Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
deeprave icon

mcp-guide

by deeprave

Sec9

The MCP server provides project documentation and development guidance, enabling AI agents to manage project configuration (categories, collections, feature flags), access content, track workflow state, and interact with the filesystem in a secure manner. It also includes client context detection (like OpenSpec CLI presence) and dependency vulnerability checking.

Setup Requirements

  • ⚠️`uv` command-line tool (for vulnerability scanning in `osvcheck.py`).
  • ⚠️`debugpy` Python package (for remote debugging if `MG_DEBUG` is enabled).
  • ⚠️`pygments` Python package (for enhanced code highlighting in templates).
Verified SafeView Analysis
Comprehensive filesystem security is implemented with explicit read/write policies, path traversal prevention, and system directory blacklisting. External API calls (e.g., to osv.dev) are enforced to use HTTPS. No direct `eval()` usage or hardcoded secrets were observed. A specific tool (`set_filesystem_trust_mode`) exists that can explicitly disable all filesystem security, which is a potential risk if misused by an agent.
Updated: 2026-01-18GitHub
0
0
Medium Cost
4bd4ll4h icon
Sec2

This MCP server provides LLMs with browser automation capabilities using Puppeteer, primarily to assist in generating high-quality, reliable web-scraping scripts.

Setup Requirements

  • ⚠️Requires a Google Gemini API key for the `get_screenshot_interpretation` tool to be enabled. Without it, the tool will not be available.
  • ⚠️The server launches a Chromium browser via Puppeteer, which may download a large binary on first run and requires sufficient system resources.
  • ⚠️Requires Node.js version 18 or higher.
Review RequiredView Analysis
CRITICAL RISK: The `execute_js` tool allows the LLM to execute arbitrary JavaScript code within the browser context using `new Function()`. This is highly dangerous as a malicious LLM could run any code, potentially leading to XSS attacks, data exfiltration, or other severe vulnerabilities. Additionally, the `browserConfig.json` sets `headless: false` and uses `--no-sandbox` for Puppeteer, which disables critical browser security mechanisms, making the browser instance more vulnerable. While API keys are externalized, the core functionality of executing arbitrary code within an unsandboxed browser poses a significant security threat. Therefore, running this server is not recommended without significant security hardening.
Updated: 2025-12-08GitHub
0
0
High Cost
mimanshaherbals-bot icon

Skolverket-MCP

by mimanshaherbals-bot

Sec9

Provides Large Language Models (LLMs) with access to Swedish educational open data for querying, parsing, and integrating information from various Skolverket API endpoints.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Requires an active internet connection to access Skolverket's external APIs.
Verified SafeView Analysis
The server uses environment variables for sensitive configurations like API keys (though currently the target Skolverket APIs are public and do not require keys, according to the `SECURITY.md`). It employs structured logging, routing console output to `stderr` as required by the Model Context Protocol (MCP). External API calls are handled with retry logic and rate limiting. No `eval` or arbitrary command execution patterns were found in the provided source code. File system operations are limited to creating log directories. The `SECURITY.md` explicitly addresses supported versions, vulnerability reporting, and security best practices.
Updated: 2026-01-19GitHub
0
0
High Cost
dracor-org icon
Sec8

Automated evaluation of LLM tool-calling capabilities against the DraCor API for digital humanities research.

Setup Requirements

  • ⚠️Requires an Anthropic API Key (Paid service, may incur significant costs depending on usage).
  • ⚠️Requires Python 3 and installation of dependencies (e.g., `anthropic`, `pydracor`, `jsonschema`).
Verified SafeView Analysis
The system interacts with external APIs (Anthropic, DraCor). API keys (Anthropic) are expected to be managed via environment variables, which is a good security practice. The use of a JavaScript REPL is noted, but this is part of the simulated environment being evaluated by the `automatic_prompting.py` script, not an inherent vulnerability in the evaluation script itself. No direct 'eval' or obvious malicious patterns are present in the provided source code snippets for the evaluation script.
Updated: 2026-01-17GitHub
0
0
High Cost
hackermanishackerman icon

claude-skills-vault

by hackermanishackerman

Sec7

Automates browser interactions for web scraping, UI testing, and workflow automation.

