Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
krisrowe icon

agentic-consult

by krisrowe

Sec6

An agentic Python CLI tool and MCP server that functions as an executive assistant for consultants, managing customer workflows, email/chat/task tracking, security scanning, and automated backups, primarily integrating with Google Gemini and Google Workspace.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires Google Application Default Credentials (ADC) for Google Drive (e.g., `gcloud auth application-default login`).
  • ⚠️Requires `gwsa` (Google Workspace Access) and `ticktick-access` CLI tools installed and authenticated for email/task features.
  • ⚠️Requires `GEMINI_API_KEY` environment variable for all AI-powered features.
Verified SafeView Analysis
The project includes a robust pre-commit security scanner to prevent sensitive data leaks, and MCP communication uses PATs for authentication. However, some shell scripts (`scripts/organize-md-files.sh`, `scripts/process_email_with_gemini.sh`, `scripts/generate_issue_plans.sh`) utilize `eval`, which poses a significant risk for command injection if inputs are not perfectly sanitized. Additionally, `subprocess.run(shell=True)` is used in `sdk/scanner/utils.py`, and the FastAPI MCP server uses `allowed_hosts=['*']` which is generally safe for Cloud Run but could be a risk in other deployments.
Updated: 2026-01-19GitHub
0
0
High Cost
Zureyat icon
Sec2

Automated captcha solving for AI agents to bypass various captcha types (text, math, reCAPTCHA, hCaptcha, sliders, etc.) during web automation.

Setup Requirements

  • ⚠️Requires API keys from paid external captcha-solving services (CapSolver, CapMonster, 2Captcha, Anti-Captcha) for '99.99%+ accuracy'.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️The included Tampermonkey userscript (`captcha_solver.js`) may introduce significant security risks due to its permissions and untrusted network communication, also requiring user interaction to accept a 'disclaimer'.
Review RequiredView Analysis
The server makes requests to hardcoded external and untrusted HTTP services (e.g., `http://ca.zwhyzzz.top:8092/`) for captcha solving. Communication over HTTP is unencrypted and vulnerable to Man-in-the-Middle attacks, data interception, and tampering. The `captcha_solver.js` userscript, intended for browser integration, requests `GM_xmlhttpRequest` permissions for `*` (any domain), which is overly broad and allows it to send user data to arbitrary, potentially malicious, endpoints. It also prompts users for a 'disclaimer' on first use, a common social engineering tactic. The `Function` constructor is used for evaluating math expressions, posing a potential remote code execution risk if `expression` is not perfectly sanitized. A hardcoded developer tag (`41acabfb0d980a24e6022e89f9c1bfa4`) for the `jfbym` service could be a shared secret.
Updated: 2026-01-19GitHub
0
0
Medium Cost
RahulM0912 icon

fintra-mcp-server

by RahulM0912

Sec1

Provides an interface for an AI agent to interact with a PostgreSQL database, specifically for financial transaction management, by exposing tools for database schema description and SQL query execution.

Setup Requirements

  • ⚠️Requires access to a PostgreSQL database, with its connection string provided via the `DATABASE_URL` environment variable. The code suggests this is intended to be a Supabase Postgres instance.
  • ⚠️Mandates the presence of `SUPABASE_URL` and `SUPABASE_SERVICE_ROLE_KEY` environment variables, even though they are not explicitly used by the `pg` client in the provided snippets, their absence will result in console errors.
  • ⚠️Requires a build step (`npm run build`) to compile TypeScript files to JavaScript before the server can be started using `npm start`.
Review RequiredView Analysis
CRITICAL: The `getQueryTool` in `src/controllers/tools.ts` directly executes arbitrary SQL queries provided as input (`pool.query(arg.sql)`). This design introduces a severe SQL injection vulnerability if the input `arg.sql` originates from untrusted user input without robust sanitization or proper parameterization. An attacker could exploit this to perform unauthorized data access, modification, deletion, or even full database compromise.
Updated: 2025-11-29GitHub
0
0
Low Cost
aadilmallick icon
Sec8

An MCP server for online image compression, resizing, and format conversion using the Sharp library.

