Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
rudxognss icon
Sec8

An AWS Bedrock-based server for video analysis, scene search, and subtitle processing using various AI models.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires AWS CLI installed and configured with appropriate credentials and permissions for Bedrock, S3, S3 Vectors, DynamoDB, and Transcribe.
  • ⚠️Manual creation of AWS S3 Vectors bucket, S3 Vectors index, and DynamoDB table is required before server setup.
  • ⚠️Requires access to specific AWS Bedrock models (Twelve Labs Marengo, Pegasus, Anthropic Claude Sonnet/Haiku) in the configured AWS region.
  • ⚠️The `S3_UPLOAD_BUCKET` environment variable is required if local video files are to be processed.
  • ⚠️Integration is designed for Kiro CLI, requiring a specific `mcp.json` configuration file with an absolute path to the project directory.
Verified SafeView Analysis
The server primarily uses AWS SDK (boto3) for interactions with AWS services (Bedrock, S3, S3 Vectors, DynamoDB, Transcribe). No direct security vulnerabilities like 'eval' or hardcoded sensitive credentials were found. Reliance on AWS CLI configuration or environment variables for credentials is standard practice. The generation of presigned S3 URLs is handled with a limited expiry. Security largely depends on proper AWS IAM role configuration and management of access keys/secrets by the user.
Updated: 2026-01-19GitHub
0
0
Low Cost
Manaphy310 icon

mcp-server-pr

by Manaphy310

Sec1

A server component likely designed for managing or processing pull requests, potentially within a development workflow or for a specific platform.

Review RequiredView Analysis
CRITICAL: Source code for security analysis was not provided in the prompt. Therefore, a comprehensive security audit is impossible. Cannot verify the absence of 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. Running this server without source code review is extremely risky.
Updated: 2025-11-29GitHub
0
0
Medium Cost
monkey-di icon
Sec8

Integrate Figma design data and image downloads into a Qwen CLI workflow for development purposes.

Setup Requirements

  • ⚠️Requires a Figma Personal Access Token (FIGMA_API_KEY).
  • ⚠️Requires Node.js and npm/npx to be installed on the system.
  • ⚠️Uses a community MCP server with limited functionality compared to the official Figma MCP server.
Verified SafeView Analysis
The provided source code handles the Figma API key securely via environment variables and does not contain obvious malicious patterns, 'eval', or hardcoded secrets. However, the core functionality relies on the external 'figma-developer-mcp' npm package, which is run via 'npx'. The security of the overall system depends on the trustworthiness of this third-party package, whose source code is not provided for review.
Updated: 2025-12-14GitHub
0
0
Medium Cost
bugzy-ai icon

teams-mcp-server

by bugzy-ai

Sec9

This server provides AI assistants with standardized access to Microsoft Teams APIs for messaging and channel operations.

Setup Requirements

  • ⚠️Requires a Microsoft Graph OAuth token (TEAMS_ACCESS_TOKEN) to be set in the environment or .env file.
  • ⚠️Requires specific Microsoft Graph API permissions (Team.ReadBasic.All, Channel.ReadBasic.All, ChannelMessage.Send, ChannelMessage.Read.All) configured in an Azure AD app registration.
  • ⚠️Requires Node.js version 20.0.0 or higher.
Verified SafeView Analysis
The server follows good security practices. It uses environment variables for sensitive tokens (TEAMS_ACCESS_TOKEN) and performs strict input validation using Zod schemas for all incoming requests. Tool calls are strictly controlled by a switch statement, preventing arbitrary command execution. No direct eval() or child_process calls are observed. Outgoing network requests are to the legitimate Microsoft Graph API. Errors are caught and logged, preventing sensitive information leaks.
Updated: 2025-12-03GitHub
0
0
Medium Cost
vg9570650 icon

mcp_servers

by vg9570650

Sec9

Provides weather alerts and forecasts by integrating with the National Weather Service (NWS) API.

