Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
sreehari-sreesunil icon

MCP_expense_tracer_remort

by sreehari-sreesunil

Sec10

Provides basic mathematical operations through an MCP server.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer
Verified SafeView Analysis
The code implements basic arithmetic and random number generation with no apparent vulnerabilities, 'eval' calls, hardcoded secrets, or complex interactions that could be exploited.
Updated: 2025-12-14GitHub
0
0
Medium Cost
RuslanLat icon

AIDevToolsHack

by RuslanLat

Sec7

An AI agent for managing emails and calendar events by integrating with Large Language Models (LLMs) via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires API keys and credentials for LLM, MCP, email (IMAP/SMTP), and CalDAV services, many of which are paid or require app-specific passwords.
  • ⚠️Requires active external email and CalDAV accounts for full functionality.
  • ⚠️Python 3.12+ is required for `mcpserver` and `ui` services, while `agent` specifies 3.10+ (recommend ensuring 3.12+ for all).
  • ⚠️Docker and Docker Compose are necessary for the easiest setup and running of all components locally.
Verified SafeView Analysis
The server uses environment variables for sensitive credentials (email, CalDAV, API keys), which is a good practice. It relies on standard, well-maintained libraries for network interactions (IMAP, SMTP, CalDAV). The email body cleaning function `_clean_email_body` is complex with multiple regex operations, which can be prone to edge cases, but aims to reduce the amount of data sent to the LLM. The primary security consideration lies in giving an LLM access to email and calendar actions; misconfigured or unconstrained prompts could lead to unintended email sending or event creation. No direct `eval` or blatant malicious patterns were found. However, interaction with external LLMs and their data handling policies should be considered for privacy.
Updated: 2025-12-12GitHub
0
0
Low Cost
gharshit icon

mcpServer

by gharshit

Sec3

Provides a standardized interface for AI assistants to interact with PostgreSQL databases securely and contextually.

Setup Requirements

  • ⚠️Requires an existing PostgreSQL database instance.
  • ⚠️Database connection details (host, port, user, password, db) must be manually configured in `config.yaml`.
  • ⚠️For exposing the server publicly (SSE transport), Cloudflare Tunnel (`cloudflared`) must be installed and run separately.
Review RequiredView Analysis
The `run_sql_query` tool, which is central to database interaction, employs a keyword-based filtering mechanism to prevent forbidden operations (delete, drop, update, insert, etc.). This approach is highly vulnerable to bypasses and SQL injection. An attacker could use various techniques such as comments (e.g., `SELECT * FROM users; -- DROP TABLE orders;`), capitalization (`UpDate`), or advanced SQL constructs to circumvent these filters and execute arbitrary malicious SQL commands if the underlying PostgreSQL user account has the necessary permissions. The server's core security objective to prevent data manipulation is not adequately met by the current query validation logic. For instance, `SELECT 1; DROP TABLE users;` would likely bypass the filter. The database connection parameters are specified in `config.yaml`, which should be secured and ideally managed through environment variables or a secrets manager in production, as directly committing it to a repository would expose credentials.
Updated: 2025-12-11GitHub
0
0
Low Cost
sadatnazarli icon

VectorForge

by sadatnazarli

Sec8

Provides local, long-term memory for AI assistants (e.g., Claude) using a high-performance C++ vector database.

Setup Requirements

  • ⚠️Requires manual configuration of Claude Desktop's `claude_desktop_config.json` with an absolute path to the server's JavaScript entry point.
  • ⚠️Currently uses mock embeddings; real AI capabilities for embedding generation (e.g., OpenAI, Ollama) are roadmap items and not yet implemented, impacting actual RAG performance.
  • ⚠️Requires C++ (g++ C++17 compatible) and 'make' for building the core C++ vector engine.
Verified SafeView Analysis
The system runs locally and uses standard I/O (stdio) for communication, limiting network attack surface. The Node.js server executes the C++ binary via `child_process.execFile` with explicitly constructed arguments, reducing the risk of command injection through user input. Input parsing in the TypeScript server uses `zod` for validation, and the C++ component parses a simple float array format without 'eval' or similar dangerous functions. No hardcoded secrets were identified. The primary security concern, common in such architectures, is ensuring the C++ binary itself is secure against input-based vulnerabilities, though `strncpy` and fixed-size buffers are used to mitigate some risks.
Updated: 2025-11-24GitHub
0
0
Medium Cost
shura1981 icon

mcp_servers

by shura1981

Sec2

This repository provides multiple MCP servers for various utility functions, including extracting text from PDF files, securely interacting with the local file system, and executing SQL queries against a MySQL/MariaDB database.