Setup Requirements

  • ⚠️Requires Node.js v18+
  • ⚠️Requires Chromium (auto-installed by Puppeteer)
Verified SafeView Analysis
The actual source code for the `@anthropic-ai/mcp-puppeteer` package was not provided for a direct security audit. The analysis is based solely on the provided README. As an Anthropic-maintained package, a baseline level of security practices is assumed. However, browser automation tools inherently carry risks related to interacting with untrusted web content, potential data exfiltration if misused, and exposure to vulnerabilities in the browser or the automation library itself. The tool runs headless Chrome by default and includes features like `evaluate` which can execute arbitrary JavaScript, requiring careful use to prevent security issues. No direct signs of 'eval', obfuscation, or hardcoded secrets were visible in the provided description, but these cannot be verified without the full source code.
Updated: 2026-01-19GitHub
0
0
High Cost
Sidharth-e icon

GENIE

by Sidharth-e

Sec7

A production-ready full-stack framework for building intelligent AI agents using LangGraph & MCP, offering a wide range of built-in tools for analytics, finance, data, visualization, utilities, web, and code.

Setup Requirements

  • ⚠️Requires a running MongoDB instance, typically on localhost:27017 by default.
  • ⚠️Relies heavily on external LLM providers (Google Gemini, OpenAI GPT, Anthropic Claude) and authentication services (Google OAuth, Azure AD), which require obtaining and configuring API keys for paid services.
  • ⚠️Involves a dual setup process: a Python backend (`genie_server`) and a Next.js frontend (`genie_client`), both with their own dependency management (`pip`, `pnpm`).
Verified SafeView Analysis
The server-side Python code uses standard libraries and `FastMCP`. Frontend executes user-provided code in a sandboxed iframe. However, tools that take dictionary inputs for database queries (`get_userData`) or string inputs for regex patterns (`test_regex`) can introduce risks (NoSQL injection, ReDoS) if LLM-generated arguments are not adequately sanitized and validated against malicious user input. Large file uploads for document processing may also pose resource exhaustion risks.
Updated: 2025-12-14GitHub
0
0
Low Cost
ankitpyc icon
Sec5

Provides a Model Context Protocol (MCP) interface for managing Google Drive files and folders.

Setup Requirements

  • ⚠️Critical authentication method mismatch: The Go code implements an interactive OAuth 2.0 flow, while the README suggests a service account. This will likely cause the server to hang awaiting manual authorization input, even when service account credentials are provided.
  • ⚠️Requires a Google Cloud Project with the Google Drive API enabled and a service account with 'Drive File Organizer' or 'Drive Editor' roles.
  • ⚠️Requires Docker or Podman for building and running the server, including understanding of volume mounts for credentials and token storage.
Verified SafeView Analysis
The primary security concern is the critical discrepancy in authentication methods. The README and `docker run` command instruct users to configure a Google Service Account via `GOOGLE_APPLICATION_CREDENTIALS`, which is suitable for automated server deployments. However, the Go source code (specifically in `pkg/driveapi/client.go`) implements an interactive OAuth 2.0 flow, requiring an `Oauth.json` client secret and manual user input for an authorization code. This mismatch means the server, as currently coded, will not utilize the provided service account credentials and will likely hang awaiting manual user authorization, making it unsuitable for automated server operation. Hardcoded paths for OAuth client secrets (`/app/secrets/Oauth.json`) and tokens (`/app/data/token.json`) are used internally, requiring careful management of Docker volume mounts. No direct 'eval' or malicious code patterns were found.
Updated: 2025-11-30GitHub
0
0
Low Cost
krkrkrr icon
Sec9

