Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
vweiss960 icon

pg_mcp_server

by vweiss960

Sec1

This server likely manages and provides an API for data stored in a PostgreSQL database, serving as a backend component for an application.

Setup Requirements

  • ⚠️Requires a running PostgreSQL database instance.
Review RequiredView Analysis
No source code was provided for analysis, making a security audit impossible. Without code review, it is unsafe to run as potential vulnerabilities cannot be assessed.
Updated: 2025-12-01GitHub
0
0
Medium Cost
michael-denyer icon

memory-mcp

by michael-denyer

Sec8

Provides Claude with persistent 'two-tier' memory (hot cache for zero-latency access, cold storage for semantic search) and automatic pattern mining from outputs to enhance long-term context and reduce token usage.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Embedding model (~90MB) downloads automatically on first run, causing a 30-60 second startup delay.
  • ⚠️Manual setup of a Claude Code Stop hook in ~/.claude/settings.json is required for automatic output logging and pattern mining.
  • ⚠️Optional Apple Silicon (MLX) optimization requires manual installation of 'mlx' and 'mlx-lm' if not already present, otherwise falls back to CPU-based Sentence Transformers.
Verified SafeView Analysis
The server explicitly states it is for 'local use only' and runs unauthenticated over STDIO, warning against exposure to networks. Input content is validated for length (`max_content_length`) to prevent excessive resource consumption. SQLite queries use parameterized statements to prevent SQL injection. External ML models are downloaded from trusted sources (Hugging Face, mlx-community), which introduces a dependency risk, but is common practice. No obvious malicious patterns or hardcoded secrets were found.
Updated: 2026-01-19GitHub
0
0
Low Cost
sankar-v icon
Sec8

An AWS Lambda-compatible Model Context Protocol (MCP) server providing weather forecast and alerts tools by integrating with the National Weather Service (NWS) API, primarily for consumption by AI models and agents.

Setup Requirements

  • ⚠️Requires an AWS account with configured AWS Lambda and API Gateway services, which are paid services.
  • ⚠️Manual configuration of AWS API Gateway is necessary, including creating a REST API, defining `/mcp` resource with POST, GET, and DELETE methods, setting up Lambda integrations, and deploying the API.
  • ⚠️The AWS Lambda implementation uses in-memory session storage, which will be reset on Lambda cold starts; a persistent session storage solution (e.g., AWS DynamoDB) is required for production use to maintain session state.
  • ⚠️AWS API Gateway may have timeout limitations for Server-Sent Events (SSE) connections; WebSockets are suggested in the README for truly persistent connections.
Verified SafeView Analysis
The server implements robust input validation for its tools using `zod`, which is excellent for preventing common injection vulnerabilities and ensuring data integrity when interacting with the external NWS API. It uses `randomUUID()` for generating session IDs, promoting uniqueness. Error handling is structured to prevent exposing sensitive internal details. No explicit use of `eval` or intentional code obfuscation was detected. No hardcoded sensitive API keys or credentials were found within the server's runtime code. The main security concern, as noted in the README, is the use of in-memory session storage in a serverless AWS Lambda environment, leading to session resets on cold starts. For production, persistent storage like DynamoDB is recommended, addressing a functional rather than a direct security vulnerability.
Updated: 2025-11-30GitHub
0
0
Medium Cost
avirupahomoeo icon

avirupa-mcp-server

by avirupahomoeo

Sec8

A backend server for a multi-channel communication platform, managing user conversations, integrating with external messaging services, storing user data, and facilitating interactions with AI models and e-commerce platforms.

Setup Requirements

  • ⚠️Requires a Redis instance for session memory (REDIS_URL).
  • ⚠️Requires a Supabase project (SUPABASE_URL, SUPABASE_KEY) for persistent user data.
  • ⚠️Requires WooCommerce API credentials (WOOCOMERCE_BASE, WOOCONSUMERKEY, WOOCONSUMERSECRET) for e-commerce integration.
  • ⚠️Requires an OpenAI API Key (OPENAI_API_KEY) for the '/ask-model' endpoint to function with an actual LLM.
Verified SafeView Analysis
The application correctly uses environment variables for sensitive credentials. No 'eval' or similar dangerous functions are used. Standard web application security practices like robust input validation and rate limiting would be necessary for production, but are not unique critical flaws in this snippet. The exposure of various third-party APIs (Supabase, Redis, WooCommerce, potentially OpenAI, n8n) requires careful configuration and access control in a production environment.
Updated: 2025-11-22GitHub
0
0
Medium Cost
WebDev70 icon

MCP_Server5

by WebDev70

Sec9

An MCP server enabling LLMs to accurately answer complex questions about U.S. federal award spending by integrating with USAspending.gov API v2.

