Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
99hansling icon
Sec5

Transforms codebases into a single, AI-readable Markdown document, suitable for AI analysis, documentation, code reviews, and team collaboration within an MCP-compatible AI assistant.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️Building this project (`npm run build`) explicitly invokes `go build main.go`, indicating a dependency on Go, which contradicts the primary README's claim of "Pure TypeScript implementation - no Go, Python, or other runtimes required". This can cause build failures if Go is not installed.
  • ⚠️The server is designed to be invoked via the Model Context Protocol (MCP) by compatible AI assistants (e.g., Claude Code), rather than as a general-purpose standalone CLI tool.
Review RequiredView Analysis
The `codeweaver_pack_codebase` tool allows specifying an `output` file path. The current implementation uses `fs.writeFile(params.output, ...)` without explicit path validation (e.g., restricting to a safe directory or preventing path traversal characters like `../`). If an AI assistant or a malicious actor can control the `output` parameter, they could potentially write to arbitrary locations on the file system, leading to data corruption or privilege escalation.
Updated: 2025-12-05GitHub
0
0
Low Cost
horatiucd icon

mcp-server-api-key

by horatiucd

Sec9

Demonstrates how to secure a Model Context Protocol (MCP) Server with an API key using Spring MCP Server Security.

Setup Requirements

  • ⚠️Requires 'api.key.id' and 'api.key.secret' environment variables to be set.
  • ⚠️Requires a Java Development Kit (JDK) and Apache Maven to build and run.
Verified SafeView Analysis
The server correctly retrieves API key ID and secret from environment variables or configuration files, preventing hardcoding in source. It integrates Spring Security with MCP API Key authentication. The use of `InMemoryApiKeyEntityRepository` for key storage is acceptable for a demonstration but would require a more robust, persistent solution (e.g., database, vault) for a production environment.
Updated: 2026-01-13GitHub
0
0
Medium Cost
FirebirdSolutions icon

Guardian

by FirebirdSolutions

Sec9

An AI safety system designed to detect mental health crises and other harmful behaviors, prevent AI hallucination of fake crisis resources, and provide verified, region-specific support.

Setup Requirements

  • ⚠️Requires Anthropic API Key (Paid) for batch training data augmentation.
  • ⚠️GPU hardware (NVIDIA with CUDA) is recommended for ML training and efficient inference.
  • ⚠️Requires manual installation and compilation of `llama.cpp` tools for GGUF model export.
Verified SafeView Analysis
The project emphasizes privacy and on-device deployment, reducing network exposure for user data. It's designed to prevent AI hallucination of crisis resources, which is a core safety feature. The use of `trust_remote_code=True` for Hugging Face models (like Qwen) is standard but implies trust in the remote model's codebase. The `export.py` script uses `subprocess.run` to call external `llama.cpp` tools for GGUF conversion, which introduces dependency on the security of those external tools. No hardcoded API keys were found; API keys are expected from environment variables.
Updated: 2025-12-07GitHub
0
0
Low Cost
cnPauLi icon
Sec7

The Trae-OpenSpec MCP server provides a zero-command-line interface for creating, managing, and optimizing OpenSpec projects and code, integrated with Trae AI.

Setup Requirements

  • ⚠️Requires Node.js v18.0.0 or higher.
  • ⚠️Requires the latest version of Trae AI for full integration.
  • ⚠️By default, 'CREATE_REAL_FILES' environment variable is 'false', meaning the server will simulate file creation but not actually write files to disk unless explicitly set to 'true'.
Verified SafeView Analysis
The server performs file system write operations based on user input (projectName) when 'CREATE_REAL_FILES' is true. While limited to the current working directory and using path.join for basic path sanitization, this pattern inherently carries risk if not used in a controlled environment or with proper input validation. No 'eval' or direct network exposure for user input is present.
Updated: 2025-12-11GitHub
0
0
Medium Cost
kingkillery icon

git-worktree-mcp

by kingkillery

Sec3

Manages Git worktrees and orchestrates parallel development workflows with AI agents using MCP integration.