Setup Requirements

  • ⚠️Requires Node.js 20+ to run.
  • ⚠️Utilizes Sharp, which includes native dependencies that are typically handled automatically during installation but can occasionally cause environment-specific issues.
  • ⚠️The HTTP server operates on port 3001 by default, which must be available.
  • ⚠️Creates a 'tmp' directory in the current working directory for temporary files.
Verified SafeView Analysis
The server uses robust libraries like Express, Helmet, and Sharp, and generates UUIDs for temporary filenames to prevent path traversal. Cleanup mechanisms are in place for temporary files. Potential risks include a broad CORS policy (`origin: true, credentials: true`) which may be too permissive for credentials if not carefully managed, and basic validation for `imageUrl` which could potentially lead to resource exhaustion if very large or numerous image downloads are initiated without rate limits at the MCP client or server level. Sharp is generally robust against malicious image content, but any native dependency carries a residual risk.
Updated: 2025-11-23GitHub
0
0
High Cost
lumberjack-so icon

joeMCP

by lumberjack-so

Sec7

This MCP server exposes construction management tools from the JoeAPI system to AI assistants like Claude, enabling them to automate tasks, analyze project data, and generate reports.

Setup Requirements

  • ⚠️Requires JoeAPI backend server to be running locally (e.g., on http://localhost:8080) or accessible via the configured API_BASE_URL.
  • ⚠️Requires manual configuration in Claude Desktop with absolute paths and environment variables (e.g., JOEAPI_BASE_URL).
  • ⚠️The 'search' tool performs 6 parallel API calls and aggregates comprehensive project data, potentially resulting in very large JSON outputs that consume a significant number of AI tokens.
Verified SafeView Analysis
The server uses `zod` for input validation, which helps prevent basic injection attacks. It relies on environment variables (`JOEAPI_API_KEY`) for authentication, avoiding hardcoded secrets. Network requests use standard `fetch`. The `async` tool delegates to an external, hardcoded `ASYNC_AGENT_BASE_URL` and directly passes user prompts, introducing a dependency on the security and robustness of that third-party service. Error responses from upstream APIs (`API Error ${status}: ${JSON.stringify(responseData, null, 2)}`) might expose internal server details. No 'eval' or direct arbitrary command execution found.
Updated: 2025-11-22GitHub
0
0
Low Cost
T25bimmer icon

mitsuki-mcp-audit

by T25bimmer

Sec10

This repository serves as a basic placeholder created by GitHub Desktop, intended for initial project setup and communication through its README.

Verified SafeView Analysis
The provided source code consists solely of a README.md file. No executable code, server logic, or configuration was found to analyze for security risks. Therefore, there are no inherent security concerns from the given files.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Kolivoapp icon

kolivo-mcp-server

by Kolivoapp

Sec8

This server acts as a Model Context Protocol (MCP) wrapper, enabling AI systems to interact with the KOLIVO Brand Portal API to manage assets, brand guidelines, and analytics.

Setup Requirements

  • ⚠️Requires a Node.js 18+ runtime environment.
  • ⚠️Requires pnpm package manager.
  • ⚠️Mandates an Auth0 authentication token (JWT) for the KOLIVO Brand Portal API, which needs to be obtained manually via user login or machine-to-machine application setup.
Verified SafeView Analysis
The server correctly retrieves sensitive authentication tokens from environment variables, preventing hardcoding. It explicitly checks for the presence of the authentication token before starting. All external API communication uses HTTPS and includes a configurable timeout. The server proxies requests directly, relying on the upstream KOLIVO Brand Portal API for robust input validation and data sanitization. The communication with the AI client occurs via standard I/O (stdio), which is generally secure for co-located processes, but the `AUTH_TOKEN` remains a critical secret that must be managed carefully by the user deploying the server.
Updated: 2026-01-19GitHub
0
0
Low Cost
Tetsukiba icon

MCP-demo2-CSCI-435

by Tetsukiba

Sec9

This server provides real-time weather alerts for US states and detailed forecasts for specific geographic coordinates by interacting with the National Weather Service (NWS) API.

Setup Requirements

  • ⚠️Requires Python 3 and specific dependencies (`mcp[cli]`, `httpx`).
  • ⚠️Requires manual configuration of `.vscode/mcp.json` with the correct virtual environment and script paths for VSCode integration.
Verified SafeView Analysis
The code makes external API calls to api.weather.gov, which is a trusted source. It uses httpx with proper error handling (response.raise_for_status()) and a timeout. No 'eval' or other highly dangerous patterns were found. There are no hardcoded secrets or API keys, as the NWS API generally does not require them for public data access. The user-agent is hardcoded, which is acceptable. Overall, the server appears safe to run.
Updated: 2025-11-20GitHub
0
0
Low Cost
pandaboy6621 icon

mcpi-server-status

by pandaboy6621

Sec8

Monitors the status of Minecraft Pocket Edition (MCPI) servers and displays them on a basic webpage with a 24-hour heartbeat history.

