Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
LLM-Coding icon
Sec3

An embedded MCP server running on a UNIHIKER K10 board, enabling AI assistants like Claude to control its physical hardware over HTTP.

Setup Requirements

  • ⚠️Requires a physical UNIHIKER K10 development board.
  • ⚠️Requires MicroPython and the 'microdot' library to be installed on the K10 board (manual installation may be needed).
  • ⚠️Mandates WiFi connectivity on a 2.4 GHz network, and configuration (SSID/password) must be hardcoded into 'boot.py'.
  • ⚠️Camera/TinyML features cannot be used simultaneously with WiFi due to MicroPython memory/driver constraints.
Review RequiredView Analysis
CRITICAL: The server explicitly states 'No authentication by default' and 'No TLS support' (due to MicroPython limitations). It binds to '0.0.0.0' and uses 'Access-Control-Allow-Origin: *', making it fully exposed and controllable by any device on the local network without credentials. This is a severe security risk for any deployment beyond an isolated, controlled educational environment. Input validation for tool arguments should be strictly implemented to prevent injection attacks.
Updated: 2025-11-21GitHub
0
0
High Cost
coleritchiee icon

NeoForm

by coleritchiee

Sec9

Fine-tuning a small-scale code generation Large Language Model (LLM) using LoRA, specifically tailored for generating NeoForge (Minecraft modding platform) related code.

Setup Requirements

  • ⚠️Requires a CUDA-enabled GPU (NVIDIA, compute capability >= 8 for bfloat16) for practical training and efficient inference; CPU fallback is available but will be extremely slow.
  • ⚠️Requires manual preparation of input data: Minecraft mod repositories must be placed in `data/input/` and processed using `training/DataProcessing.py` and `training/BuildLMDataset.py` to create the `data/lm_corpus.jsonl` corpus before training.
  • ⚠️Relies on a specific base model ('Qwen/Qwen2.5-Coder-0.5B-Instruct') and Hugging Face libraries, which need to be installed in a Python environment.
Verified SafeView Analysis
The project primarily involves local data processing and model training/inference, with no apparent direct network exposure or server-side vulnerabilities. The `DataProcessing.py` script reads arbitrary code files from a local input directory to build a corpus; while it attempts to handle large files and encoding errors, processing untrusted code files (even without execution) always carries a very minor theoretical risk of parser-level vulnerabilities if the tool were to be exposed to external, malicious inputs. However, for its intended use as a local development tool, it is highly safe. No 'eval' or malicious patterns are detected.
Updated: 2025-11-30GitHub
0
0
Medium Cost
intelligencebank icon

ib-api-doc-mcp-server

by intelligencebank

Sec9

This MCP server provides tools to access IntelligenceBank API documentation from Postman collections and generate AI actions based on specific requests.

Setup Requirements

  • ⚠️Requires a Postman API Key with collection and workspace read access, obtainable from the IntelligenceBank Postman account.
  • ⚠️Requires Node.js and npm for installation and execution.
  • ⚠️Needs manual configuration within the MCP settings file (`mcp_settings.json`) to define the server command, arguments, environment variables, and explicitly allow tools in the 'alwaysAllow' array.
Verified SafeView Analysis
The server retrieves the Postman API key from environment variables (POSTMAN_API_KEY), which is a good practice for sensitive information. It connects to a legitimate Postman API endpoint via HTTPS. While it generates code based on Postman request bodies (e.g., 'raw' content), this content originates from the Postman collection itself, not direct user input to the generation function, mitigating direct code injection risks within the server. The generated code is intended for external consumption and should be reviewed before execution. Hardcoded collection IDs are for IntelligenceBank's internal use, not a general security flaw.
Updated: 2025-12-03GitHub
0
0
Medium Cost
ttww97 icon
Sec1

This project likely provides a server component for a workshop related to Minecraft Mod Coder Pack (MCP), possibly for educational or development purposes at a DevFest event.

Review RequiredView Analysis
Source code was explicitly stated as 'Truncated' but no content was provided for analysis. Therefore, a security audit for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns could not be performed. Running this without reviewing its code is strongly discouraged as its safety and integrity cannot be verified.
Updated: 2025-11-22GitHub
0
0
High Cost
CELtd icon
Sec9

