Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
greedyaj icon
Sec9

An MCP server that exposes code from multiple local repositories to provide context for AI clients like GitHub Copilot.

Setup Requirements

  • ⚠️Manual configuration of 'config.json' with absolute paths is required.
  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️Specific VS Code settings are necessary for GitHub Copilot Chat integration.
Verified SafeView Analysis
The server implements robust security measures: explicit path sandboxing prevents directory traversal, symbolic links are not followed, and file read sizes are capped to prevent client flooding. There are no signs of 'eval', obfuscation, or hardcoded secrets. As a local stdio-transport server, it minimizes network-related security risks.
Updated: 2025-11-28GitHub
0
0
Low Cost
YashJain2410 icon

Test-Mcp-Server

by YashJain2410

Sec9

An expense tracker server that allows adding, listing, and summarizing financial expenses.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer (as specified in pyproject.toml).
Verified SafeView Analysis
The code uses parameterized queries, effectively preventing SQL injection vulnerabilities. No hardcoded secrets or dangerous functions like 'eval' or 'os.system' are present. The database is stored in a temporary directory, which is a reasonable approach for a local-file-based database. The server binds to '0.0.0.0' by default, making it accessible from any network interface; while common for development, this should be considered in a production environment.
Updated: 2026-01-16GitHub
0
0
Low Cost
Ikramur-Rahman icon

test-remote-mcp-server

by Ikramur-Rahman

Sec9

This server provides basic mathematical operations and information retrieval via the FastMCP protocol.

Setup Requirements

  • ⚠️Python 3.11+ required
  • ⚠️Requires `fastmcp` package installation (e.g., `pip install fastmcp` or `pip install -e .`)
Verified SafeView Analysis
The server is simple, performs basic operations, and avoids dangerous functions like 'eval'. It binds to '0.0.0.0' but does not expose any inherently insecure functionality. Deployment should ensure proper network security.
Updated: 2026-01-17GitHub
0
0
Medium Cost
Anthonniio icon

crewai_example

by Anthonniio

Sec8

An AI-powered crew that researches coffee shops in a specified location and automatically creates organized entries in a Notion database, including deduplication and rich descriptions.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid service)
  • ⚠️Requires Notion integration token and database ID (Notion account needed, integration setup)
  • ⚠️Requires a Google Search tool service URL and API Key for MCP (potentially paid or self-hosted)
Verified SafeView Analysis
The project uses environment variables (NOTION_API_KEY, GOOGLE_SEARCH_KEY, etc.) for sensitive credentials, which is good practice. A minor risk is the `NOTION_DATABASE_ID` fallback to 'test-db-id' in `custom_tool.py` if not properly configured. The `MCPServerHTTP` for Google Search relies on an external URL (`GOOGLE_SEARCH_URL`), which introduces a dependency on a trusted external service; however, the `tool_filter` mechanism helps control allowed operations. No 'eval' or direct malicious patterns were found. Manipulating `sys.path` in `custom_tool.py` is generally safe within a controlled project context.
Updated: 2025-12-05GitHub
0
0
Medium Cost
Sec7

Provides stock market data fetching and AI-powered report generation capabilities to an MCP-compatible client like Claude Desktop.

Setup Requirements

  • ⚠️Requires a Polygon.io API Key (Paid API).
  • ⚠️Requires Docker Desktop to be installed and running.
  • ⚠️Requires Claude Desktop application (client).
  • ⚠️Requires Python 3.13 or newer if run directly (though Docker abstracts this).
Verified SafeView Analysis
The core application code is relatively safe, reading API keys from environment variables and using standard libraries. No direct 'eval' or command injection vulnerabilities are apparent. However, the setup documentation and example configuration files ('claude_desktop_config.json', 'SETUP_CLAUDE_DESKTOP.md') explicitly show users how to embed the 'POLYGON_API_KEY' directly into the configuration file's 'args' array or 'env' dictionary. While a security note is present, this practice can lead to accidental exposure of sensitive API keys if the configuration file is committed to version control or shared improperly.
Updated: 2025-11-30GitHub
0
0
Medium Cost
mymanish9-code11 icon

QuantConnect-mcp-server

by mymanish9-code11

Sec9

The QuantConnect MCP Server acts as a bridge, enabling AI agents like Claude and OpenAI o3 Pro to programmatically interact with the QuantConnect cloud platform for tasks such as updating projects, writing and backtesting trading strategies, and deploying algorithms to live trading.

