Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
malconip icon

repo-mcp-server

by malconip

Sec8

An AI-powered code intelligence system that stores, searches, and analyzes structured knowledge about code files to integrate with Claude Desktop.

Setup Requirements

  • ⚠️Requires a Supabase account for PostgreSQL database (free tier available), including manual steps to create the project and retrieve the connection string.
  • ⚠️A `MCP_SECRET_KEY` must be generated (e.g., using `openssl rand -hex 32`) and explicitly set as an environment variable.
  • ⚠️Requires Python 3.11+ to run.
Verified SafeView Analysis
The system correctly uses environment variables for sensitive data like `DATABASE_URL` and `MCP_SECRET_KEY`, with deployment instructions emphasizing encrypted secrets. SQLAlchemy is used for database interactions, providing protection against common SQL injection vulnerabilities. CORS is implemented via `ALLOWED_ORIGINS` to restrict access. A warning is issued if the default `MCP_SECRET_KEY` is in use. No 'eval' or direct arbitrary command execution from user input is apparent.
Updated: 2025-12-01GitHub
0
0
Medium Cost

revolution-mcp-server

by zweischritte

Sec7

Serves as a knowledge context protocol (MCP) server, managing and exposing a specialized knowledge corpus for AI models.

Setup Requirements

  • ⚠️Requires Node.js and npm
Verified SafeView Analysis
Exposes a knowledge corpus via stdio and Streamable HTTP on port 3000, requiring REVOLUTION_HTTP_ENABLE=true for HTTP access. Standard network security practices should be applied if exposed externally.
Updated: 2025-11-23GitHub
0
0
Medium Cost
gauravdewani99 icon

playlist-matcher

by gauravdewani99

Sec8

Automatically organizes liked Spotify songs into existing playlists based on artist and genre similarity, and can run on a schedule.

Setup Requirements

  • ⚠️Requires creating a Spotify Developer app and obtaining a Client ID from the Spotify Developer Dashboard.
  • ⚠️Manual configuration of `~/.claude.json` with the server's command path and the `SPOTIFY_CLIENT_ID` environment variable is needed.
  • ⚠️Initial authentication requires an interactive browser-based OAuth flow to grant Spotify access.
  • ⚠️The scheduled job setup (using `launchd`) is specific to macOS and requires manual command execution for installation and management.
Verified SafeView Analysis
The server uses secure OAuth PKCE for Spotify authentication. Tokens are stored locally in the user's config directory, which is a standard practice for desktop applications. The `run-cron.sh` script, while hardcoding a `SPOTIFY_CLIENT_ID`, does not expose a critical secret as Spotify Client IDs for public clients (using PKCE) are not considered confidential. No 'eval' or malicious patterns were identified.
Updated: 2026-01-18GitHub
0
0
Medium Cost
draffetseder icon

sleeper-mcp

by draffetseder

Sec9

An MCP tool server exposing the Sleeper fantasy sports API, enabling AI models and agents to manage and query fantasy leagues.

Setup Requirements

  • ⚠️Requires Node.js v20.0.0 or higher.
Verified SafeView Analysis
The server uses axios with a fixed base URL to the public Sleeper API, which significantly mitigates Server-Side Request Forgery (SSRF) risks. Input arguments are directly interpolated into the URL path for Sleeper API endpoints; while the Sleeper API itself is expected to handle path sanitization, a highly malformed input could potentially access unexpected public Sleeper API endpoints within the same domain. There is no usage of 'eval', 'child_process', or direct file system access, and no hardcoded secrets were found. Data returned from the Sleeper API is stringified and relayed, so its content depends on what the public Sleeper API exposes.
Updated: 2026-01-19GitHub
0
0
Low Cost
shraddhamahajan93 icon

MCP-servers-with-Typescript

by shraddhamahajan93

Sec7

Implements a basic Minecraft Protocol (MCP) server in TypeScript, allowing clients to connect and interact through defined protocol phases such as handshake, status, login, and play.

