Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
yulunjiang icon
Sec3

Builds an AI-powered roaming customer service assistant (chatbot) as a remote Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires an OpenAI API Key (Paid service for GPT-4o model).
  • ⚠️Designed for deployment on Cloudflare Workers, requiring a Cloudflare account and `wrangler` CLI.
  • ⚠️Relies on an external MCP SSE URL for the Plan Agent (configurable via `MCP_SSE_URL` or falls back to a hardcoded Azure URL).
  • ⚠️Connecting local clients like Claude Desktop requires `mcp-remote` proxy setup.
Review RequiredView Analysis
CRITICAL: The `chat` MCP tool's error handling in `src/index.ts` exposes `this.env.OPENAI_API_KEY` in its JSON error response. This is a severe vulnerability that could lead to the compromise of the OpenAI API key if any error occurs within the `handleChatRequest` function in the MCP context. It should be removed immediately. Additionally, some helper modules use `dotenv.config()` instead of relying on the Cloudflare Worker's `env` object, which might lead to unexpected behavior or missed configuration in a Worker environment.
Updated: 2025-12-02GitHub
0
0
Low Cost
zaucy icon

gemini.nvim

by zaucy

Sec8

Provides Neovim IDE integration for the Gemini CLI, including diff viewing and hook support, by configuring environment variables and workspace settings.

Setup Requirements

  • ⚠️Requires 'zaucy/mcp.nvim' plugin
  • ⚠️Requires the Gemini CLI to be installed and available in the system PATH
  • ⚠️Requires Neovim
Verified SafeView Analysis
The plugin's core functionality involves generating local configuration files and setting environment variables for the Gemini CLI, and handling local RPC calls for hooks. There's no indication of direct network exposure or execution of arbitrary code via 'eval' within the provided description. The security relies heavily on the underlying 'mcp.nvim' and Gemini CLI tools. A full audit would require reviewing the actual Lua source code for file system operations and RPC handling, but based on the description, its mechanisms are standard for IDE integrations.
Updated: 2026-01-19GitHub
0
0
Medium Cost
404-notfound-red icon

router-mcp

by 404-notfound-red

Sec9

A unified Model Context Protocol (MCP) server that provides a single interface to multiple backend services, reducing configuration and offering smart routing to APIs like ClickUp, Notion, GitHub, Slack, n8n, Gemini, and QuickBooks.

Setup Requirements

  • ⚠️Requires obtaining and configuring API keys/tokens for each desired backend service in the .env file. Some services, like QuickBooks, involve OAuth setup and may require periodic re-authentication due to refresh token expiry.
  • ⚠️If using the n8n backend, a separate n8n instance must be running and accessible via the configured N8N_API_URL.
  • ⚠️The GitHub backend specifically uses `GITHUB_PERSONAL_ACCESS_TOKEN` from environment variables, while the README might imply `GITHUB_TOKEN`. Users should ensure they set `GITHUB_PERSONAL_ACCESS_TOKEN` for GitHub functionality.
Verified SafeView Analysis
The server follows good practices for handling sensitive information by exclusively relying on environment variables for API keys and credentials, preventing hardcoded secrets. Input validation is performed using Zod schemas for incoming requests. The Gemini backend includes explicit checks to prevent indexing of sensitive file paths and restricts QuickBooks `query` action to `SELECT` statements only. Automatic retry logic and error classification enhance robustness. A minor discrepancy exists where the README suggests `GITHUB_TOKEN` but the code explicitly looks for `GITHUB_PERSONAL_ACCESS_TOKEN` for GitHub authentication, which could lead to initial setup confusion.
Updated: 2025-12-14GitHub
0
0
Low Cost
nfshanq icon

ptyctl

by nfshanq

Sec7

Provides a Rust-based MCP server for remote interactive control over SSH and Telnet sessions, enabling agents to manage remote systems.