Setup Requirements

  • ⚠️Requires Docker Desktop to be installed and running for deployment.
  • ⚠️Requires a QuantConnect account and API credentials (User ID and API Token) to interact with the QuantConnect platform.
  • ⚠️Designed to be invoked by an MCP client (e.g., Claude Desktop) with specific configuration, adding a client-side setup step.
Verified SafeView Analysis
The server uses environment variables for sensitive API credentials (QUANTCONNECT_USER_ID, QUANTCONNECT_API_TOKEN), avoiding hardcoded secrets. All API communication is secured via HTTPS and custom basic authentication with SHA256 hashing. Pydantic models are used for input validation, reducing risks of malformed requests. `httpx.AsyncClient` is used with `raise_for_status()` for robust error handling. No `eval()` or similar dynamic code execution is observed. `webbrowser.open` is used for OAuth flows, which is a standard and generally safe practice for user authentication. The main risk relies on the security of the QuantConnect API itself and the trust in the provided Docker image.
Updated: 2025-11-28GitHub
0
0
Medium Cost
Thedurancode icon

Coolify-MCP

by Thedurancode

Sec9

The Coolify MCP Server enables AI agents to manage and deploy applications on a Coolify instance, facilitating AI-driven app marketplaces.

Setup Requirements

  • ⚠️Requires a running Coolify instance for deployment targets.
  • ⚠️Requires a Coolify API token with specific read/write/delete permissions for projects, applications, and deployments.
  • ⚠️Docker is recommended for running the MCP server, adding a dependency on containerization.
Verified SafeView Analysis
The server demonstrates strong security practices: secrets are loaded via environment variables (COOLIFY_API_URL, COOLIFY_API_TOKEN) and never exposed to AI agents. All tool inputs are rigorously validated using Zod schemas, preventing injection attacks and enforcing data integrity. The API client includes robust error handling with specific error codes for common issues (401, 403, 404, 409, 422, 429). Comprehensive logging provides an audit trail of tool invocations and API calls, aiding in security monitoring. Containerization is recommended, with the `docker-compose.yml` demonstrating hardened security options like `no-new-privileges:true`, `read_only: true`, `tmpfs`, `cap_drop: ALL`, and restricted `cap_add`. A dedicated `docs/SECURITY.md` file further outlines security considerations, best practices, and known limitations, indicating a proactive approach to security.
Updated: 2025-12-13GitHub
0
0
Medium Cost
jeanlopezxyz icon

mcp-redhat-cases

by jeanlopezxyz

Sec9

Manage Red Hat support cases and knowledge base through an AI assistant.

Setup Requirements

  • ⚠️Requires Java 21+ to be installed on the system.
  • ⚠️Requires a Red Hat API Token (REDHAT_TOKEN environment variable) for authentication, which must be generated from the Red Hat access portal.
  • ⚠️Requires a Red Hat Subscription with a support level (e.g., Premium, Standard); 'Self-Support' subscriptions cannot create cases.
Verified SafeView Analysis
The server correctly handles the sensitive REDHAT_TOKEN as an environment variable, preventing hardcoding. It interacts with official Red Hat and GitHub APIs for its functionality, and the cli.js script downloads the server JAR from GitHub releases, which is a standard practice for CLI tools. No use of 'eval' or other directly exploitable patterns were found.
Updated: 2025-12-12GitHub
0
0
Medium Cost
openpharma-org icon

