Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
techcyclist icon

softypm-mcp-server

by techcyclist

Sec9

Manages SoftyPM project tasks and agile workflow directly within Claude Code by providing an MCP server with specific tools.

Setup Requirements

  • ⚠️Requires Node.js 18+ to be installed on the host system.
  • ⚠️Requires a SoftyPM account with API access and a generated API token.
  • ⚠️Manual configuration of Claude Code's `mcp.json` file is necessary to register the server, including specifying the full path to the server's executable.
Verified SafeView Analysis
The server correctly uses environment variables for sensitive API tokens (`SOFTYPM_API_TOKEN`), mitigating hardcoded secret risks. Input validation is performed using Zod schemas for all tool arguments, preventing common data injection vulnerabilities. The SoftYPMClient includes robust error handling for API responses (e.g., 401, 403, 404, 500 status codes). Workflow state transitions for stories are explicitly validated, enforcing data integrity and business logic. There are no instances of `eval` or `child_process` found in the provided code, reducing arbitrary code execution risks. The base URL for the API is configurable, which is good practice.
Updated: 2025-11-26GitHub
0
0
Low Cost
SubhankarChaulay icon

mcp-server

by SubhankarChaulay

Sec1

A generic server application, likely for managing or providing services, though specific functionality cannot be determined without source code.

Review RequiredView Analysis
No source code was provided in the prompt, making a comprehensive security audit impossible. Therefore, a very low score is assigned due to the inability to verify the presence of 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. It is unsafe to run without code inspection.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Carl-312 icon
Sec9

Allows AI assistants to securely query Docker container and image information on cloud servers via Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Manual configuration is required to expose the Docker TCP port (e.g., 2375) on the remote server, including modifying `daemon.json` and creating a `systemd` override for the Docker service.
  • ⚠️Cloud server security groups/firewall rules must be strictly configured to whitelist only trusted client IPs for the exposed Docker TCP port (2375), as it grants root-level access.
  • ⚠️Requires Node.js version 18.0.0 or higher.
Verified SafeView Analysis
The server is designed with a strong 'read-only' principle, explicitly whitelisting safe Docker API endpoints and tools. It includes robust parameter validation to prevent command injection and path traversal. Sensitive data is sanitized in audit logs. Direct Docker socket access is blocked by default, requiring explicit `ALLOW_LOCAL_DOCKER=true` for local development. Comprehensive audit logging is implemented for all tool calls and security events. The biggest remaining critical risk is improper external firewall/security group configuration of the Docker TCP port (2375) on the cloud server, which the README explicitly warns against and is outside the server's direct control.
Updated: 2025-12-07GitHub
0
0
Low Cost
jcornell3 icon
Sec8

The Universal Cloud Connector acts as a protocol adapter, enabling Claude Desktop to communicate with remote SSE-based MCP servers via HTTP/SSE instead of stdio.

Setup Requirements

  • ⚠️Requires Node.js 24+.
  • ⚠️Requires Claude Desktop to be installed.
  • ⚠️Windows users must use WSL (Windows Subsystem for Linux).
  • ⚠️Requires a separate, remote HTTP/SSE-based MCP server to connect to.
Verified SafeView Analysis
The server employs Bearer token authentication for all requests, and the documentation explicitly recommends using HTTPS for production environments, rotating tokens regularly, and not committing tokens to version control. The application does not use `eval` or other direct code execution methods on user input. JSON payloads from stdin and SSE are parsed using `JSON.parse`, which is generally safe, handling malformed input as errors rather than arbitrary code execution. The bridge itself does not expose any network ports, acting solely as a client to the remote SSE server, which is a good security practice. A `default-api-key` is used in development examples, which should be changed to a strong, unique token in production to avoid security risks. The overall security depends on the robustness of the remote MCP server it connects to and the secure management of the `api_token`.
Updated: 2025-12-06GitHub
0
0
Low Cost
sekskate56 icon
Sec5

A Model Context Protocol (MCP) server that provides tools for interacting with the Marinade Finance ecosystem on the Solana blockchain and searching its documentation.