Setup Requirements

  • ⚠️Requires Node.js runtime to execute
  • ⚠️Requires a TypeScript development environment (ts-node, tsc) for direct execution or compilation
Verified SafeView Analysis
The server is configured to listen on '0.0.0.0' (all network interfaces) by default, making it publicly accessible. The critical 'handleData' packet parsing logic is not fully visible and represents a potential area for vulnerabilities if not robustly implemented against malformed input. No 'eval' calls, obfuscation, or hardcoded sensitive secrets were found in the provided code snippets.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Mnehmos icon

trace-mcp

by Mnehmos

Sec7

Static analysis engine for detecting schema mismatches between data producers (MCP tools) and consumers (client code), offering code generation and continuous validation.

Setup Requirements

  • ⚠️File System Access & Permissions: The tool requires read/write access to specified project and source code directories. Care must be taken with `init_project` and `comment_contract` tools as they modify files and create directories, and path parameters should be trusted or carefully sanitized to prevent unintended file modifications outside the intended project scope.
  • ⚠️Language Support Discrepancy: While the `init_project` tool's schema suggests support for 'go' and 'rust' languages, the provided source code only includes parsers for 'typescript', 'python' (with basic regex parsing), and 'json_schema'. Users attempting to configure for Go or Rust will find these features unimplemented.
  • ⚠️Computational Intensity: For very large codebases or during active development in `watch` mode, the static analysis can be CPU and memory intensive, potentially impacting development machine performance. Caching helps but re-analysis of changed files is still required.
Verified SafeView Analysis
The server performs extensive local file system operations (read/write) based on user-provided paths for `rootDir`, `filePath`, `producerDir`, `consumerDir`, and `projectDir`. While `path.resolve` is used for normalization, an attacker with local access and appropriate file system permissions could exploit path traversal vulnerabilities (e.g., using `../../`) to read or modify files outside the intended project directories, especially with `addContractComments` (which modifies source files) and `init_project` (which creates project structures). The `json_schema` parser reads arbitrary JSON files, which could lead to denial-of-service if extremely large or malformed JSON is supplied. Communication is via standard I/O (stdio), which limits direct network exposure, but careful handling of user input is critical if integrated into other services.
Updated: 2025-12-11GitHub
0
0
Low Cost
muzahirabbas icon

MCP-Manager

by muzahirabbas

Sec9

Manages Model Context Protocol (MCP) server configurations across multiple local JSON files via a desktop GUI.

Setup Requirements

  • ⚠️Requires Python 3.8+
  • ⚠️Requires PySide6 library (`pip install PySide6`)
Verified SafeView Analysis
The application primarily interacts with local files chosen by the user. It uses standard JSON parsing (`json.load`, `json.loads`) and file system operations (`os.makedirs`, `shutil.copy2`, `os.replace`). There are no obvious remote execution vulnerabilities, network risks, hardcoded secrets, or malicious patterns like `eval()`.
Updated: 2026-01-17GitHub
0
0
High Cost
macjunkins icon

rapid-mcp-commands

by macjunkins

Sec9

Provides shared YAML command definitions for Rapid MCP Server implementations to perform various AI-assisted development tasks, including GitHub operations, documentation generation, and project analysis.

Setup Requirements

  • ⚠️Requires GitHub CLI (`gh`) installed and authenticated with appropriate permissions (e.g., 'Issues'/'Pull requests' write permissions for milestone creation).
  • ⚠️Requires Git CLI installed and configured.
  • ⚠️Many commands are tailored for Flutter/Dart projects, implicitly requiring `flutter` and `dart` CLIs for full functionality.
  • ⚠️GitHub CLI's lack of native milestone commands for 'gh milestone create' means `gh api` calls are used, which is a specific implementation detail.
Verified SafeView Analysis
The repository contains command definitions in Markdown format, which primarily describe interactions with Git and GitHub CLI. The workflows explicitly include 'Preview & Get Approval' steps before executing potentially destructive commands (`git push`, `gh pr create`, `gh issue close`, `gh api`). There is no 'eval' or direct malicious code present in the definitions. Security depends heavily on the execution environment of the Rapid MCP Server (not provided in this repository) and user oversight of command previews.
Updated: 2025-11-22GitHub
0
0
Medium Cost
xenoxavier icon
Sec3