Setup Requirements

  • ⚠️Requires Python 3.14 or higher.
Verified SafeView Analysis
The server makes external API calls to the public National Weather Service (NWS) API. It handles network errors gracefully with a broad exception catch but does not expose internal details. No dynamic code execution (e.g., 'eval'), hardcoded secrets, or obvious malicious patterns were found. Input parameters are used to construct URLs, relying on the NWS API's robustness for path segment handling.
Updated: 2025-11-21GitHub
0
0
Low Cost
arrow2nd icon

vv-mcp

by arrow2nd

Sec9

Provides a Model Context Protocol (MCP) server to enable text-to-speech synthesis using VOICEVOX for Claude Desktop and Claude Code.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️Requires VOICEVOX application to be installed and running locally (default URL: http://localhost:50021).
  • ⚠️Linux requires `paplay` (PulseAudio) to be installed (e.g., `pulseaudio-utils` package).
Verified SafeView Analysis
The server primarily makes requests to a local VOICEVOX API and uses platform-specific commands (`afplay` on macOS, `paplay` on Linux) for audio playback. File paths for temporary audio and shared state are generated by the application in standard temporary directories, mitigating path injection risks. No hardcoded secrets or 'eval' are used. The use of `child_process.exec` is for fixed commands with controlled file paths, which is generally safe in this context, although it introduces an inherent dependency on system commands.
Updated: 2025-12-13GitHub
0
0
Low Cost
MASATO-IGA-2021 icon

mcp-server

by MASATO-IGA-2021

Sec8

This server provides weather information (current, forecast) and city location search functionality as a tool for AI agents, integrating with the Open-Meteo API.

Setup Requirements

  • ⚠️Requires an AWS account and configured AWS CLI
  • ⚠️Requires Docker Desktop installed and running
  • ⚠️The application relies on Python 3.12+
  • ⚠️Deployment involves creating multiple AWS resources (ECS, ECR, IAM, VPC components)
Verified SafeView Analysis
The source code itself (Python) appears clean with no obvious direct hardcoded secrets or malicious patterns. External API calls are made to Open-Meteo, which is a reputable service. The deployment guide explicitly outlines the use of IAM roles for permissions. The `DEPLOY_README.md` suggests further security hardening (e.g., Application Load Balancer, HTTPS, Secrets Manager, IAM role minimization) for production environments, indicating awareness of best practices. Current deployment exposes port 8000 publicly, which is common for API servers but usually fronted by a load balancer in production.
Updated: 2025-11-29GitHub
0
0
Medium Cost
agilesix icon

A6-Tango-MCP

by agilesix

Sec9

An MCP server providing AI agents with access to federal procurement and grants data through the Tango API, featuring caching, rate limiting, and comprehensive error handling.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment and management, utilizing Cloudflare Workers and KV Namespaces.
  • ⚠️Requires a paid Tango API key (TANGO_API_KEY) for backend data access, set as a Cloudflare Worker secret.
  • ⚠️For full user authentication (e.g., via Claude Code/Web), Google OAuth credentials (GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET, COOKIE_ENCRYPTION_KEY) must be configured as Cloudflare Worker secrets.
  • ⚠️Requires two Cloudflare KV Namespaces (TANGO_CACHE, OAUTH_KV) to be bound for caching and authentication state management.
Verified SafeView Analysis
The server demonstrates a high level of security awareness and implementation. It includes robust input sanitization (stripping control characters, trimming), comprehensive authentication (OAuth with domain restrictions, cryptographically secure MCP tokens with hashing, usage tracking, and revocation capabilities), strong access control (requiring @agile6.com emails for OAuth), and CSRF protection for OAuth flows. Secrets (API keys, OAuth client secrets, cookie encryption keys) are correctly managed as Cloudflare Worker secrets and are not exposed. Rate limiting is implemented across different endpoint types to prevent abuse. Detailed audit logging captures security-relevant events. No 'eval' or other obvious malicious dynamic code execution patterns were detected. The architecture leverages Cloudflare Workers' inherent security benefits. Minor areas for improvement might involve more aggressive input validation (e.g., regex for all string parameters) beyond just sanitization, but overall, it's very well-secured.
Updated: 2025-12-02GitHub
0
0
Medium Cost
aalexmrt icon
Sec8

Enables AI assistants to interact with the GoodData analytics platform using natural language for querying, reporting, and managing analytical artifacts.