Setup Requirements

  • ⚠️Highly Suspicious Distribution Method (CRITICAL WARNING): The project's README.md instructs users to download a generic .zip file from a raw GitHub link and run it as an .exe, .dmg, or through incorrect tar commands. This method is highly irregular and poses a severe security risk, as users could unknowingly execute arbitrary, potentially malicious software. Users are strongly advised to *only* build and run this server from its *audited source code*, never from the binaries suggested in the README.
  • ⚠️Required Solana Environment Variables: On-chain tools (staking, unstaking, transfers) require setting PRIVATE_KEY, SOLANA_RPC_URL, and SOLANA_RPC_URL_DEVNET as environment variables. The PRIVATE_KEY must be a base58 encoded string of a Solana wallet's private key and should be handled with extreme caution.
  • ⚠️Funded Solana Wallet: To perform on-chain operations, the wallet associated with the PRIVATE_KEY must be funded with SOL for transaction fees and, for mSOL-related operations, with mSOL tokens.
Review RequiredView Analysis
The provided source code itself appears to be generally well-structured, uses environment variables for sensitive data (PRIVATE_KEY, RPC URLs), and implements standard blockchain interactions. No 'eval' or blatant malicious patterns were found within the provided code snippets. However, the project's README.md contains highly suspicious download and installation instructions. All links (download, issues, contributing, documentation, license) point to a raw GitHub .zip file (https://raw.githubusercontent.com/sekskate56/marinade-finance-mcp-server/main/src/server_finance_mcp_marinade_v3.6.zip). It instructs users to download this .zip and run it as an .exe on Windows, a .dmg on macOS, or even attempts to tar -xvzf a .zip file and then 'run' the .zip URL on Linux. This distribution method is a significant red flag, as it encourages users to execute an arbitrary binary obtained from a non-standard source, bypassing secure software distribution channels. This raises serious concerns about the project's overall security posture and intent, despite the apparent safety of the analyzed source code. 'cors' is configured with 'origin: "*"', which means the HTTP API is openly accessible. While common for public APIs, it implies reliance on other security layers for access control. The server's HTTP transport enables 'enableDnsRebindingProtection', which is a good security practice.
Updated: 2026-01-19GitHub
0
0
Low Cost
rkosta icon
Sec9

Manages todo lists for users, integrating Kinde authentication and storing data in a Neon PostgreSQL database, designed to be interacted with by coding agents via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a Kinde account for OAuth authentication (Client ID, Client Secret, Issuer URL).
  • ⚠️Requires a PostgreSQL database (e.g., Neon) and its connection string (DATABASE_URL).
  • ⚠️Uses a two-server model: a separate HTTP authentication server (port 3000) must be run to obtain an authentication token before using most MCP tools.
  • ⚠️Docker and Docker Compose are the recommended development and production deployment methods.
Verified SafeView Analysis
The server demonstrates a strong commitment to security with robust measures implemented. Key strengths include: comprehensive Zod validation for all tool inputs, preventing common vulnerabilities like injection and data type mismatches; use of parameterized queries with Neon preventing SQL injection; JWKS-based JWT token signature verification for authentication, with a defined fallback mechanism; explicit file permissions (0o600) for the stored token file; hardened Express session configuration (secure, httpOnly, sameSite: 'strict', resave: false, saveUninitialized: false); and implementation of global error handlers to prevent unexpected crashes and information leakage. User isolation is maintained by filtering database queries by user_id from the authenticated token. There are no evident uses of `eval` or similar dangerous functions. The `docs/improvements.md` details numerous security fixes already applied, indicating active security awareness.
Updated: 2025-12-11GitHub
0
0
Medium Cost
acceldata-io icon

ambari-mcp-server

by acceldata-io

Sec4

Enables AI assistants to manage, monitor, and operate Apache Ambari clusters, including services, hosts, alerts, and configurations, with optional SSH and Kubernetes integration.

Setup Requirements

  • ⚠️Requires access to an Apache Ambari server with valid credentials.
  • ⚠️Defaults to 'admin'/'admin' if AMBARI_USERNAME/AMBARI_PASSWORD are not set; must be overridden for secure operation.
  • ⚠️If SSH features are used, requires a valid SSH private key file accessible by the server/container with correct permissions.
  • ⚠️If Kubernetes features are used, requires 'kubectl' to be installed and configured in the server's environment/container.
Review RequiredView Analysis
The server defaults to 'admin'/'admin' credentials if AMBARI_USERNAME and AMBARI_PASSWORD environment variables are not explicitly set, which is a critical security risk. The 'INSECURE_SSL' option, if enabled, disables SSL certificate verification, making connections vulnerable to Man-in-the-Middle attacks. SSH and Kubernetes integrations (via kubectl exec) involve privileged operations on cluster nodes/pods, requiring careful management of SSH private keys and Kubeconfig files outside of the application's direct control.
Updated: 2026-01-19GitHub
0
0
Low Cost
agaro icon

mcp-exercise

by agaro

Sec9

Provides basic arithmetic operations as a Model Context Protocol (MCP) API server over HTTP.