Setup Requirements

  • ⚠️uv package manager required
  • ⚠️Python 3.12+ required
  • ⚠️Docker required (for integration tests and containerization)
  • ⚠️Google Cloud SDK required (for Cloud Run deployment)
Verified SafeView Analysis
The server implements robust error handling, retries, and a circuit breaker for external API calls. CI/CD includes explicit security scanning for dependencies and secrets (gitleaks, pip-audit, trivy). No hardcoded secrets or malicious patterns observed. The primary risk is inherent to interaction with external public APIs.
Updated: 2026-01-19GitHub
0
0
Low Cost
crazi-co icon

clara-mcp-server

by crazi-co

Sec3

Exposes Clara backend APIs as tools for AI agents using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a separate Clara API backend server to be running for core functionality.
  • ⚠️All MCP server interactions (including those intended for backend API endpoints that might otherwise be public like `/health`) require `USER_ID` and `API_KEY_TOKEN` to be provided either via environment variables or `Authorization` and `User-Id` HTTP headers.
  • ⚠️The `file_path` parameter in `agent.analysis` refers to a file located on the server hosting this MCP, not a file uploaded directly by the client, which demands careful management of server-side paths.
Review RequiredView Analysis
Critical path traversal vulnerability exists in the `agent.analysis` tool. The `file_path` parameter, if an AI agent can control its value without sanitization, allows reading arbitrary local files from the server's filesystem and subsequently uploading them to the backend Clara API. This presents a severe risk of data exfiltration or unauthorized access to server resources. Additionally, the server uses global mutable variables (`app.data.user_id`, `app.data.api_key_token`) for authentication context. In a concurrent environment, these global variables could be overwritten by a different request during processing, potentially leading to incorrect or leaked credentials being used by a request. The default `log_level` for Uvicorn is set to 'error', which may hinder effective security incident detection and debugging.
Updated: 2025-11-29GitHub
0
0
Medium Cost
kbrimijoin icon

nyt_mcp

by kbrimijoin

Sec8

This server provides a Model Context Protocol (MCP) interface for searching New York Times articles, intended for integration with MCP clients like Claude Desktop, potentially for saving results to spreadsheets.

Setup Requirements

  • ⚠️Requires a valid NYT_API_KEY (typically a paid API subscription or developer key).
  • ⚠️Requires Python 3.10 or newer.
  • ⚠️NYT_API_BASE_URL environment variable must be set (default to NYT search API endpoint).
Verified SafeView Analysis
The server correctly uses environment variables for API keys, preventing hardcoded secrets. It employs `httpx` with explicit timeouts for external API calls and includes basic error handling for network requests by catching broad exceptions and returning `None`. There is no use of `eval` or obvious malicious patterns. The scope is limited to API proxying, reducing attack surface. A minor improvement could be more specific exception handling instead of a general `except Exception` to differentiate network issues from other potential errors.
Updated: 2025-12-04GitHub
0
0
Medium Cost
alucardeht icon

figma-mcp

by alucardeht

Sec9

MCP server for Figma API with intelligent context management, token optimization, and multi-agent context preparation.

Setup Requirements

  • ⚠️Requires a Figma API Token (FIGMA_API_TOKEN) to be set as an environment variable.
  • ⚠️Requires a paid Figma plan (Professional or Organization) for practical use, as free accounts have a very low API rate limit (6 requests/month for file content).
  • ⚠️Requires a Node.js environment (specifically Node.js v18.17.0, v20.3.0, or >=v21.0.0 due to 'sharp' dependency).
Verified SafeView Analysis
Uses `FIGMA_API_TOKEN` from environment variables, which is a secure practice. Relies on standard and well-maintained libraries (`axios`, `sharp`). No `eval` or obvious malicious patterns found in the truncated source code. The server explicitly checks for the `FIGMA_API_TOKEN` before making most API calls.
Updated: 2025-12-06GitHub
0
0
Low Cost
pcjx8 icon
Sec9

A comprehensive Electronic Health Record (EHR) system for healthcare AI agent development, EHR integration testing, clinical workflow simulation, and medical AI training, mimicking EPIC-style operations.