Setup Requirements

  • ⚠️Requires a GoodData account with API access (Paid SaaS).
  • ⚠️Requires `GOODDATA_HOST` and `GOODDATA_TOKEN` to be set as environment variables or in a `.env` file for authentication.
  • ⚠️Python 3.10+ is required.
  • ⚠️Write operations and customer-specific logic rely on a `~/.config/gooddata/workspaces.yaml` configuration mapping customer names to GoodData workspace IDs and project paths.
Verified SafeView Analysis
The project uses environment variables for credentials (GOODDATA_HOST, GOODDATA_TOKEN), which is good practice. While the main README claims 'Read-Only by Design', the code actually supports write operations (creating, updating, deleting metrics, insights, and dashboards) as documented in CLAUDE.md. These write operations implement a two-phase commit (preview -> apply with confirmation token), automatic backups, and audit logging, significantly mitigating risks associated with direct write access. File I/O for backups and exports are to local, configurable paths, not arbitrary user-controlled paths. No direct use of `eval` or `exec` found. The `workspaces.yaml` config could contain sensitive project paths but is an expected user configuration.
Updated: 2026-01-16GitHub
0
0
Low Cost
sjalq icon
Sec9

Enables an AI agent to directly interact with the Todoist REST API v2 for comprehensive task and project management, acting as a pure API passthrough.

Setup Requirements

  • ⚠️Requires a Todoist API token, which must be obtained from Todoist settings.
  • ⚠️Requires Node.js runtime version 18.0.0 or higher.
  • ⚠️Large API responses from Todoist may consume a significant number of LLM tokens; implement filtering or chunking when possible.
Verified SafeView Analysis
The server's design is minimal and adheres to functional principles, reducing attack surface. It uses standard `node-fetch` for network requests and handles API tokens via environment variables or CLI flags, preventing hardcoding. The direct API passthrough nature means it doesn't process user input for shell commands or SQL injection, relying on the robustness of the Todoist API itself. Communication is via Stdio, suitable for local execution as a child process. The only minor point is the use of `node-fetch` v2.x, which is an older major version, but its usage here for simple requests doesn't expose significant known vulnerabilities.
Updated: 2026-01-19GitHub
0
0
Low Cost
rolroralra icon
Sec9

This server exposes a simple weather tool for consumption by an Artificial Intelligence model using the Spring AI Multimodal Conversation Protocol (MCP).

Setup Requirements

  • ⚠️Requires a Java Development Kit (JDK).
  • ⚠️Intended to be consumed by a Spring AI application or compatible LLM client.
Verified SafeView Analysis
The provided code snippet appears safe. No 'eval', obfuscation, hardcoded secrets, or malicious patterns were found. The `WeatherService` returns a fixed string and does not process user input in a way that would lead to injection vulnerabilities within this specific example. A full security audit would require reviewing the entire dependency tree and runtime environment. If the tool were to interact with external APIs or databases based on input, further validation would be critical.
Updated: 2025-12-10GitHub
0
0
Medium Cost
locupleto icon
Sec3

Provides Claude Code access to a SQLite database for analyzing trading strategy backtest results across various market periods and benchmarks.

Setup Requirements

  • ⚠️Requires `STRATEGY_DB_PATH` environment variable pointing to a pre-existing `strategy_research.db` file, typically generated by the `trading-lab` project.
  • ⚠️Requires Python 3.10+ and the `mcp` SDK (>=1.23.1).
  • ⚠️The `get_daily_position_counts` tool requires trade-level data, only available for search runs performed after December 2025 or if existing searches are re-run.
Review RequiredView Analysis
The `run_custom_query` tool is highly vulnerable to SQL injection. It directly executes user-provided SQL queries (restricted to SELECT and PRAGMA) without proper parameterization. While it attempts to forbid write/destructive operations, a malicious user could craft complex SELECT queries to exfiltrate sensitive data from other tables, or perform resource-intensive queries leading to denial of service. The `STRATEGY_DB_PATH` is an environment variable, but its value is trusted during server startup. No hardcoded secrets were found. Other tools correctly use parameterized queries.
Updated: 2025-12-13GitHub
PreviousPage 556 of 713Next