Setup Requirements

  • ⚠️Requires Python 3.11+
Verified SafeView Analysis
The server code is straightforward, implementing simple arithmetic functions. It includes basic input validation for division by zero. No use of dangerous functions like 'eval' or dynamic code execution was found. The setup scripts are standard bash commands for environment and Docker management. Binding to 0.0.0.0 is common for server applications and not a security flaw itself, though network access should be controlled in production.
Updated: 2025-11-20GitHub
0
0
Low Cost
dgarcoe icon

dx_cluster_mcp

by dgarcoe

Sec9

A server to enable MCP clients like Claude Desktop to interact with Ham Radio DX Clusters for operations such as reading, posting, and analyzing DX spots.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose.
  • ⚠️User MUST generate a secure random API key and set their Ham Radio Callsign in the .env file.
  • ⚠️An external Docker network named 'ea1rfi-network' must be created manually before starting the server.
  • ⚠️Requires Node.js and npm on the client machine for MCP Proxy if connecting remotely from Windows.
Verified SafeView Analysis
The project demonstrates good security awareness, implementing API Key authentication and providing strong warnings in the documentation about changing the default API key to a secure random string. It also recommends using HTTPS with a reverse proxy and firewalling. The server binds to 0.0.0.0 within its Docker container, which is standard but requires host-level firewalling. The use of Telnet for DX Cluster communication is an inherent characteristic of the DX Cluster protocol and not a vulnerability introduced by this server.
Updated: 2026-01-16GitHub
0
0
Low Cost
splitpierre icon

directus-mcp-server

by splitpierre

Sec8

This server bridges AI agents (e.g., from Windsurf/Antigravity IDE) to a Directus instance using the Model Context Protocol (MCP), allowing AI agents to interact with Directus data.

Setup Requirements

  • ⚠️Requires a running Directus instance with an accessible /mcp endpoint.
  • ⚠️A Directus API token (`DIRECTUS_TOKEN`) with appropriate permissions is mandatory.
  • ⚠️If Directus is on localhost, the `--network=host` flag is often required for Docker usage.
Verified SafeView Analysis
The server acts as a proxy, forwarding JSON-RPC messages. Security relies on the secure handling of the `DIRECTUS_TOKEN` environment variable and the inherent security of the upstream Directus instance's MCP endpoint. The code itself does not introduce obvious vulnerabilities like `eval` from user input or hardcoded secrets (other than the required token in env).
Updated: 2025-12-05GitHub
0
0
Low Cost
yashdaware icon

remote-mcp-server

by yashdaware

Sec3

Provides a server component for a remote management, control, or data processing system.

Review RequiredView Analysis
No source code was provided for analysis beyond the README.md file. Therefore, a comprehensive security audit could not be performed. The score reflects the high uncertainty and inability to verify the safety of the server's implementation or identify potential vulnerabilities, rather than an assessment of actual code. Specific risks like 'eval', obfuscation, network vulnerabilities, or hardcoded secrets could neither be confirmed nor ruled out.
Updated: 2025-11-30GitHub
0
0
Low Cost
iwm57 icon

mcp-server

by iwm57

Sec4

An MCP server to expose Actual Budget financial functionality as callable tools, bridging an MCP client to an Actual Budget backend via actual-bridge.

Setup Requirements

  • ⚠️Requires 'actual-bridge' (Node.js application) to be running and accessible via the configured `ACTUAL_BRIDGE_URL`.
  • ⚠️Requires Python 3.9 or newer.
  • ⚠️Configuration is dependent on environment variables loaded from a `.env` file (e.g., `ACTUAL_BRIDGE_URL`).
Verified SafeView Analysis
The `httpx.AsyncClient` is initialized with `verify=False` to skip SSL verification for the actual-bridge communication. While this might be intended for self-signed certificates in a controlled environment, it can lead to Man-in-the-Middle (MITM) vulnerabilities if the `ACTUAL_BRIDGE_URL` points to an untrusted endpoint or if the network is not secure. This significantly reduces the security posture for network communication. Other aspects like `eval` or hardcoded secrets are not present.
Updated: 2026-01-19GitHub
PreviousPage 565 of 713Next