Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
tpitre icon
Sec7

This server acts as a backend for an AI-powered design system documentation and component generation tool, integrating with Storybook to create and modify UI components based on user prompts and design guidelines.

Setup Requirements

  • ⚠️Requires a running Storybook instance on port 6006 (or configured otherwise).
  • ⚠️Requires the Story UI MCP server to be running, typically on port 4005 (or configured otherwise).
  • ⚠️Assumes Caddy is installed and configured with the provided `Caddyfile` for reverse proxying.
  • ⚠️Relies on an external AI provider (e.g., OpenAI, Anthropic, etc.) for code generation, which may incur costs.
Verified SafeView Analysis
The server orchestrates local development tools (Storybook, MCP server, Caddy). While not inherently malicious, several aspects warrant attention: 1. The `/api/raw-source` endpoint in `vite.config.ts` serves local source code with `Access-Control-Allow-Origin: *`, which could expose internal story code if the server is deployed publicly without proper network segmentation. 2. The `StoryUIPanel.tsx` uses a custom markdown renderer and displays AI-generated code. If the AI is prompted to generate malicious code or content (e.g., XSS payloads), this could pose a client-side risk if not adequately sanitized during rendering or if the generated code is executed. 3. Image uploads convert files to base64 and send them to the backend, which is a potential vector if the AI backend processes these images in a vulnerable way. No `eval` or obvious hardcoded secrets were found in the truncated source, and the core scripts use standard command execution.
Updated: 2025-12-02GitHub
0
0
Low Cost
guthubrx icon

rekall

by guthubrx

Sec8

A local-first, personal knowledge management system for developers, designed to help recall bugs, patterns, and decisions, and integrate with AI assistants via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Semantic search (if enabled) triggers an initial ~90MB model download, requiring internet access.
  • ⚠️Optional 'sqlcipher3-binary' dependency for database encryption.
  • ⚠️Optional 'keyring' dependency for secure passphrase storage.
Verified SafeView Analysis
Rekall is designed as a 100% local, privacy-first tool, storing no API keys or passwords. File permissions for the SQLite database are securely set to 0o600. Outbound network access for semantic embedding model download, source enrichment, and link rot checks is opt-in or clearly indicated. A minor, localized SSRF risk remains in one URL validation path (`validate_url_simple`), although partially mitigated by explicit block patterns. The lack of default encryption for the SQLite database is a design choice for simplicity but is noted as an optional enhancement. Archive import now includes robust checks against zip-bombs and oversized files. CI/CD includes dependency scanning (pip-audit, gitleaks).
Updated: 2025-12-14GitHub
0
0
Low Cost
JorgeDelAngel03 icon

MCP

by JorgeDelAngel03

Sec9

This server extends LLM capabilities by providing tools for impartial decision-making, weighted randomization, and data persistence of past decisions.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires the 'fastmcp' Python library
Verified SafeView Analysis
The server uses `stdio` for communication, limiting direct network exposure. It writes decision history to a local `historial.json` file, which is limited to 50 entries to prevent unbounded growth. There are no obvious hardcoded secrets, `eval` usage, or malicious patterns. The main 'risk' would be sensitive information being stored in the local history file, but it's not directly exposed by the server.
Updated: 2025-11-28GitHub
0
0
Medium Cost
synergy2test icon

codex-validator-mcp

by synergy2test

Sec8

Validates implementation plans for software development projects using AI, identifying architectural issues, missing dependencies, and best practice violations before code implementation.