Provides Filecoin economic forecasting and historical data tools to AI agents like Claude.ai via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Fly.io CLI and Docker for deployment.
  • ⚠️Requires a configured Filecoin API server (`mechafil-server`) instance to be running and accessible via `MECHAFIL_SERVER_URL`.
  • ⚠️Initial cold start times can be significant (~5s for this MCP server, ~15s for the underlying API server if it's also cold).
  • ⚠️The `MECHAFIL_SERVER_URL` environment variable must be correctly set to point to the Filecoin API server.
Verified SafeView Analysis
The server employs Pydantic for robust input validation and relies on environment variables for sensitive configurations like the upstream API URL, mitigating hardcoded secret risks. There are no direct uses of `eval` or `exec` with user-controlled input, enhancing code safety. The `_render_system_prompt` function includes local documentation files using hardcoded relative paths, preventing arbitrary file access. CORS is set to `Access-Control-Allow-Origin: *`, which is permissive but typical for public-facing AI agent connectors. Overall, security practices are well-implemented.
Updated: 2026-01-09GitHub
0
0
Low Cost
layer5-5 icon
Sec2

Pipedrive CRM integration with Layer55 authentication for AI assistants using Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Python 3.11+ required.
  • ⚠️Access to Layer55 API (external dependency) is mandatory for user token retrieval.
  • ⚠️CRITICAL: The server's own API key for inbound requests ('VALID_API_KEYS' environment variable for APIKeyAuthenticator) defaults to accepting *any* non-empty string in development mode. This must be explicitly configured in production for security.
  • ⚠️Docker and Docker Compose recommended for deployment.
  • ⚠️The /mcp/initialize and /mcp/tools/public endpoints are unauthenticated in the code, despite README stating JWT is required for all MCP endpoints.
Review RequiredView Analysis
CRITICAL: The server's default configuration for API key validation (used for '/mcp/tools/call') accepts *any* non-empty API key if 'VALID_API_KEYS' environment variable is not explicitly set. This makes the tool execution endpoint vulnerable to unauthorized access in its default state, even with warnings in the code. Furthermore, '/mcp/initialize' and '/mcp/tools/public' endpoints are *unauthenticated* in the provided source code (main.py), directly contradicting the README's claim that all MCP endpoints require JWT. The default 'JWT_SECRET_KEY' is also a fallback 'dev-fallback-key-change-in-production', which is highly insecure for production. Permissive CORS ('*') is also configured by default. These issues combine to create a very low security posture out-of-the-box.
Updated: 2025-12-06GitHub
0
0
Medium Cost
SocioLogicAI icon

signal-relay

by SocioLogicAI

Sec9

Connects AI agents to SocioLogic's synthetic persona platform for market research, customer intelligence, and product validation through natural conversation.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment and execution.
  • ⚠️A SocioLogic API Key is required for authentication and usage, which must be obtained from sociologic.ai/dashboard/api-keys.
  • ⚠️Requires Node.js v18+ and the Cloudflare `wrangler` CLI for self-hosting and deployment.
Verified SafeView Analysis
The server is implemented as a stateless Cloudflare Worker, inherently limiting certain attack vectors (e.g., persistent storage, direct OS access). It enforces API key authentication via headers, uses Zod for robust input validation on all tool parameters, and limits request body size (1MB) to mitigate DoS attacks. There are no apparent uses of `eval` or similar dangerous dynamic code execution. The security policy (`SECURITY.md`) is well-defined, advising safe harbor for responsible disclosure and best practices for users. The use of HTTPS is mandatory. It explicitly states 'no data stored on edge'.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Neuss-Consulting icon

mcp-mail

by Neuss-Consulting

Sec5

Provides mail functionality as an MCP server.

Review RequiredView Analysis
Security analysis is severely limited as only the README.md was provided; no actual source code was available for audit. Therefore, it was impossible to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. The score reflects an inability to assess, rather than inherent danger or safety.
Updated: 2025-11-23GitHub
0
0
High Cost
mohan-ganesh icon
Sec2

AI-powered conversational orchestration system that integrates with various microservices (billing, email) and Google Cloud AI services (Text-to-Speech, Speech-to-Text, Large Language Models, Google Cloud Storage, Optical Character Recognition) to provide dynamic, context-aware responses and execute domain-specific tasks for users.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with billing enabled and APIs (Firestore, GCS, Text-to-Speech, Speech-to-Text, Gemini LLM) enabled, with appropriate service account permissions for application default credentials.
  • ⚠️Relies on external MCP microservices (e.g., appointment, benefits, billing, email) to be deployed and accessible at specific, potentially hardcoded, URLs (e.g., `mcp.server.urls` configuration).
  • ⚠️An external authentication service is required for user token validation, configured via `auth.token.info.url` and `auth.token.identity.domain` properties.
  • ⚠️The `EmailToolService` in `mcp_email_server` attempts to use `https://api.sendgrid.com/v3/mail/send`, implying a SendGrid account and API key are needed for functional email sending.
  • ⚠️SSL/TLS certificate validation is globally disabled; for any production deployment, this critical vulnerability must be addressed by removing `trustAllCertificates()` and configuring proper certificate management.
Review RequiredView Analysis
Critical security risks include a global disablement of SSL/TLS certificate validation (`trustAllCertificates()` in `AdkClientBase.java` and `OcrCall.java`), explicitly noted as 'insecure for production'. This renders all network communication vulnerable to man-in-the-middle attacks. There is a hardcoded 'Bearer hello' authentication token used when loading tools from MCP servers (`AdkClientBase.java`), enabling unauthorized access to those tools. Furthermore, permissive CORS settings (`allowedOriginPatterns('*')` with `allowCredentials(true)` in `WebConfig.java` across multiple modules) open the door to Cross-Site Request Forgery (CSRF) and other attacks. These issues make the application highly unsafe for production environments.
Updated: 2026-01-10GitHub
0
0
Medium Cost
nohuiam icon
Sec3