Setup Requirements

  • ⚠️Filesystem Server: Requires command-line arguments to specify absolute paths to allowed directories for file operations. It will exit if not provided or if paths are inaccessible. E.g., `mcp-server-filesystem /path/to/project`.
  • ⚠️MySQL Server: Requires `MYSQL_HOST`, `MYSQL_USER`, `MYSQL_PASSWORD`, `MYSQL_DATABASE` environment variables. If these are not set, it defaults to hardcoded sensitive values and will likely fail to connect.
  • ⚠️PDF Extractor: The Express HTTP server component requires `PORT`, `NODE_ENV`, `LOG_LEVEL` environment variables.
Review RequiredView Analysis
CRITICAL VULNERABILITIES: 1. MySQL Server: Uses hardcoded default database credentials (MYSQL_USER: `crisenri_intranet`, MYSQL_PASSWORD: `].wKbv44W4LW8b`) if environment variables are not set. This exposes sensitive information directly in the source code. 2. MySQL Server: The `execute_query` tool directly takes an arbitrary SQL query string from client input and executes it without any sanitization or validation. This leads to a severe SQL Injection vulnerability. The `multipleStatements: true` setting further exacerbates this risk. 3. PDF Extractor: The `extract_text` and `extract_page` MCP tools take a `filePath` argument directly from client input without validating if it's within an allowed directory. This allows for arbitrary file read vulnerabilities, potentially exposing any file on the server. While the `filesystem` server demonstrates good security practices by rigorously validating paths against an allowed directory list, the presence of critical flaws in other parts of the repository significantly lowers the overall security posture.
Updated: 2025-11-20GitHub
0
0
Low Cost
Sec9

Provides searchable access to NativePHP documentation for AI assistants like Claude by scraping and indexing the content locally.

Setup Requirements

  • ⚠️Initial documentation scraping is required and can be time/bandwidth-consuming.
  • ⚠️Requires Python 3.8 or higher.
  • ⚠️Requires manual configuration in Claude Desktop's `claude_desktop_config.json` including absolute paths to the Python executable and server script.
Verified SafeView Analysis
The server performs web scraping, requiring outbound network access to `nativephp.com/docs`. It operates locally and communicates via stdio (Model Context Protocol), not opening external network ports for public access. No evidence of 'eval' or obfuscation. The server includes rate limiting for responsible scraping.
Updated: 2025-11-23GitHub
0
0
Low Cost
gvdlga icon

ns-mcp-server

by gvdlga

Sec8

Provides an MCP server to expose various NS (Dutch Railways) real-time information and services via a unified API.

Setup Requirements

  • ⚠️Requires `NS_API_KEY` environment variable for NS API authentication.
  • ⚠️Server runs on port 3003, ensure availability and proper network configuration.
Verified SafeView Analysis
API keys are retrieved from environment variables or a session manager, which is good practice. There is a minor information leakage risk due to `console.log` statements printing the API key during execution. Input validation is performed via manual checks, but the defined `zschema` is not explicitly utilized as the primary validation mechanism within `handleExecution` functions.
Updated: 2025-11-20GitHub
0
0
Low Cost
pixxelboy icon

amplify-mcp

by pixxelboy

Sec9

Enables AI models (LLMs) to interact with IRCAM Amplify audio processing APIs for music analysis, stem separation, AI-generated audio detection, and loudness analysis.

Setup Requirements

  • ⚠️Requires Node.js 18+.
  • ⚠️Requires a valid, potentially paid, IRCAM Amplify API Key.
  • ⚠️Audio inputs must be publicly accessible HTTP(S) URLs (max 100MB file size, specific formats).
Verified SafeView Analysis
The server correctly retrieves the IRCAM Amplify API key from environment variables, preventing hardcoding. It validates incoming audio URLs for `http(s)` schemes, mitigating some risks related to arbitrary file access. Outbound network calls are restricted to known IRCAM API endpoints. No direct `eval` or arbitrary command execution based on user input is observed in the main server logic. While `cross-spawn` and `execa` are present in dependencies (used by the MCP SDK and dev tools like Vitest and tsup), they are not directly exposed to process user-provided strings as commands, reducing command injection risks.
Updated: 2025-12-13GitHub
0
0
Medium Cost
cristip73 icon

dynalist-mcp

by cristip73

Sec9

Integrate Dynalist.io with AI assistants to programmatically read, write, and manipulate outline documents.

