Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
Roony-Pay icon

roony-mcp

by Roony-Pay

Sec9

Provides open-source AI agent payment governance with spending controls, approval workflows, and virtual card issuance.

Setup Requirements

  • ⚠️Requires custom StorageProvider (e.g., a real database) and PaymentProvider (e.g., Stripe Issuing) for production use, as in-memory and mock implementations are provided for development.
  • ⚠️Node.js version >=18.0.0 is required.
  • ⚠️A Stripe Issuing account (which requires approval) is needed if using the StripeIssuingProvider for real virtual cards.
Verified SafeView Analysis
The core library focuses on governance logic and abstracting external systems like payments and storage. Provided implementations for PaymentProvider are either mock or explicitly incomplete (Stripe), requiring users to implement a secure integration. Input validation is present for MCP tool calls. Environment variables for sensitive keys are expected. No obvious 'eval' or command injection vulnerabilities were found in the provided source.
Updated: 2025-12-05GitHub
0
0
Low Cost
antunjurkovic-collab icon

wp-dual-native

by antunjurkovic-collab

Sec9

Facilitates agentic AI tasks within WordPress by exposing clean Machine Representation (MR) of content for summarization, extraction, and safe block insertion.

Setup Requirements

  • ⚠️Requires WordPress Dual-Native API plugin installed and active.
  • ⚠️Requires a WordPress Application Password for authentication.
  • ⚠️Manual configuration of Claude Desktop's `claude_desktop_config.json` with absolute paths and environment variables is necessary.
  • ⚠️External LLM API keys (e.g., OpenAI) may be required for AI suggestions if enabled in plugin settings.
Verified SafeView Analysis
The plugin employs strong sanitization for input and uses WordPress's built-in capabilities and permissions. The MCP server uses environment variables for sensitive credentials (WP_URL, WP_USER, WP_PASSWORD) which is a secure practice. Optimistic locking prevents stale writes. Outgoing calls to external LLMs are configurable by an administrator, which introduces a potential attack surface if misconfigured or if the API key is compromised.
Updated: 2025-11-30GitHub
0
0
Low Cost
AstroAadi icon
Sec10

This server provides basic arithmetic (addition) and random number generation functionality accessible via a FastMCP HTTP interface.

Setup Requirements

  • ⚠️Python 3.12+ required
  • ⚠️Requires fastmcp library
Verified SafeView Analysis
The provided source code is simple and does not contain any obvious security vulnerabilities. There are no uses of 'eval', 'exec', or other dangerous functions. No hardcoded secrets or malicious patterns are observed. Operations are well-defined and isolated.
Updated: 2025-11-19GitHub
0
0
Medium Cost
herrkaefer icon

vibe-narrator

by herrkaefer

Sec8

Vibe Narrator transforms terminal output and AI agent conversations into stylized, narrated speech with distinct character personalities, combining LLM interpretation with text-to-speech generation.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid Service)
  • ⚠️Requires Python 3.11+
  • ⚠️Linux users need `portaudio-dev` and `ffmpeg` packages for audio playback
Verified SafeView Analysis
The server uses `os.getenv` for API keys, which is good practice. User input (`prompt`) is passed to LLMs and TTS services, which is the core functionality and doesn't appear to allow direct system command injection into the server infrastructure. The `configure` tool accepts API keys, which are stored in session state, making proper access control to the MCP endpoint (e.g., via Hugging Face Spaces secrets and private settings) crucial. The `terminal_client/bridge.py` uses `subprocess.Popen` to run arbitrary commands, but this script is designed as a *local client* for the *local user* to run their own agents, not as a remote server component for arbitrary remote execution.
Updated: 2025-12-01GitHub
0
0
Low Cost
axenov icon
Sec8

Controls Wiz smart bulbs via UDP commands, acting as an MCP server to expose bulb control tools to an intelligent agent.

