Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
eimmig icon
Sec8

Processes DOCX Sprint documents to extract hierarchical project information (Sprints, Stories, Subtasks) and generate Jira-formatted Markdown files, supporting agile documentation and workflow automation.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️DOCX input documents must strictly follow a defined hierarchical structure (Sprint -> Story -> Subtask) with specific keyword patterns for parsing success.
  • ⚠️Customizable output requires providing a 'templatesDir' containing 'sprint.md', 'story.md', and 'subtask.md' files.
Verified SafeView Analysis
The tool performs file system operations (read DOCX, write markdown) based on user-provided absolute paths (`docxPath`, `outputDir`, `templatesDir`). Users should ensure these paths are safe and do not point to sensitive system directories or arbitrary locations that could lead to data overwrite or unauthorized access if the host system isn't properly secured. The code itself does not contain 'eval', direct network communication beyond the MCP protocol, or hardcoded secrets.
Updated: 2025-11-24GitHub
0
0
Medium Cost
bcihanc icon

msu-mcp

by bcihanc

Sec8

Provides an MCP (Model Context Protocol) server for AI models to query payment transactions and customer details from the MSU (MerchantSafe Unipay) payment gateway.

Setup Requirements

  • ⚠️Requires Node.js >=18.0.0
  • ⚠️Requires MSU (MerchantSafe Unipay) merchant ID, user, and password set as environment variables for authentication.
  • ⚠️Responses are encoded in TOON (Token-Oriented Object Notation) format, not standard JSON, which requires specific parsing if not directly consumed by an LLM that supports TOON.
Verified SafeView Analysis
The server handles sensitive payment gateway credentials (MSU_MERCHANT, MSU_MERCHANT_USER, MSU_MERCHANT_PASSWORD) by requiring them as environment variables, which is a good practice for secret management. It communicates with the MSU API over HTTPS via standard fetch requests. No 'eval' or other obviously dangerous code patterns are present. Input validation uses maxLength for some parameters, but specific format validation (e.g., date formats) is implicitly left to the upstream MSU API. Overall, the code itself appears secure, relying on secure configuration for credentials.
Updated: 2025-11-24GitHub
0
0
Medium Cost
AllAboutAzure icon

Databricks-MCP

by AllAboutAzure

Sec4

The project analyzes and optimizes the performance of Databricks' Management Control Plane (MCP) server.

Setup Requirements

  • ⚠️Requires an existing Databricks workspace and an understanding of Databricks operations.
  • ⚠️Requires Serverless computes to be enabled for notebooks in the Databricks environment.
Review RequiredView Analysis
Only the `README.md` file was provided for analysis. The actual analysis code within `Mcp-Analysis.ipynb` is missing, making a comprehensive security audit impossible. The `README` itself contains no apparent security risks like 'eval', hardcoded secrets, or malicious patterns. However, the missing notebook could potentially contain such risks, especially given its role in analyzing a critical component like MCP. Thus, running this project without inspecting the notebook content is not recommended.
Updated: 2025-11-29GitHub
0
0
Low Cost
irobust icon

MCP-Workshop

by irobust

Sec8

Implements a basic Model Context Protocol (MCP) server using FastAPI to provide a discoverable and executable 'get_weather' tool for LLMs.

Setup Requirements

  • ⚠️Requires FastAPI and Pydantic libraries to be installed.
  • ⚠️Requires a Uvicorn server to host the FastAPI application.
Verified SafeView Analysis
The server dynamically calls tool functions using `**arguments` from the request. In this specific implementation, the `tool_registry` is fixed to a single, simple `get_weather` function which is not exploitable. However, if the server were extended with more complex or dynamically loaded tools, careful validation of input and tool logic would be critical to prevent arbitrary code execution or injection vulnerabilities. No hardcoded secrets or direct shell commands are present.
Updated: 2025-11-30GitHub
0
0
Low Cost
saktheeswar icon
Sec6

Enables AI agents to securely query Azure DevOps data (work items, projects, tickets) via a custom Model Context Protocol (MCP) server built with NestJS.