A command-line interface tool for quickly scaffolding new MCP server projects using Python and fastmcp.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires uv package manager (https://docs.astral.sh/uv/)
Verified SafeView Analysis
The code primarily involves file generation and templating. It uses Jinja2 for rendering templates and standard Python libraries for file system operations. The `sanitize_package_name` function safely converts user input for Python package names, mitigating risks from malformed inputs. There's no use of 'eval' or other highly dangerous dynamic execution methods. The primary 'risk' is if the embedded templates themselves were malicious, but they are part of the repository and not user-supplied. No hardcoded secrets or direct network attack vectors were identified within the scaffolding tool's source.
Updated: 2026-01-19GitHub
0
0
Medium Cost
nickzer0 icon

mcp-debugserver

by nickzer0

Sec7

Provides a robust interface for an LLM or agent to debug Windows processes using WinDbg/CDB.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires Windows Debugging Tools (cdb.exe, dbgsrv.exe) to be installed from the Windows SDK.
  • ⚠️Requires administrator privileges to attach to many processes.
  • ⚠️The 'arch' environment variable (x86/x64) must be set to match the target process architecture to avoid RPC errors.
Verified SafeView Analysis
The server acts as a wrapper around WinDbg/CDB, which inherently requires high system privileges (e.g., administrator rights) to attach to and debug processes. This makes the tool powerful and, if compromised or misused by an untrusted agent, capable of significant system impact. The codebase itself does not contain obvious malicious patterns like 'eval' or hardcoded credentials. It relies on 'subprocess.Popen' for execution of external debuggers and 'os.kill' for sending break signals, which are legitimate operations for a debugging tool. The primary security consideration is the inherent power of debugging tools and the necessary elevated permissions required for their operation.
Updated: 2025-12-01GitHub
0
0
Low Cost
optimalhorror icon

rpg-mcp-server

by optimalhorror

Sec9

Manages D&D-style RPG campaign data, including combat, NPCs, and bestiary entries, for AI assistance.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️Requires 'uv' (a modern Python package manager) for installation and running.
  • ⚠️Utilizes local JSON files for all data storage by default, not a database, requiring proper file system management.
  • ⚠️Designed to be run as an MCP server, typically connected to an AI agent like Claude Desktop, rather than a standalone application.
Verified SafeView Analysis
The server primarily handles local file I/O for data persistence within a dedicated 'campaigns' directory. File paths are safely constructed using a `slugify` function, which effectively prevents directory traversal attacks. There are no 'eval', 'exec', or direct network exposure points (communication is via standard I/O using MCP). No hardcoded secrets were found. The primary security considerations would be file system permissions in the deployment environment and ensuring the integrity of the local JSON data files.
Updated: 2025-11-26GitHub
0
0
Low Cost
bioanywhere icon
Sec9

Deploys and manages a generic MCP server application using Docker.

Setup Requirements

  • ⚠️Docker required
  • ⚠️Port 3000 must be available on host
Verified SafeView Analysis
The provided Docker deployment configuration (`docker-compose.yml`, `run.sh`) adheres to strong security practices: no hardcoded secrets, 'eval' or malicious patterns observed. Secrets for CI/CD (`GCP_CREDENTIALS`, `GCP_PROJECT_ID`) are explicitly managed outside the repository. The container runs on a standard non-privileged port and uses a volume for data persistence. A full audit would require the application's Dockerfile and source code, but the deployment setup itself is secure.
Updated: 2025-12-02GitHub
0
0
Low Cost
MadanReddy6 icon

weather-MCP-server

by MadanReddy6

Sec9

This server provides a tool to fetch current weather information for a specified location using the OpenWeatherMap API.

Setup Requirements

  • ⚠️Requires OpenWeatherMap API Key (free tier available)
  • ⚠️Requires Python 3.x
  • ⚠️Requires 'httpx', 'python-dotenv', and 'fastmcp' Python libraries
Verified SafeView Analysis
The API key (OPENWEATHER_API_KEY) is properly loaded from environment variables via python-dotenv, preventing hardcoding of secrets. No 'eval' or similarly dangerous functions are used. Network requests are made using the standard 'httpx' library. The application appears secure for its intended purpose.
Updated: 2025-12-02GitHub
PreviousPage 594 of 713Next