Setup Requirements

  • ⚠️Requires Node.js 18+
  • ⚠️Must be run within a Git repository
  • ⚠️Requires Par CLI installed for Par features
  • ⚠️Requires tmux for Par features (works via WSL on Windows)
Review RequiredView Analysis
The `ParManager` class utilizes `execSync` to execute shell commands, including `par send` which can send arbitrary commands to a tmux session via the `par_send_command` tool. This poses a significant security risk as it allows for remote code execution if an AI agent (or a malicious actor interacting with it) is permitted to send unverified commands. While other `execSync` calls are used with inputs derived from Zod-validated strings, the direct command injection potential through `par_send_command` is critical. The server interacts with the local file system extensively for worktree management and configuration file copying, requiring high trust in the execution environment.
Updated: 2025-11-18GitHub
0
0
Medium Cost
RaghadJohani0 icon
Sec9

Provides a sandboxed filesystem server with read, write, and search capabilities via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js and npm to be installed.
  • ⚠️Requires TypeScript for development (handled by 'ts-node' in 'dev' script).
Verified SafeView Analysis
The server implements a robust `safePath` function that effectively prevents path traversal attacks by ensuring all file operations are confined strictly within the `/data` directory. No 'eval' or other inherently dangerous functions are used without explicit justification. There are no hardcoded secrets or obvious network vulnerabilities beyond its intended function as an MCP server. All filesystem access is explicitly sandboxed, enhancing security.
Updated: 2026-01-19GitHub
0
0
Medium Cost
owayo icon
Sec9

An MCP server for AI assistants to integrate with GitLab, fetching pipeline failure logs, merge request comments, and code changes for automated analysis and feedback.

Setup Requirements

  • ⚠️Requires a GitLab API Key with `read_api` scope.
  • ⚠️Requires `uv` package manager for installation and execution.
  • ⚠️Requires local Git repository path (`GIT_REPO_PATH`) to be correctly configured and accessible.
  • ⚠️Requires GitLab URL (`GITLAB_URL`) and Project Name (`GITLAB_PROJECT_NAME`) to be set in environment variables.
Verified SafeView Analysis
The server uses environment variables for sensitive data (GitLab API key, repository paths), which is a good practice. No 'eval' or obvious command injection vulnerabilities were found. Potential security risks are primarily from misconfiguration of environment variables (e.g., 'GIT_REPO_PATH' pointing to an unintended location) or if underlying third-party libraries (`gitpython`, `python-gitlab`) contain vulnerabilities.
Updated: 2025-11-26GitHub
0
0
Low Cost
itzuditsharma icon

Agentic-AI

by itzuditsharma

Sec6

An AI agent crew designed to review C/C++ code for MISRA compliance or generate MISRA-compliant code, leveraging a RAG system for MISRA rules.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) configured in a .env file.
  • ⚠️Requires Python >=3.10 <3.14.
  • ⚠️Requires the `Misra_document.pdf` file to be present for RAG database generation (not provided in the source).
  • ⚠️Uses UV for dependency management (`pip install uv` then `crewai install`).
Review RequiredView Analysis
The project uses `allow_code_execution=True` with `code_execution_mode="safe"` for the 'coder' agent. While 'safe' mode implies sandboxing, any code execution controlled by an LLM carries inherent risks of sandbox escapes or unintended malicious code generation, even if the primary task is code review. External PDF processing for RAG also introduces potential parsing vulnerabilities, though less severe.
Updated: 2025-11-21GitHub
0
0
High Cost
yehorkardash icon

mcp-server

by yehorkardash

Sec8

Serves as an MCP (Model Context Protocol) server, providing tools for fetching a specific image and demonstrating various JSON schema input types for tool calls.