Setup Requirements

  • ⚠️Requires an Azure DevOps Personal Access Token (PAT) with appropriate permissions. The `ADO_PAT` environment variable should be set to your PAT.
  • ⚠️The `AUSER_NAME` environment variable is also required for Azure DevOps authentication, though for PATs, it can often be an arbitrary string or the PAT itself (the README's example `AUSER_NAME=your-personal-access-token` suggests using the PAT here).
Verified SafeView Analysis
The server correctly uses environment variables for Azure DevOps Personal Access Token (ADO_PAT) and username, which is good practice. However, the `/mcp` HTTP endpoint itself does not appear to have explicit authentication or authorization built into the provided source code (e.g., API keys, OAuth for the server's own API). If deployed publicly without additional security layers (like an API Gateway or VPN), any client could access and make queries to Azure DevOps via this server, limited only by the permissions of the configured ADO_PAT. The `express-rate-limit` is a dependency but its usage is not evident in the provided `MCPController` code to prevent abuse.
Updated: 2025-11-22GitHub
0
0
Medium Cost
nahidnstu12 icon

mcp-servers

by nahidnstu12

Sec1

Provides tools for code understanding and manipulation, including searching code, analyzing imports, getting project structure, and performing file operations within a defined project root.

Setup Requirements

  • ⚠️The 'PROJECT_ROOT' variable is hardcoded in 'mcp-server.js' and must be manually updated to the target project's absolute path for the server to function correctly.
  • ⚠️The server is intended to run within the Claude Desktop environment, leveraging its stdio transport.
  • ⚠️A critical security vulnerability exists allowing directory traversal, enabling unauthorized read/write access to files outside the specified project directory.
Review RequiredView Analysis
CRITICAL: The server is vulnerable to directory traversal attacks. The `read_file`, `write_file`, and `read_multiple_files` tools use `path.join(PROJECT_ROOT, args.path)` directly without sanitizing `args.path`. An attacker capable of sending tool requests could use `../` sequences in the `path` argument to read or write arbitrary files outside the intended project root (e.g., `/etc/passwd`). This is a severe vulnerability that grants broad file system access.
Updated: 2026-01-05GitHub
0
0
Medium Cost
slamb2k icon

glam-mcp

by slamb2k

Sec5

Orchestrates and automates various Git and GitHub development workflows, providing rich, contextual feedback and intelligent suggestions to AI agents or developers.

Setup Requirements

  • ⚠️Requires Git CLI installed and configured.
  • ⚠️Requires GitHub CLI (gh) installed and authenticated for GitHub-specific operations.
  • ⚠️Requires Node.js runtime and npm/yarn for package management/script execution.
Verified SafeView Analysis
Extensive use of `child_process.execSync` and `gh` CLI commands makes the server vulnerable to command injection if user inputs (or AI-generated inputs) are not thoroughly sanitized. While parameters are often quoted for Git commands, a comprehensive review of all user-provided strings passed to `execGitCommand` or `execSync` is crucial. Direct interaction with GitHub API requires a `GITHUB_TOKEN` and relies on `gh` CLI security. File system operations use `path.join` but inputs like `output_path` still need careful validation against directory traversal.
Updated: 2025-11-23GitHub
0
0
Medium Cost
pmc-a icon
Sec9

Provides a Model Context Protocol (MCP) server for accessing Fantasy Premier League (FPL) data and manager information via eight specialized tools.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Relies on the public and undocumented FPL API via the 'fpl-fetch' library, which may experience unexpected changes or downtime.
Verified SafeView Analysis
The server demonstrates robust security practices, including comprehensive input validation using Zod schemas for all tool arguments and centralized error handling with structured logging. No direct use of 'eval', code obfuscation, or hardcoded secrets were identified in the provided source. The primary external dependency, 'fpl-fetch', interacts with a public, undocumented FPL API, which introduces an inherent dependency risk of API changes not controlled by this project. However, the project's own implementation is securely designed.
Updated: 2026-01-19GitHub
0
0
Low Cost
unalluri icon
Sec9

Manages and securely retrieves API keys for various services (LLM, SaaS, Canva, internal) by exposing them as an MCP server.