Setup Requirements

  • ⚠️Requires Python 3 and pip for dependency management.
  • ⚠️Requires access to a Wiz smart bulb on the local network.
  • ⚠️Requires installation of `fastmcp` and other dependencies via `requirements.txt`.
Verified SafeView Analysis
The server does not use `eval` or exhibit code obfuscation. No hardcoded secrets were found; IP and port are configurable via environment variables. The primary security consideration is network exposure: as an MCP server interacting over UDP, it assumes operation within a trusted local network. Exposing the server to an untrusted external network or configuring `WIZ_BULB_IP` to an external/malicious target could lead to unintended command execution. However, for its intended use case (local smart home control via an agent), it appears reasonably secure.
Updated: 2025-11-27GitHub
0
0
High Cost
hengjingzhu icon
Sec7

Provides AI-powered tools for image generation, image editing, video generation from images, and SVG generation/vectorization, exposed via the Model Context Protocol (MCP) on Cloudflare Workers.

Setup Requirements

  • ⚠️Requires a valid Replicate API key (a paid service), which must be passed as a Bearer token in the Authorization header for accessing AI tools.
  • ⚠️Requires deployment to Cloudflare Workers for production use.
  • ⚠️Requires an MCP client (e.g., Cloudflare AI Playground, Claude Desktop with `mcp-remote` proxy) to connect and utilize the tools.
Verified SafeView Analysis
The README title "Without Auth" is misleading; the server *does* implement token-based authentication by expecting a Bearer token in the `Authorization` header for `/sse` and `/mcp` endpoints. This token is then stored in Durable Object storage per session for tool access. Tools like `edit_image_with_lora` and `edit_image_text` default `disable_safety_checker` to `true`, which could allow the generation of inappropriate or unsafe content if not properly filtered by the upstream LLM/agent. Console logs indicate whether a bearer token is present, which is a minor information disclosure risk in some logging configurations.
Updated: 2026-01-19GitHub
0
0
Medium Cost
wangddff icon

mcp-server-sql

by wangddff

Sec7

A secure server enabling LLMs to interact with SQL databases via natural language queries.

Setup Requirements

  • ⚠️Requires a PostgreSQL or MySQL database to connect to.
  • ⚠️Requires Docker for the provided quick start guide.
  • ⚠️Manual configuration of 'ALLOWED_TABLES', 'ALLOWED_COLUMNS', and 'FORBIDDEN_KEYWORDS' in 'mcp/config.py' is critical for specific database schema and robust security.
Verified SafeView Analysis
Implements basic SQL injection prevention (SELECT-only, forbidden keywords, table allowlist). However, the table name check uses a simple regex and the source code itself suggests 'more robust parsing libraries' for production environments, indicating it might not be foolproof against sophisticated attacks. No 'eval' or obvious malicious code execution patterns were found. Environment variables are used for sensitive credentials, which is good practice.
Updated: 2025-12-05GitHub
0
0
High Cost

flow-mcp-server

by life-in-flow

Sec3

An AI agent for real estate finance and operations, leveraging multi-server architecture to integrate REST, Graph, and Email APIs for querying data and automating communication.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid)
  • ⚠️Requires local Memgraph database instance running on port 7687
  • ⚠️Requires `FLOW_BEARER_TOKEN` for DeepSky internal APIs
  • ⚠️Requires `RESEND_API_KEY` for email sending functionality
  • ⚠️Requires Python 3.11 or higher
Review RequiredView Analysis
The `execute_cypher_query` tool directly executes LLM-generated Cypher queries against a Memgraph database without apparent sanitization, posing a significant risk of Cypher injection if the LLM is prompted to generate malicious queries. Additionally, the Memgraph database is configured with empty authentication credentials, which is a security risk if the database contains sensitive data and is not adequately isolated (though configured for localhost).
Updated: 2025-11-25GitHub
0
0
Low Cost
LarsArtmann icon

complaints-mcp

by LarsArtmann

Sec9

A comprehensive MCP (Model Context Protocol) server for AI agent complaint management and feedback systems, enabling structured reporting of missing information, confusing specifications, or inadequate documentation.