Setup Requirements

  • ⚠️Requires a Dynalist API Token, which must be generated from dynalist.io/developer.
  • ⚠️Manual configuration by editing 'claude_desktop_config.json' for Claude Desktop integration.
Verified SafeView Analysis
The server correctly handles the DYNALIST_API_TOKEN via environment variables, which is a standard secure practice. It makes expected network calls to the Dynalist API. No 'eval', obfuscation, or direct file system manipulation beyond standard operations was observed. The primary security consideration is the broad access granted by the Dynalist API token itself, which the user must protect.
Updated: 2025-11-25GitHub
0
0
Low Cost
mokcontoro icon

simple_mcp_server

by mokcontoro

Sec9

A Model Context Protocol (MCP) server for local AI client integration (ChatGPT, Claude.ai), providing OAuth 2.1 authentication, user management, and secure Cloudflare tunnel access.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Relies on an external cloud service (robotmcp-cloud at app.robotmcp.ai) for CLI login, account management, and Cloudflare tunnel orchestration.
  • ⚠️Requires the Cloudflare Tunnel client ('cloudflared') to be installed; it attempts auto-download on Linux/macOS, but Windows users may need manual installation (e.g., via winget).
Verified SafeView Analysis
The server employs robust security measures including OAuth 2.1 with PKCE, stateless JWT tokens for authentication, and secure local storage of the JWT secret with restrictive permissions (0o600). It leverages Cloudflare Tunnels for secure external access, mitigating direct public IP exposure. User management is handled by Supabase, and CLI login uses POST-based credential transfer. Access control enforces creator-only or shared member access. Reliance on external 'robotmcp-cloud' service for CLI login and tunnel creation is a trust point, but the implementation appears secure.
Updated: 2025-12-28GitHub
0
0
Medium Cost
Owen123-lang icon

netmiko_mcp_server

by Owen123-lang

Sec3

Facilitate Cisco network automation and interaction with network devices through an LLM client using Netmiko.

Setup Requirements

  • ⚠️Requires Python 3.8 or newer.
  • ⚠️Requires access to Cisco DevNet Sandbox or physical Cisco devices.
  • ⚠️Requires Ollama server running locally and the 'qwen3:14b' model downloaded.
  • ⚠️Critical configuration of network device credentials must be done manually in `config.py`.
  • ⚠️May require manual static route configuration on the host machine to reach R2 (e.g., `route add 10.1.1.0 mask 255.255.255.0 192.168.242.129`).
  • ⚠️May require enabling Proxy ARP on R1 for R2 connectivity if direct routing fails (mentioning a `fix_r1_forwarding.py` script which is not provided).
  • ⚠️The client-side (e.g., `ollama_mcp_chat.py` or Claude Desktop configuration) needs to be set up to connect to this server via stdio.
Verified SafeView Analysis
Critical security risks identified: 1. Hardcoded credentials: `config.py` directly contains sensitive information like usernames, passwords, and secrets (e.g., 'admin123'). These are also used as default values in the `bootstrap_router_ssh` tool. This is highly insecure as it makes credentials prone to exposure if the file is shared or accessed. 2. Lack of secure credential management: The project does not utilize environment variables (e.g., `os.environ.get()`) or other secure methods for handling sensitive data, relying solely on a local configuration file. 3. Insecure SSH Host Key Policy: `netmiko_connector.py` uses `paramiko.SSHClient.set_missing_host_key_policy(AutoAddPolicy())`. This bypasses SSH host key verification, making connections vulnerable to Man-in-the-Middle (MITM) attacks. While possibly intended for a lab, it's a significant security flaw. 4. Powerful bootstrap tool: The `bootstrap_router_ssh` tool automates critical security configurations (creating users, generating crypto keys, enabling SSH). If used without care, or with default weak credentials, it can introduce serious vulnerabilities to the target network devices.
Updated: 2025-12-18GitHub
0
0
Medium Cost
hydromel-project icon

reaper-apidocs-mcp

by hydromel-project

Sec8

Provides real-time access to REAPER ReaScript API documentation for AI assistants, enabling script writing and API exploration.

Setup Requirements

  • ⚠️Requires `docs/reaper_api.html` to be present in the project's root directory. This file contains the REAPER API documentation.
  • ⚠️Requires Node.js (v18+) or Bun runtime installed.
  • ⚠️Requires specific JSON configuration in AI assistant clients (e.g., Claude Desktop, Cursor) to connect to the MCP server.
Verified SafeView Analysis
The server processes a local HTML documentation file (`docs/reaper_api.html`). If this file were untrusted and contained malicious script, there's a theoretical risk, although the custom regex parser mitigates most common client-side HTML vulnerabilities. The HTTP/SSE server runs locally by default (`http://localhost:3001`) but can be configured for network access; external network exposure should be secured appropriately. CORS is enabled. No hardcoded secrets or 'eval' statements found in the analyzed source.
Updated: 2025-11-23GitHub
PreviousPage 579 of 713Next