The Consciousness MCP server acts as a meta-awareness layer for a larger ecosystem, collecting, analyzing, and synthesizing operational data, attention events, and patterns from other participant servers to provide insights, predictions, and action suggestions.

Setup Requirements

  • ⚠️Requires `config/interlock.json` to be correctly configured with peer details for full ecosystem awareness, as it heavily relies on InterLock UDP communication.
  • ⚠️Uses an embedded SQLite database (`better-sqlite3`), requiring write permissions to the specified database path (defaults to `./data/consciousness.db`).
  • ⚠️Its full functionality and 'awareness' depend on other Model Context Protocol (MCP) servers (e.g., neurogenesis-engine, verifier-mcp) within the ecosystem sending it signals.
Review RequiredView Analysis
The server has critical network security vulnerabilities due to a complete lack of authentication and authorization mechanisms for both its HTTP REST API and WebSocket interfaces. It broadly enables CORS ('Access-Control-Allow-Origin: *') for HTTP, meaning any website can directly interact with it. The `POST /api/tools/:toolName` endpoint allows unauthenticated execution of any registered tool with arbitrary arguments. Similarly, WebSocket connections are unauthenticated, allowing any client to connect, receive internal awareness broadcasts, and send messages, some of which trigger internal state updates (e.g., subscribing, getting status). While the tools are designed for introspection, a malicious actor could trigger resource-intensive operations or gain sensitive internal information, leading to denial-of-service, information disclosure, or manipulation of the ecosystem's 'awareness'. There are no visible hardcoded secrets or 'eval' usage, but the open network access is a severe risk.
Updated: 2026-01-17GitHub
0
0
High Cost
Darkstar326 icon

log_analyzer_mcp

by Darkstar326

Sec3

This MCP server and CLI client provide tools for analyzing log files, managing test runs, and generating code coverage reports, primarily for AI-assisted development workflows.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires Hatch for project and dependency management.
  • ⚠️Requires `uvx` for easy local installation of released packages via `uvx log-analyzer-mcp` or as referenced in release scripts.
Review RequiredView Analysis
The `scripts/release.sh` contains an `eval` command to execute `uvx` for package installation, with arguments sourced from environment variables and command-line inputs. This creates a critical command injection vulnerability if an attacker can control these inputs. Additionally, the `_run_tests` function in `log_analyzer_mcp_server.py` constructs and executes `hatch test` commands, incorporating user-provided `agent` and `pattern` strings into `pytest -k` filters. While `pytest -k` expressions are usually treated as Python expressions, care must be taken to ensure no shell injection is possible with malicious inputs. The `_get_target_log_files` function correctly confines file searches to the project root, which is a good security practice.
Updated: 2025-12-02GitHub
0
0
Low Cost
vinaykaushik5555 icon

employee_fastapi_mcp_server

by vinaykaushik5555

Sec2

A Leave Management System offering both a FastAPI REST API and a FastMCP interface for employee and admin functionalities.

Setup Requirements

  • ⚠️Requires Python 3.12+.
  • ⚠️Uses plain-text passwords for storage and authentication, which is a critical security vulnerability and not suitable for production.
  • ⚠️A default admin user (username: 'admin', password: 'admin') is created automatically, posing a significant security risk if not changed immediately after setup.
  • ⚠️The SQLite database file is configured to store in `/tmp/leave_management.db` by default, leading to potential data loss upon system restarts or `/tmp` directory clearance.
Review RequiredView Analysis
CRITICAL: Passwords are stored in plain text in the SQLite database (e.g., 'admin' password, new employee passwords). Basic Authentication uses plain-text password comparison without hashing. A default admin user 'admin' with password 'admin' is created automatically, which is a major security risk if not immediately changed. The in-memory token storage for MCP is not persistent, making session management fragile.
Updated: 2025-11-23GitHub
PreviousPage 605 of 713Next