pubmed-mcp

by openpharma-org

Sec9

Provides AI assistants and applications with search, metadata retrieval, and PDF access to PubMed's biomedical literature database.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️While not strictly required by the code, NCBI recommends using an API key for E-utilities to ensure higher request throughput and more consistent service. Without an API key, requests might be subject to stricter rate limits by NCBI.
Verified SafeView Analysis
The server primarily acts as a proxy to NCBI's official E-utilities API. It uses `axios` for network requests and `xml2js` for XML parsing. `xml2js` by default disables DTD parsing and external entity resolution, mitigating common XML-related vulnerabilities like XXE. There are no direct uses of `eval`, no hardcoded secrets, and no apparent obfuscation. The PDF download feature only provides a URL to NCBI's PMC, rather than serving files directly, which is a good security practice. The main risk is potential for abuse if not properly rate-limited at the application level by the end-user, as it can generate multiple requests to NCBI for a single search.
Updated: 2025-12-22GitHub
0
0
Medium Cost
bobmatnyc icon

md-book

by bobmatnyc

Sec3

Manages markdown books (read, write, structure) and exposes these operations as tools for AI assistants, enabling AI-driven book content generation and analysis.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires `uv` (recommended) or `pip` to be installed first for dependency management.
  • ⚠️Requires manual configuration of Claude Code's `.mcp.json` or running `mdbook setup` command which modifies user configuration files.
Review RequiredView Analysis
The MCP server and underlying services accept file system paths (e.g., `path` argument) directly from tool calls without explicit validation or sandboxing to restrict operations to a specific book's root directory. This creates a path traversal vulnerability where a malicious AI agent could potentially read, write, or modify arbitrary files on the host system that the `mdbook` process has permissions for. For example, by providing paths like `../../../etc/passwd` or `../../../.ssh/id_rsa`, an AI could exfiltrate sensitive system files or inject malicious content. The `release.py` script also uses `subprocess.run` with `shell=True`, which is generally discouraged, though this is for internal build processes, not core application functionality.
Updated: 2026-01-19GitHub
0
0
Medium Cost
ryan-crabbe icon

expo-dev-build-mcp

by ryan-crabbe

Sec8

Controls iOS devices for Expo development and debugging through Claude, enabling screenshots, log viewing, and app management.

Setup Requirements

  • ⚠️Requires macOS as iOS tools only work on Mac.
  • ⚠️iOS device must have Developer Mode enabled (iOS 16+).
  • ⚠️iOS 17+ devices require the `pymobiledevice3 remote tunneld` daemon to be run continuously with `sudo` in a separate terminal.
Verified SafeView Analysis
The server heavily relies on `subprocess.run` and `subprocess.Popen` to execute `pymobiledevice3` commands. Arguments are passed as lists of strings, which generally mitigates shell injection risks. No `eval` or obvious hardcoded secrets are present. The server operates locally via standard I/O (MCP Protocol), not opening network ports directly. Security is largely dependent on the trustworthiness and robustness of the `pymobiledevice3` library itself. The requirement to run `sudo pymobiledevice3 remote tunneld` externally introduces a dependency on elevated privileges, but this is outside the server's direct execution context.
Updated: 2026-01-17GitHub
0
0
Low Cost
cs50victor icon

homebrew-mcpx

by cs50victor

Sec9

Facilitates the installation of the 'mcpx' CLI client, a tool for interacting with Model Context Protocol (MCP) servers, via Homebrew.

Setup Requirements

  • ⚠️Requires Homebrew to be installed on macOS or Linux
  • ⚠️Relies on pre-compiled binaries from GitHub releases, which must be available for the user's specific architecture and OS
Verified SafeView Analysis
The repository contains a Homebrew formula (`Formula/mcpx.rb`) and a release script (`scripts/release.rb`). The formula defines how to download and install pre-compiled 'mcpx' binaries from GitHub releases, utilizing SHA256 checksums for integrity verification. The release script automates updating formula versions and checksums by fetching release data from the GitHub API. No 'eval' or obvious malicious patterns, hardcoded secrets, or obfuscation were found in the provided source code. The primary security consideration for the end-user relates to the trustworthiness of the 'mcpx' binary itself (which is external to this Homebrew tap's source code) and the integrity of the GitHub release process, both of which are mitigated by Homebrew's checksum verification during installation.
Updated: 2026-01-18GitHub
PreviousPage 581 of 713Next