Setup Requirements

  • ⚠️Requires Node.js 20+.
  • ⚠️Requires OpenAI Codex CLI (npm install -g @openai/codex) to be installed and authenticated (codex login).
  • ⚠️Requires an OpenAI account with a Pro plan (for Codex CLI) or an OPENAI_API_KEY for fallback API calls.
  • ⚠️Context7 API Key (optional, for higher rate limits on best practices lookups).
Verified SafeView Analysis
The server executes external binaries (OpenAI Codex CLI) and can, in 'apply_changes' mode, modify files. This is an intentional core feature. Safeguards are in place: 'suggest' mode runs in a read-only sandbox by default, and 'apply_changes' mode is designed to prompt for confirmation via the MCP client, though the CLI itself manages the actual application of changes. No hardcoded secrets or arbitrary code execution vulnerabilities were found beyond the intended functionality of an AI coding agent.
Updated: 2026-01-19GitHub
0
0
Low Cost
KeeVor icon
Sec2

Connects to a MySQL database to perform common operations like listing tables, describing tables, and executing SQL queries.

Setup Requirements

  • ⚠️Requires a running MySQL database instance.
  • ⚠️Requires database connection credentials (DB_HOST, DB_PORT, DB_USER, DB_PASSWORD, DB_NAME) to be set as environment variables.
  • ⚠️Relies on `uv` and `uvx` for installation and execution, which needs to be installed separately.
Review RequiredView Analysis
The `execute_sql` tool allows arbitrary SQL query execution without any apparent input sanitization or restrictions on query types, making it highly vulnerable to SQL injection attacks if exposed to untrusted input. A malicious AI prompt or direct user input could execute destructive commands (e.g., DROP TABLE, DELETE FROM) or exfiltrate data. The database user configured for this server should have the absolute minimum necessary privileges.
Updated: 2025-12-02GitHub
0
0
Medium Cost
memnexus-ai icon

mx-releases

by memnexus-ai

Sec9

Facilitates AI agents by providing a Model Context Protocol (MCP) server for interacting with the MemNexus memory management API.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️Requires a running MemNexus Core API backend, typically accessible at 'http://localhost:3000' (default for development).
  • ⚠️Clients connecting to the MCP server (and the MCP server itself when calling the Core API) will need an API key for authentication.
Verified SafeView Analysis
The repository demonstrates strong security practices for its CI/CD and package publishing pipeline, explicitly utilizing npm Trusted Publishing with GitHub Actions OIDC (short-lived tokens, no long-lived PATs, provenance attestations) and GitHub Apps for cross-repository access. The MemNexus API (which this MCP server interacts with) uses Bearer token authentication (ApiKeyAuth) as defined in its OpenAPI specification, a standard method for API security. No 'eval' or obvious malicious code patterns were found in the provided snippets. Runtime security would depend on the generated code, but the foundational practices are robust.
Updated: 2026-01-18GitHub
0
0
Low Cost
cryptodaddie icon
Sec9

Deploys an unauthenticated Model Context Protocol (MCP) server with basic calculator tools on Cloudflare Workers for AI agent integration.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment and associated `wrangler` CLI configuration.
  • ⚠️Requires Node.js and npm/npx installed for local development and dependency management.
  • ⚠️Local clients like Claude Desktop require `mcp-remote` proxy to connect.
Verified SafeView Analysis
The provided code for the calculator tools is simple and uses Zod for input validation, mitigating common injection risks. Runs on Cloudflare Workers, which provides a secure sandboxed environment. The 'authless' nature is stated, implying no authentication layer is applied for tool access in this example, which should be considered if extending with sensitive tools.
Updated: 2025-11-23GitHub
0
0
Low Cost
nikhil-grayscale icon

nlb-mcp

by nikhil-grayscale

Sec9

Provides an unofficial FastMCP server to access the NLB Singapore Library Catalogue for title search and availability information.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Requires NLB API Key and App Code (obtained from NLB, potentially involving registration/approval)
  • ⚠️Requires installing Python dependencies via pip after creating a virtual environment
Verified SafeView Analysis
The server correctly handles NLB API keys via environment variables, not accepting them from user input. It also redacts these keys from logs. User authentication is offloaded to FastMCP's built-in OAuth2 provider. Basic input validation is present to limit request parameters and prevent broad queries, though the README suggests that stricter pydantic models for inputs/outputs could be added for enhanced validation.
Updated: 2025-12-02GitHub
0
0
Low Cost
Vonage icon
Sec10

Provides AI assistants with access to Vonage API documentation, code snippets, tutorials, and troubleshooting resources.