Setup Requirements

  • ⚠️Requires Go 1.21+ for local development or Docker for containerized deployment.
  • ⚠️Environment variables must be manually configured in a `.env` file or via Docker for the server to function.
  • ⚠️An MCP client (e.g., Claude Code) is required to interact with the server via its JSON-RPC interface.
Verified SafeView Analysis
The server stores API keys exclusively in environment variables, preventing hardcoding. It explicitly lists supported keys, preventing arbitrary environment variable retrieval. The `list_api_keys` tool does not reveal key values, and `check_api_key_exists` masks found keys. The server runs via stdin/stdout, avoiding direct network exposure. Input validation is present for tool arguments. The primary security consideration is the secure management of the `.env` file or Docker secrets outside of the application's direct control, and how the calling MCP client handles the retrieved secrets.
Updated: 2026-01-19GitHub
0
0
High Cost
rodrigo-loayza icon

kg-mcp-server

by rodrigo-loayza

Sec3

An academic Model Context Protocol (MCP) server for Computer Science, providing contextualized information, code analysis, prerequisite navigation, and prompt generation by integrating vector search (RAG) with a Neo4j knowledge graph.

Setup Requirements

  • ⚠️Requires a running Neo4j database instance, which must be pre-populated by running the offline ETL pipeline (`main_etl.py`). The hardcoded Neo4j credentials ('neo4j', '12345678') are used for connection.
  • ⚠️Depends on pre-built HNSW index (`hnsw_index.bin`) and embedding files (`*_embeddings.npy`), which are generated by the offline ETL process (`hnsw_builder.py`, `generate_embeddings.py`). These files must exist in the specified `data/indices` and `data/processed` directories.
  • ⚠️Requires significant Python dependencies including `sentence-transformers`, `hnswlib`, `torch`, `neo4j`, `mcp-server`, `uvicorn`, `starlette`. A Python virtual environment is recommended and suggested in configurations.
  • ⚠️The `paraphrase-multilingual-mpnet-base-v2` embedding model (~1GB) will be downloaded by `sentence-transformers` on first load, which can take time and requires an internet connection.
Review RequiredView Analysis
The Neo4j database credentials (URI, user, password) are hardcoded in `config/config.yaml`. This is a critical security risk as these credentials could be exposed if the configuration file is committed to a public repository or used in an insecure environment. The server loads pre-built HNSW index and embedding files, which could pose a risk if generated from untrusted sources, though paths are fixed in this implementation. The `server_sse.py` variant exposes a network endpoint (0.0.0.0:8765), which could be a risk if not properly firewalled.
Updated: 2025-11-30GitHub
0
0
Medium Cost
0xRaduan icon

gmail-mcp

by 0xRaduan

Sec9

Manages Gmail operations, including sending, reading, searching, managing labels, and filters, through natural language interactions for AI assistants like Claude Desktop.

Setup Requirements

  • ⚠️Requires manual creation of a Google Cloud Project, enabling the Gmail API, and setting up OAuth 2.0 credentials (gcp-oauth.keys.json).
  • ⚠️Authentication requires a browser launch and a local HTTP server to run on port 3000; conflicts may arise if the port is in use.
  • ⚠️Sending emails from a custom 'from' address requires that address to be a verified send-as alias in Gmail settings.
Verified SafeView Analysis
The server follows good practices for handling OAuth credentials by storing them in a dedicated, non-version-controlled directory (~/.gmail-mcp/). It does not use `eval` on user-supplied input or contain obvious malicious patterns. The OAuth flow involves a local HTTP server on port 3000, which is standard for desktop applications and not inherently a risk if properly secured, but could conflict with other services. Attachment handling processes files locally without permanent server storage. Overall, it demonstrates robust security considerations for its intended use.
Updated: 2025-12-12GitHub
0
0
Low Cost
itcolombiaco icon

Wazuh-MCP-Server

by itcolombiaco

Sec1

Provides a server for a Model Context Protocol (MCP) specifically integrated with Wazuh, likely for context management.

Review RequiredView Analysis
No source code was provided beyond the README.md. Therefore, a comprehensive security audit for patterns like 'eval', obfuscation, network risks, hardcoded secrets, or malicious code could not be performed. The score of 1 reflects the inability to verify the safety or lack of vulnerabilities in the absence of code.
Updated: 2026-01-19GitHub
PreviousPage 600 of 713Next