configured in `server_config.json`.
  • ⚠️The `client_sync.java_config_path` in `server_config.json` points to a Windows-specific path for a Java client configuration, indicating a tight coupling with a particular client setup.
Review RequiredView Analysis
CRITICAL: Hardcoded MySQL database credentials and AMap API key are present in `server_config.json`. The `ngrok.cmd` configuration in `server_config.json` allows for arbitrary command execution by running a subprocess, posing a severe risk if the configuration file is compromised. The server uses Ngrok to expose local services to the public internet, significantly increasing the attack surface and potential for unauthorized access given the hardcoded secrets.
Updated: 2025-11-25GitHub
0
0
Medium Cost
janfincke icon

early-mcp-server

by janfincke

Sec9

Enables AI assistants to interact with the EARLY app time tracking API for operations like creating, editing, and querying time entries, as well as managing activity timers.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️Requires EARLY API Key and API Secret, which must be obtained from the EARLY app settings (Settings → Developer → API Keys) and configured as environment variables.
  • ⚠️Integration with MCP clients like Claude Desktop requires manual JSON configuration in a specific local file, including the command to run the server and environment variables.
Verified SafeView Analysis
The server uses environment variables for sensitive API keys (EARLY_API_KEY, EARLY_API_SECRET), preventing hardcoding. It utilizes standard and well-audited libraries (axios, Model Context Protocol SDK) for API communication and server functionality. Communication with the MCP client is handled via local stdio, meaning no network ports are exposed by the server for external connections beyond its controlled outgoing API calls. There is no evidence of 'eval' or obfuscation, which are common red flags. Error handling is designed to prevent credential exposure in messages. The risk is primarily tied to the security of the provided API keys and the integrity of the external EARLY API.
Updated: 2025-12-02GitHub
0
0
Medium Cost
Rohitw3code icon
Sec8

Implements a simplified Model Context Protocol (MCP) server providing Twitter and Slack tools, integrated with LangGraph and OpenAI GPT-4o-mini for AI-driven interaction and agentic workflows.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid Service)
  • ⚠️Servers and clients must be run separately in different terminals
  • ⚠️Python 3 environment required
Verified SafeView Analysis
The server-side tools (`fastmcp_http_server.py`, `slack_mcp_server.py`) are implemented with dummy mock data, meaning they do not interact with live external APIs or sensitive resources in this codebase. This significantly reduces direct security risks. The OpenAI API key is loaded from an environment variable (`.env` file), preventing hardcoding. No `eval` or other obvious malicious code patterns were found. Running servers on `0.0.0.0` is standard for local development but would require proper network configuration if exposed publicly.
Updated: 2025-11-22GitHub
0
0
Medium Cost
arthurfantaci icon

jama-mcp-server-graphrag

by arthurfantaci

Sec9

Provides a GraphRAG backend for a requirements management knowledge graph, serving as both an MCP server for Claude Desktop and a REST API for a React chatbot.

Setup Requirements

  • ⚠️Requires access to a Neo4j database (e.g., Neo4j AuraDB), which may incur costs.
  • ⚠️Requires an OpenAI API Key for LLM calls (embeddings, chat models), which is a paid service.
  • ⚠️Requires Python 3.12+ for execution.
  • ⚠️Uses `uv` as the Python package manager, which should be installed if not already present.
Verified SafeView Analysis
The server demonstrates strong security practices: it strictly adheres to Neo4j driver best practices (parameterized queries, explicit transaction functions, single driver instance). The `text2cypher` tool explicitly blocks write/delete/modification operations, which is crucial. All sensitive credentials are managed via environment variables. Standard web frameworks (FastAPI, FastMCP) are used with CORS configured. No obvious 'eval' or 'pickle' vulnerabilities were found in the provided code. The inherent risk of prompt injection with LLMs is present but mitigated by well-defined system prompts and agentic patterns.
Updated: 2026-01-19GitHub
0
0
Low Cost
VenushkiT icon

MCP-Server

by VenushkiT

Sec9

The server provides weather alerts and forecasts for a US state or location, acting as a set of tools for an MCP agent.