Setup Requirements

  • ⚠️Requires Go 1.21+ to build and run.
  • ⚠️Requires Git installed for automatic project name detection functionality.
  • ⚠️Just is recommended for running tests and development tasks.
Verified SafeView Analysis
The server is designed for local operation via stdio transport, minimizing network exposure. It explicitly prevents external data transmission and cloud storage. Strong input validation, including length limits and path sanitization (e.g., `filepath.Clean`, `strings.Contains("..")`), is in place to prevent common vulnerabilities like directory traversal. File permissions are set to `0644` for created files. No authentication is required for local usage, as it's intended for direct AI agent integration on a trusted local system. No `eval` or code obfuscation patterns are apparent. Hardcoded secrets for external services are not visible, though it stores potentially sensitive complaint data locally.
Updated: 2026-01-14GitHub
0
0
Low Cost
jonzo97 icon

mchp-fpga-mcp

by jonzo97

Sec8

A local-first RAG system for semantic search, error resolution, and configuration validation of Microchip PolarFire FPGA documentation PDFs.

Setup Requirements

  • ⚠️Requires `mchp-mcp-core` to be installed locally in editable mode (development dependency).
  • ⚠️Requires ChromaDB to be installed (`pip install chromadb`).
  • ⚠️Initial indexing of PDFs is a one-time process and can take several minutes.
  • ⚠️Manual download is required for 8 IP core handbooks from a Libero SoC installation due to redistribution restrictions.
Verified SafeView Analysis
The system primarily handles local files and uses an internally controlled ingestion pipeline. There are file I/O operations (e.g., `read_csv_as_markdown`, `encode_image_base64`) where paths are derived from `result.metadata`. If an attacker could inject malicious paths into ChromaDB metadata, this could lead to arbitrary local file reads. However, these paths are intended to be generated and controlled by the trusted ingestion process. No direct `eval` or `os.system` calls with unsanitized user input were found. Dependencies are loaded from `Path.home()` or relative paths, which is generally safe in a controlled environment. The `pdfinfo` subprocess call is standard and the input path is controlled.
Updated: 2025-11-25GitHub
0
0
Low Cost
djhakdabeat icon

MCP-server-build

by djhakdabeat

Sec10

Provides a minimal Model Context Protocol (MCP) server that allows Claude Desktop to call a simple 'hello_world' function via stdio.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher to be installed.
  • ⚠️Requires Claude Desktop with Developer Mode enabled for integration.
  • ⚠️Requires manual configuration in Claude Desktop's 'claude_desktop_config.json' file, including providing an absolute path to the server's main file.
  • ⚠️Claude Desktop must be restarted after modifying its configuration to apply the changes.
Verified SafeView Analysis
The server's functionality is extremely minimal, exposing only a 'hello_world' tool. Communication occurs over standard input/output (stdio), which limits network exposure. The implementation does not use 'eval' or similar risky functions, nor does it contain hardcoded secrets. User input ('name') is safely interpolated into a string for output, without any apparent code execution vulnerabilities.
Updated: 2025-12-17GitHub
0
0
High Cost

r2r-mcp-server

by evgenygurin

Sec9

Expose R2R's powerful RAG capabilities (document management, search, RAG, agents, knowledge graphs) to AI assistants via a standardized Model Context Protocol (MCP) interface.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Requires an external R2R API server to be running and accessible (e.g., at http://34.134.54.139:7272).
  • ⚠️RAG-Fusion and HyDE advanced search strategies may fail due to LLM configuration issues on the R2R server, requiring 'default' strategy use instead.
Verified SafeView Analysis
The server implements API key authentication for protected tools (e.g., delete_document, update_graph_entities) through `R2RAuthMiddleware`. API keys and R2R connection credentials (email, password) are loaded from environment variables, preventing hardcoding. It logs a warning if authentication is disabled. The overall security also depends on the security of the connected R2R API.
Updated: 2025-11-24GitHub
PreviousPage 567 of 713Next