Setup Requirements

  • ⚠️Requires Python 3.11+.
  • ⚠️Data (patients, appointments, etc.) is stored in-memory using mock_data.py and resets on server restart.
  • ⚠️Requires `pip install -r requirements.txt` to install Python dependencies.
Verified SafeView Analysis
The server implements JWT token-based authentication with HS256, password hashing (SHA-256), access/refresh tokens, and role-based access control. Test user passwords are hardcoded in `auth.py` for demo purposes. Sensitive operations are protected by permission checks. The in-memory storage for refresh tokens and revoked tokens, as well as all mock data, is not persistent and is explicitly noted in documentation as needing a database/Redis for production. Production deployment guides emphasize crucial security measures like environment variables for secrets, HTTPS/WSS, firewalls, and rate limiting. No obvious `eval` or malicious patterns found.
Updated: 2025-11-27GitHub
0
0
Low Cost
Hrishikesh-Gaikwad-GG icon

Expense_tracker_mcp_server

by Hrishikesh-Gaikwad-GG

Sec9

A server for tracking and managing personal expenses.

Setup Requirements

  • ⚠️Python installed
  • ⚠️FastMCP library dependency (pip install fastmcp)
  • ⚠️categories.json file must be present in the same directory as main.py
Verified SafeView Analysis
The application uses parameterized queries to prevent SQL injection. There are no obvious hardcoded secrets, obfuscation, or malicious patterns. Data is stored locally in an SQLite database. The categories.json file is read from the local filesystem, which is safe assuming the server environment is trusted. No 'eval' or other dangerous functions detected. The FastMCP framework itself handles network exposure.
Updated: 2025-11-28GitHub
0
0
High Cost
burgueishon icon
Sec7

Enables AI models to autonomously diagnose, troubleshoot, and monitor Home Assistant smart home installations.

Setup Requirements

  • ⚠️Requires Python 3.13+ (or later)
  • ⚠️Requires an existing Home Assistant instance
  • ⚠️Requires a Home Assistant 'Long-Lived Access Token' with broad permissions
  • ⚠️WebSocket connections bypass SSL certificate validation, potentially exposing to MITM if HA_URL is untrusted
Verified SafeView Analysis
The server retrieves `HA_URL` and `HA_TOKEN` from environment variables, which is good practice. However, it explicitly disables SSL certificate verification (`ssl_context.check_hostname = False; ssl_context.verify_mode = ssl.CERT_NONE`) for WebSocket connections to Home Assistant. While practical for local Home Assistant instances using self-signed certificates, this can technically expose the system to Man-in-the-Middle (MITM) attacks if the HA_URL endpoint is not trusted. The 'Long-Lived Access Token' grants extensive control over the Home Assistant instance, meaning a compromise of this server could lead to full control over the smart home setup. No direct code injection vectors (e.g., `eval`, `exec`, `subprocess`) are apparent from user inputs; interactions are mediated through Home Assistant's API services.
Updated: 2025-11-25GitHub
0
0
Medium Cost
ahinoam400 icon

ftp-mcp-server

by ahinoam400

Sec4

This project provides an MCP server with FTP client capabilities, allowing natural language interaction with FTP servers for file management.

Setup Requirements

  • ⚠️Requires Python 3.7+ and pip.
  • ⚠️Requires Node.js and npm for the Gemini CLI.
  • ⚠️Manual configuration of the Gemini CLI `settings.json` file is required, including updating `<path_to_this_project>` placeholders.
  • ⚠️The local FTP server (`ftp_server.py`) must be started manually in a separate terminal before interacting with the MCP server (`server.py`) via the Gemini CLI.
Verified SafeView Analysis
The project uses hardcoded FTP server credentials ('user', '12345') in `ftp_server.py` for its local, standalone FTP server, which is a critical security risk if this server is used in any non-development or non-isolated environment. The `ftp_send_command` tool allows arbitrary raw FTP commands to be sent to the connected FTP server, posing a risk of misuse if the MCP server or the client interacting with it (e.g., Gemini CLI) is compromised or misconfigured. The `ftp_server.py` listens on all network interfaces (`0.0.0.0`), which, combined with hardcoded credentials, increases exposure.
Updated: 2025-12-17GitHub
PreviousPage 562 of 713Next