Setup Requirements

  • ⚠️Requires Rust toolchain to build from source (pre-compiled binaries available).
  • ⚠️Relies on system's OpenSSH client (`ssh`) and potentially `telnet` client to be installed and in PATH.
  • ⚠️Installation to `/usr/local/bin` via `install.sh` often requires `sudo`.
Verified SafeView Analysis
The server uses `portable-pty` to wrap the system's OpenSSH client. The `ssh_options.extra_args` parameter in `ptyctl_session` allows passing arbitrary arguments to the underlying `ssh` command, which could be a vector for exploitation if an untrusted client or an exploited LLM provides malicious arguments (e.g., `LocalCommand` directives in `ssh_config`). However, arguments are passed as a `Vec<String>`, mitigating simple shell injection within individual arguments. Temporary files for private keys are handled with correct permissions (0o600). HTTP transport includes bearer token authentication. The control socket is local and read-only by default. Overall, it's robust, but usage with untrusted inputs for `extra_args` requires caution.
Updated: 2026-01-19GitHub
0
0
Medium Cost
akp-110 icon
Sec8

An MCP server that helps Claude rate outfits by providing real-time context about weather, calendar events, and personal style preferences.

Setup Requirements

  • ⚠️Requires an OpenWeatherMap API key, which may involve signing up for a (potentially paid) service.
  • ⚠️Calendar integration requires specific configuration for Google, Outlook, or iCal, each needing distinct credentials (e.g., Google Client ID/Secret, Refresh Token; Outlook Access Token; iCal URL) which can be complex to obtain.
  • ⚠️Outfit photos need to be manually placed in a designated 'temp' directory (`current_outfit.jpg`) for the `get_outfit_photo` tool to access them.
Verified SafeView Analysis
The server uses environment variables for sensitive API keys (OpenWeatherMap, Google, Outlook, iCal), which is a good practice. Input validation is present for tool arguments (e.g., location is encoded for weather API). Outfit photos and preferences are stored locally in a `temp` directory, which is managed internally and not user-controlled, mitigating path traversal risks. There is no usage of 'eval' or apparent obfuscation. External API calls are made via standard libraries. Error handling for tool execution is basic but present. The Google and Outlook calendar integrations rely on third-party SDKs, assuming their security. The only notable potential risk is if the 'temp' directory for outfit photos is exposed or easily writable by other processes, but within the scope of this code, it appears secure for its intended use as a local MCP server.
Updated: 2025-11-19GitHub
0
0
Low Cost
ribeiry icon

mcp-server-init

by ribeiry

Sec7

Initializes an MCP (Minecraft Coder Pack) server development environment for Minecraft modding.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK)
  • ⚠️Requires Git
  • ⚠️Requires Node.js and npm/yarn
Verified SafeView Analysis
The script uses `child_process.spawnSync` to execute `java` and `git` commands, which is generally safer than `exec`. It downloads JAR files from official Mojang and Minecraft Forge sources. No 'eval' or hardcoded secrets were found. The use of `process.argv[2]` for the output directory could theoretically allow for path manipulation if an attacker controlled the input, potentially leading to file creation/overwriting in unintended locations, but not direct code execution within the Node.js script.
Updated: 2026-01-19GitHub
0
0
Low Cost
ryddle icon

datetime-mcp

by ryddle

Sec9

Provides date and time utilities, such as getting current time, day of the week, and calculating date differences, for Model Context Protocol (MCP) agents.

Setup Requirements

  • ⚠️Requires a Node.js runtime environment to execute.
  • ⚠️Requires prior compilation using `npm run build` to generate the executable JavaScript files.
  • ⚠️Date inputs for `day_of_week` and `date_diff` tools must strictly adhere to YYYY-MM-DD or DD/MM/YYYY formats, otherwise an error will be returned.
Verified SafeView Analysis
The server's core logic relies on standard Node.js `Date` objects and internal calculations. Input parsing for dates (YYYY-MM-DD or DD/MM/YYYY) includes basic format and validity checks (`isNaN(date.getTime())`), which helps mitigate common date parsing vulnerabilities. The code does not use `eval` or execute arbitrary user-provided code. Communication is handled via `StdioServerTransport` (standard input/output), meaning it does not directly expose network ports, thus reducing external attack surface. While `axios` is listed as a dependency, it is not utilized in the provided `src/index.ts` for any of the server's functionalities, posing no direct network risk from this tool. The `package.json` `bin` entry incorrectly points to 'web-search' instead of 'datetime' or 'datetime-mcp', which is a minor packaging inconsistency but not a security risk.
Updated: 2025-12-14GitHub
0
0
Medium Cost
creativeprofit22 icon

mcp-servers

by creativeprofit22

Sec9

Generate and edit images using KIE.ai Seedream v4, with optional image management and storage via Cloudinary.