Setup Requirements

  • ⚠️Requires Python 3 and Flask library to be installed (`pip install Flask`).
  • ⚠️For the custom font to display, the `static/fonts/mojangles.ttf` file must be present relative to `app.py`.
  • ⚠️The application creates and uses a local SQLite database (`status.db`), requiring write permissions in the execution directory.
Verified SafeView Analysis
The application uses parameterized queries for SQLite, mitigating SQL injection risks. The HTML template is a static string, reducing server-side XSS vulnerabilities. Input from external MCPI servers (names, versions) is displayed directly without explicit HTML sanitization in the client-side JavaScript, which could theoretically allow client-side XSS if a malicious server provides crafted data, though the impact is generally low for this type of monitoring application. No hardcoded secrets or 'eval' calls found. Network communication uses standard UDP for status checks.
Updated: 2026-01-19GitHub
0
0
Medium Cost
shane-kercheval icon

reasoning-agent-api

by shane-kercheval

Sec4

An AI Reasoning Agent API with LLM observability, tracing, and performance monitoring capabilities.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for backend services.
  • ⚠️Requires an OpenAI API Key (or other configured LLM provider keys) for LLM access, which is a paid service.
  • ⚠️Requires Node.js 18+ for the Electron client application, which runs natively.
  • ⚠️GitHub and Brave API keys are needed for full functionality of respective tools.
  • ⚠️Brave Search API requires `BRAVE_API_KEY` for web search.
Review RequiredView Analysis
Critical security concerns include the hardcoded `PHOENIX_SECRET` in `docker-compose.yml`, the permissive `allow_origins=["*"]` for CORS middleware in the API services, and `PHOENIX_ENABLE_AUTH=false` disabling authentication for the Phoenix observability UI by default. The use of `asyncio.create_subprocess_shell` for Git/GitHub tools in `tools_api/services/tools/github_dev_tools.py` presents a command injection risk if input is not rigorously sanitized. Development configurations (e.g., `REQUIRE_AUTH=false` in `docker-compose.dev.yml`) also pose a risk if unintentionally used in production.
Updated: 2025-12-08GitHub
0
0
Medium Cost
t-neumann icon

GenomicOps-MCP

by t-neumann

Sec7

A Python server providing genomic feature operations from UCSC genome browser tracks via Model Context Protocol (MCP) for AI clients and a FastAPI REST API for local testing.

Setup Requirements

  • ⚠️Requires Python >= 3.11
  • ⚠️Relies on external UCSC APIs and the `liftOver` binary, requiring internet access and successful binary download/execution (platform-specific).
  • ⚠️The `uv` package is recommended for dependency management.
Verified SafeView Analysis
The server downloads and executes the `liftOver` binary from UCSC's official servers (`hgdownload.soe.ucsc.edu`). While UCSC is generally a trusted source, any downloading and executing of external binaries carries an inherent risk if the source or the binary itself were ever compromised. Input parameters for `subprocess.run` calls are carefully constructed from internally managed paths and parsed user input, mitigating direct command injection risks. No 'eval', obfuscation, or hardcoded secrets were found. All external network calls are to official UCSC endpoints.
Updated: 2026-01-19GitHub
0
0
High Cost
ThiagoCF05 icon

mcp-tutorial

by ThiagoCF05

Sec4

This server performs fundamental financial analysis of Brazilian stock market companies using AI agents to extract and interpret financial indicators.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid service).
  • ⚠️Requires Docker for easy setup and orchestration of all services.
  • ⚠️Requires Python >=3.13.
  • ⚠️Requires manual generation of RSA public/private keys for JWT authentication.
  • ⚠️Multiple `.env` files must be created and populated manually across different service directories.
  • ⚠️Relies on local SQLite databases (`cvm.db`, `fundamental_analysis.csv`) which need to be present or generated via provided scripts.
Review RequiredView Analysis
The system includes a 'code_interpreter' tool that executes arbitrary Python code using `subprocess.run`. This is a critical security vulnerability if the agent's inputs are not strictly controlled and sanitized, as it can lead to arbitrary code execution on the host system. The `DB_PATH` for CVM data is hardcoded in agent tools, which is a minor configuration vulnerability. JWT authentication is used for inter-service communication, but the overall security depends on proper management of environment variables and key files.
Updated: 2026-01-18GitHub
PreviousPage 573 of 713Next