Setup Requirements

  • ⚠️Requires 'mcp' and 'httpx' Python packages.
  • ⚠️Requires a compatible agent or environment to interact with the FastMCP server via standard I/O.
Verified SafeView Analysis
The server makes HTTP requests to the legitimate NWS API. No 'eval', hardcoded secrets, or obvious malicious patterns were found. Broad exception handling in 'make_nws_request' could be more specific but doesn't pose a direct security risk.
Updated: 2025-11-20GitHub
0
0
Medium Cost
Kimchiigu icon

aave-sentinel

by Kimchiigu

Sec4

An AI-powered DeFi dashboard for autonomous Aave V3 position management and liquidation prevention.

Setup Requirements

  • ⚠️Requires an Azure OpenAI API Key and Endpoint (Paid service).
  • ⚠️Relies on a pre-deployed, external MCP server for all Aave V3 interactions; instructions for self-hosting the Python backend are not provided.
  • ⚠️Requires a WalletConnect Project ID (NEXT_PUBLIC_REOWN_PROJECT_ID or REOWN_PROJECT_ID).
Review RequiredView Analysis
The primary security risk lies in the architecture's reliance on an external Model Context Protocol (MCP) server (hardcoded as 'https://aave-mcp.blackflower-c2eb3819.eastus2.azurecontainerapps.io') for generating raw blockchain transaction data. The frontend client blindly trusts and forwards this transaction data to the user's wallet for signing, without independently verifying the transaction's intent against user input. If the MCP server is compromised or malicious, it could craft arbitrary transactions (e.g., drain funds) for the user to sign, leading to complete fund loss. While the UI shows the intended action, the underlying raw transaction data is not validated on the client side against the user's explicit intent. Additionally, the use of `NEXT_PUBLIC_AZURE_API_KEY` for a server-side API key is an anti-pattern that increases the risk of accidental exposure.
Updated: 2025-12-02GitHub
0
0
Low Cost
shilloon icon
Sec9

Provides current and hourly weather forecasts for a specified geographic location.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher
Verified SafeView Analysis
No hardcoded secrets, 'eval', or direct shell commands found. Latitude and longitude are directly inserted into the Open-Meteo API URL, which is a public and well-regarded service, mitigating typical URL injection risks.
Updated: 2025-12-11GitHub
0
0
Medium Cost
elsanchez icon

mcp-server-fvwm3

by elsanchez

Sec3

Enables LLMs to interact with FVWM3 for configuration generation, debugging, window management, and development assistance.

Setup Requirements

  • ⚠️Requires Node.js 18+, FVWM3 (v1.1.5+), xrandr, and FvwmCommand to be installed and accessible.
  • ⚠️Hardcoded file paths for configuration and documentation resources (e.g., `~/.fvwm/config`, `~/repo/utils/desktop-settings/CLAUDE.md`) mean the user's filesystem structure must match or the code needs modification.
  • ⚠️The server's capabilities inherently pose significant security risks due to direct shell command execution; requires extreme caution and use only in trusted, isolated environments.
Review RequiredView Analysis
The server executes arbitrary shell commands via `fvwm_execute` and other tools use `child_process.execAsync` with user-supplied inputs (e.g., `window_id` in `fvwm_get_window_info` and `smart_tile_state`). While some basic sanitization is present for `fvwm_execute` (double quotes), this does not prevent broader command injection. `window_id` is directly concatenated into commands or file paths (e.g., `rm -f ${stateDir}/${window_id}`), posing path traversal and arbitrary file deletion risks. The README explicitly warns about these risks, stating the server should only be used in trusted environments and that generated commands should be reviewed.
Updated: 2025-12-05GitHub
0
0
Medium Cost
donvini94 icon
Sec9

This server acts as an MCP (Model Context Protocol) gateway, providing AI assistants with tools to manage Keycloak realms and users via its Admin REST API.

Setup Requirements

  • ⚠️Requires Python 3.13 or higher.
  • ⚠️A running Keycloak instance (local or remote) is mandatory.
  • ⚠️Requires a Keycloak client configured with 'Service Account Enabled' and appropriate admin roles for permissions (e.g., `admin-cli` client and necessary roles).
  • ⚠️Dependency management is recommended with `uv`.
Verified SafeView Analysis
The project follows good security practices for an API client: environment variables are used for sensitive credentials (`.env` file, loaded with `python-dotenv`), `requests` timeouts are implemented, and OAuth2 client credentials flow is correctly utilized with automatic token refresh on expiration or 401 Unauthorized errors. Custom exceptions provide specific error handling. Pydantic models validate API responses, reducing risks from malformed data. There are no clear indications of `eval` or other dangerous patterns.
Updated: 2025-11-18GitHub
PreviousPage 548 of 713Next