Setup Requirements

  • ⚠️Requires Node.js environment (v14+ due to ES module usage).
Verified SafeView Analysis
No 'eval' or obvious obfuscation found. The hardcoded image URL prevents Server-Side Request Forgery (SSRF) for the image fetching tool. Open CORS (`Access-Control-Allow-Origin: *`) is enabled, which is common for public APIs but allows universal access. The server relies on the security and robustness of the `@modelcontextprotocol/sdk` for session handling and message processing. No direct user-controlled code execution or sensitive information leakage found in error handling.
Updated: 2025-11-20GitHub
0
0
Low Cost
daporun icon
Sec8

A general-purpose Node.js client for the Model Context Protocol (MCP) servers, facilitating robust JSON-RPC 2.0 communication over stdin/stdout and managing child server processes.

Setup Requirements

  • ⚠️Requires a Node.js runtime environment (v18+ recommended as per package.json engines).
  • ⚠️The external MCP server (e.g., 'mcp-server-general') must output valid JSON objects to stdout for the client's parser to function correctly.
  • ⚠️When utilizing built-in profiles with `autoInstall: true` (e.g., 'web-dev'), initial setup may require network access to install the server and its plugins via npm.
Verified SafeView Analysis
The provided source code is for 'mcp-client-general', which acts as a client to an MCP-compatible server, not an MCP server itself. Its primary function involves spawning external MCP servers as child processes and communicating with them via stdio. The client code uses a robust, framing-agnostic JSON parser to handle incoming data, which helps mitigate risks associated with malformed input often seen with 'Content-Length' headers. It does not use 'eval' or other inherently dangerous functions. However, as the client executes arbitrary commands to launch the MCP server, the overall security of the system depends on the trustworthiness of the external server command and its arguments. Users must ensure that any command supplied to `mcp run` or programmatically to `MCPProcess` is from a trusted source.
Updated: 2026-01-07GitHub
0
0
Medium Cost
justhappened-corp icon

stock-moves-explained

by justhappened-corp

Sec7

Provides AI-powered analysis explaining significant moves in major US stocks (S&P 500, NASDAQ 100, Dow 30) to AI assistants.

Verified SafeView Analysis
Cannot audit the server's internal source code as it is provided as a remote service. The client-side integration via MCP configuration does not expose immediate security vulnerabilities. Assumes the remote server (api.justhappened.wtf) adheres to standard security practices (e.g., HTTPS, input validation, secure backend). No 'eval', obfuscation, hardcoded secrets, or malicious patterns are visible in the provided interface definitions.
Updated: 2026-01-19GitHub
0
0
Medium Cost
ambit1977 icon

GTM-MCP

by ambit1977

Sec9

Automate and manage Google Tag Manager (GTM) accounts, containers, workspaces, tags, triggers, variables, and versions through an MCP server.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with OAuth2 Desktop app credentials (Client ID, Client Secret, Redirect URI) configured.
  • ⚠️Requires the Google Tag Manager API to be enabled in the Google Cloud Project.
  • ⚠️Initial interactive authentication via a browser is necessary to obtain and cache the OAuth2 token.
  • ⚠️Primarily tested and intended for local operation on macOS, as indicated in the README and specific command usage (`open` for browser).
Verified SafeView Analysis
The server uses standard OAuth2 for Google API authentication, storing tokens securely in a local file (`~/.gtm-mcp-token.json`). Sensitive credentials (Client ID/Secret) are correctly sourced from environment variables. The use of `execAsync('open "${authUrl}"')` is for opening a browser on macOS during initial authentication, where `authUrl` is generated internally by `googleapis`, posing no apparent injection risk. Input sanitization is implicitly handled by the `googleapis` library for API requests, and explicitly for `filter` and `autoEventFilter` parameters by attempting `JSON.parse` if they are strings.
Updated: 2025-12-04GitHub
PreviousPage 580 of 713Next