Setup Requirements

  • ⚠️Requires a KIE.ai API key, which is for a paid service.
  • ⚠️Cloudinary tools require a Cloudinary account and API credentials to be configured.
  • ⚠️Requires installation of Python dependencies (mcp, httpx, cloudinary) via pip.
Verified SafeView Analysis
The server loads sensitive API keys from environment variables, which is a good security practice. It utilizes standard Python libraries and httpx for network requests and file operations, avoiding direct shell commands or known dangerous functions like 'eval'. Image saving is directed to a configurable local directory. The Cloudinary client correctly uses provided credentials. Overall, the code is well-structured and demonstrates reasonable security considerations for its functionality.
Updated: 2025-11-26GitHub
0
0
Medium Cost
huiseo icon
Sec9

Integrate AI assistants with Outline Wiki for comprehensive knowledge base management, search, and AI-powered smart features.

Setup Requirements

  • ⚠️Requires Outline API Token (starts with `ol_api_`).
  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️OpenAI API Key is required for 'Smart Features' (AI-powered RAG search, summarization, tag suggestions, diagram generation), which are optional and can incur costs based on usage.
Verified SafeView Analysis
The server demonstrates good security practices by requiring sensitive API tokens (Outline, OpenAI) via environment variables, not hardcoding them. It uses Zod for robust input validation on all tool arguments, significantly reducing the risk of injection vulnerabilities. Access control mechanisms (read-only and disable delete modes) provide additional operational safety. The local LanceDB vector store uses a default path within the project directory, which is generally safe. No usage of 'eval', 'child_process.exec' or similar dangerous functions without clear, auditable justification was found that would expose the server to remote code execution.
Updated: 2025-12-13GitHub
0
0
Low Cost
anilaahmed1987 icon
Sec9

A Docusaurus-based static website generator primarily used for creating documentation, possibly for an AI/robotics project or a knowledge base for an AI assistant.

Setup Requirements

  • ⚠️Requires Node.js version 20.0 or higher.
  • ⚠️Requires Yarn for package management.
Verified SafeView Analysis
The project is a standard Docusaurus static site. No 'eval' or malicious patterns were found in the provided source code. The 'jwt-decode' dependency is typically used client-side for decoding JWTs (not validating them), which is generally safe for a static site. The `GEMINI.md` file outlines good security practices for an AI agent, which is a positive project philosophy but does not directly impact the security of the website server itself.
Updated: 2025-12-10GitHub
0
0
Medium Cost
nikhilfufu icon
Sec8

Automates web application QA testing using Claude and Playwright, generating detailed reports and AI-powered failure analysis.

Setup Requirements

  • ⚠️Requires .NET 8.0 SDK or higher.
  • ⚠️Requires Claude Desktop application, which needs manual configuration by editing a platform-specific JSON file.
  • ⚠️Configuration within Claude Desktop requires an absolute path to the compiled server DLL, which can be error-prone.
Verified SafeView Analysis
No direct code vulnerabilities like 'eval' or hardcoded secrets found in the provided README and summarized source code. The server facilitates web automation, which inherently interacts with external web content. Risks would primarily depend on the security of the target application being tested and the environment in which Playwright runs, though Playwright itself offers good isolation.
Updated: 2025-12-01GitHub
0
0
High Cost
JuanLadinoMoreno icon

Demo-MCPServer

by JuanLadinoMoreno

Sec4

An enterprise-ready MCP server for managing fast-food system data with secure OAuth 2.1 authentication via Scalekit, integrating AI tools for data analysis and reporting.

Setup Requirements

  • ⚠️Requires Scalekit Account (Paid)
  • ⚠️Requires an external REST API backend to be running
  • ⚠️Requires Node.js 18+
  • ⚠️Manual configuration of Claude Desktop is needed to integrate
Review RequiredView Analysis
The server implements robust OAuth 2.1 authentication with Scalekit, including token validation and granular permission checks per tool, and handles `nbf` claims. However, it uses `cors({ origin: ["*"], credentials: true })`, which is a critical security vulnerability, allowing any domain to make credentialed requests and potentially exposing the API to CSRF or other attacks. Error logging with `JSON.stringify(error.response.data)` could also expose sensitive backend error details if not carefully managed.
Updated: 2025-12-04GitHub
PreviousPage 564 of 713Next