Provides programmatic access to analyze TradingView Pine Script indicators via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js (>=18) if run locally or Docker if containerized.
  • ⚠️Expects Pine Script indicator files to be present in the server's current working directory or a mounted volume that makes them accessible.
  • ⚠️Designed to work with an MCP-compatible client like Claude Desktop, requiring specific configuration for interaction.
Review RequiredView Analysis
CRITICAL: The `analyze_indicator` and `extract_functions` tools are vulnerable to path traversal. The `indicatorName` argument is directly used in `readIndicatorFile` without validation against a whitelist of allowed files or sanitization (e.g., preventing `../` sequences). This allows an attacker to read arbitrary files from the server's working directory or parent directories (e.g., `../../package.json`, `../../Dockerfile`, or potentially other sensitive configuration files on the host system if Docker volume mounting isn't perfectly restrictive). Although the Docker volume is mounted as read-only, this still poses a significant information disclosure risk. Network risks are low due to stdio transport, and no obvious hardcoded secrets or 'eval' are present.
Updated: 2025-11-25GitHub
0
0
Low Cost
david-pizzi-cg icon

github-mcp-demo

by david-pizzi-cg

Sec9

Demonstrates a human-guided AI DevOps workflow using GitHub MCP Server and VS Code Copilot for issue tracking, code fixing, and pull request management.

Setup Requirements

  • ⚠️Requires VS Code with GitHub Copilot extension authenticated.
  • ⚠️Requires GitHub MCP Server to be installed and running (an external dependency).
  • ⚠️Requires a Git repository connected to GitHub with appropriate permissions for issues and pull requests.
Verified SafeView Analysis
The provided client-side JavaScript (`script.js`) for the World Clock application is safe, with no `eval`, direct external API calls (it simulates data), or hardcoded secrets. The overall security of the demo system depends on the GitHub MCP Server implementation and the permissions granted to GitHub Copilot, which are external components to this specific codebase.
Updated: 2025-11-22GitHub
0
0
Low Cost
zero-to-prod icon

mcp-template

by zero-to-prod

Sec8

This repository serves as a template for creating custom Model Context Protocol (MCP) servers in PHP, allowing developers to quickly scaffold and deploy tool-based services.

Setup Requirements

  • ⚠️Requires `php configure.php` execution after cloning to customize the template.
  • ⚠️Requires PHP 8.4 or higher.
  • ⚠️Docker is the recommended method for development and deployment.
Verified SafeView Analysis
The `configure.php` script uses `shell_exec` for system interactions (e.g., git config, grep), which is inherently risky if user input were directly passed. However, this script is designed for one-time developer setup and is not part of the runtime server. The core server runtime (`public/index.php`) does not show direct `eval` or `shell_exec` on untrusted input. Environment variables (`APP_DEBUG`, `MCP_DEBUG`, `APP_VERSION`) are used for configuration, which is good practice. File-based session storage (`storage/mcp-sessions`) requires appropriate file permissions. No obvious hardcoded secrets or malicious patterns were found in the provided runtime source code.
Updated: 2025-12-11GitHub
0
0
Medium Cost
omandotkom icon

oraclemcp

by omandotkom

Sec6

Enables LLMs to interact with Oracle databases for schema inspection and read-only query execution.

Setup Requirements

  • ⚠️Requires an existing Oracle Database instance for connection.
  • ⚠️Requires Go (1.18+) installed to build the executable.
  • ⚠️Requires setting three specific environment variables (`ORACLE_USER`, `ORACLE_PASSWORD`, `ORACLE_CONNECT_STRING`) for database connection.
Verified SafeView Analysis
The `sql-select` tool directly executes arbitrary `SELECT` or `WITH` SQL queries provided by the LLM. While this is its intended purpose, it means any LLM (or compromised input from an LLM) can query *any* data accessible by the configured `ORACLE_USER`. This poses a significant data exfiltration risk and potential for resource exhaustion (even if result rows are truncated, the query itself can be expensive). Error messages might expose internal database details. The `list-tables` and `get-table-schema` tools use parameterized queries or hardcoded SQL and are safer. Configuration is via environment variables, preventing hardcoded secrets. No 'eval' or similar dangerous functions were found.
Updated: 2026-01-19GitHub
PreviousPage 595 of 713Next