Setup Requirements

  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop, Cline) to be installed and configured.
  • ⚠️Relies on a remotely hosted server (https://documentation-mcp.vonage.dev/mcp); this repository does not contain the server's executable code.
  • ⚠️Requires internet access to connect to the remote MCP server.
Verified SafeView Analysis
The provided source code consists solely of documentation files (README, CONTRIBUTING, CODE_OF_CONDUCT, LICENSE) and an MCP configuration file (`server.json`) that points to a remotely hosted server. There is no executable server logic included in this repository to audit for security vulnerabilities like 'eval', obfuscation, hardcoded secrets, or network risks. The repository content itself is benign.
Updated: 2025-12-15GitHub
0
0
Medium Cost
pranjal-lnct icon

Sentinel-MCP-Server

by pranjal-lnct

Sec9

Integrates various security scanning tools as an MCP server for IDEs, providing SAST, SCA, secret scanning, DAST, malware, EOL, compliance, crypto, and AI-powered threat modeling.

Setup Requirements

  • ⚠️Requires Docker to be installed and running.
  • ⚠️Requires Python 3.13 or higher.
  • ⚠️AI Threat Modeling requires an external LLM API Key (e.g., OpenAI API Key), which typically involves costs.
Verified SafeView Analysis
The server's core logic (docker_runner.py) correctly isolates security tool execution via Docker, with robust error handling and retries. Input to external tools (target_path, target_url) is user-controlled, implying trust in the client, but the server itself doesn't introduce obvious internal vulnerabilities. Test resources containing 'eval' and hardcoded secrets are correctly identified as *targets* for the scanner, not part of the server's own codebase.
Updated: 2025-11-29GitHub
0
0
Low Cost
manishdhull1990 icon

test-remote-mcp-server

by manishdhull1990

Sec9

This server provides an API for tracking and managing personal or business expenses by adding, listing, and summarizing entries.

Setup Requirements

  • ⚠️Data stored in a temporary directory (`/tmp` or similar) might be lost on system restarts or cleanup routines, leading to potential data loss.
  • ⚠️Requires Python 3.13 or newer, as specified in `pyproject.toml`.
Verified SafeView Analysis
All database interactions use parameterized queries, effectively mitigating SQL injection risks. The codebase does not contain dangerous functions like `eval` or `exec`, nor does it have hardcoded sensitive credentials. The database is stored in a temporary directory, which is an operational concern for data persistence but not a direct security vulnerability of the code itself. The server binds to `0.0.0.0` by default, which is standard for a server but means it's accessible from all network interfaces; appropriate firewall rules should be considered for production deployments.
Updated: 2025-11-26GitHub
0
0
Medium Cost
ssdavidai icon

joeAPI

by ssdavidai

Sec9

Provides a Model Context Protocol (MCP) server for the JoeAPI construction management system, exposing construction management tools to AI assistants like Claude.

Setup Requirements

  • ⚠️Requires an existing Microsoft SQL Server database to function.
  • ⚠️Relies on a separate, running instance of the main JoeAPI backend (specified by JOEAPI_BASE_URL) for its core functionality.
  • ⚠️Requires specific configuration in Claude Desktop for local STDIO transport setup.
  • ⚠️Extensive environment variable configuration is necessary for database, JWT, and API base URL settings.
Verified SafeView Analysis
The server features robust multi-tenancy enforcement, ensuring users only access their own data, and utilizes parameterized SQL queries to prevent SQL injection vulnerabilities. JWT authentication is used for API access. Development mode allows authentication bypass via `DEV_USER_ID`, which is a recognized convenience but should not be enabled in production environments.
Updated: 2025-11-22GitHub
PreviousPage 575 of 713Next