Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
kotappa19 icon
Sec9

This project provides an MCP (Model Context Protocol) server for weather data and an AI client that uses Claude to process natural language queries and execute the server's weather tools.

Setup Requirements

  • ⚠️Requires ANTHROPIC_API_KEY (Paid LLM service).
  • ⚠️Requires Python 3.13 or newer, which is currently a pre-release version and may not be readily available for all users.
Verified SafeView Analysis
The server's tools interact with a known external API (NWS API) and perform specific, well-defined functions. Inputs to tools are simple types (string, float), mitigating direct code injection risks. The client passes LLM-generated arguments to the server's tools, but the MCP framework and tool signatures provide a layer of validation. No 'eval' or other direct code execution patterns were found.
Updated: 2025-11-20GitHub
0
0
Medium Cost
owen-lacey icon

timesheets-mcp

by owen-lacey

Sec9

Manages timesheet entries, activities, responsibilities, competencies, and evidence using Notion databases through a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires a Notion API Key and access to Notion databases configured as specified.
  • ⚠️Database IDs for Timesheets, Activities, Responsibilities, Topics, Competencies, and Evidence must be set as environment variables; `TIMESHEETS_DB_ID` is strictly required, others are optional but necessary for respective tools.
  • ⚠️Requires a Node.js environment and `npm install` for dependencies, followed by `npm run build` to compile TypeScript.
Verified SafeView Analysis
The server correctly loads API keys and database IDs from environment variables, preventing hardcoding of secrets. Input validation is performed using Zod schemas, mitigating risks from malformed inputs. There are no direct usages of `eval` or other obvious dynamic code execution vulnerabilities within the provided application code. Network interactions are confined to the Notion API via `node-fetch`. The server runs as a `StdioServerTransport` for MCP, implying it's not directly exposed to the network as an HTTP server, reducing external attack surface. Error handling includes catching and returning messages, which is good; however, Notion API errors might occasionally expose some internal details if not sanitized further by a wrapper.
Updated: 2026-01-08GitHub
0
0
High Cost
robertelee78 icon

image-gen-mcp-server

by robertelee78

Sec9

A production-ready Model Context Protocol (MCP) server for multi-provider AI image generation and editing, with intelligent provider selection and enterprise-grade security.

Setup Requirements

  • ⚠️Requires API keys for at least one of 10 external image generation providers (e.g., OPENAI_API_KEY, RECRAFT_API_KEY).
  • ⚠️Generated images are saved to disk, defaulting to `.image-gen-mcp/` in the current working directory, which might not be persistent or writable in all environments. The `IMAGE_OUTPUT_DIR` environment variable can customize this.
  • ⚠️The `IMAGE_SERVER_URL` environment variable (defaults to `http://192.168.1.201:6002`) must point to an accessible server for inline image display in markdown responses; otherwise, image URLs in responses will be broken.
Verified SafeView Analysis
The server demonstrates strong security practices including Zod validation with strict enforcement, buffer size limits (10MB), prompt length limits, API key validation against placeholders, and rate limiting. Image fetching from external URLs is a potential SSRF vector, but mitigated by size limits and robust error handling. File I/O for generated images is managed with a configurable output directory, unique filenames, and automatic cleanup of old files, reducing disk exhaustion risks. The use of the 'sharp' library, while standard, should be monitored for potential vulnerabilities.
Updated: 2025-11-28GitHub
0
0
Low Cost
kakehashi-inc icon

mcp_server_manager

by kakehashi-inc

Sec8

An Electron-based GUI application for managing, monitoring, logging, and exposing (via ngrok and HTTPS proxy) local Model Context Protocol (MCP) servers, with features like auto-start/restart and WSL support.

Setup Requirements

  • ⚠️Requires Node.js 22.x or higher.
  • ⚠️Requires Yarn 4.
  • ⚠️Windows Developer Mode must be enabled for running unsigned local builds/releases.
  • ⚠️Ngrok authentication token is required for ngrok functionality.
  • ⚠️OIDC configuration (URL, client ID, client secret, allowed users) is required if `mcp-auth-proxy` is used for a server.
Verified SafeView Analysis
The application employs standard Electron security practices, including context isolation and controlled IPC communication, and arguments for child process spawning are quoted. No direct code injection vulnerabilities were found. However, its core function involves executing user-defined commands and exposing local network services (via ngrok or HTTPS proxy). Sensitive configurations like ngrok authentication tokens and OIDC secrets are stored in the `config.json` file located in `~/.mcpm`. Compromise of this local configuration file could allow an attacker with file system access to execute arbitrary commands or expose unauthorized services. The HTTPS proxy defaults to listening on `0.0.0.0`, which should be noted.
Updated: 2025-12-19GitHub
0
0
Medium Cost
ashwinnmit icon

Leetcode-MCP

by ashwinnmit

Sec8

A custom server to track and store personal LeetCode progress, exposing progress data as MCP tools.

Setup Requirements

  • ⚠️Requires Docker to run the LeetCode API proxy locally.
  • ⚠️Requires a local LeetCode API proxy running on port 3000.
  • ⚠️Requires Python 3.12 or newer.
Verified SafeView Analysis
The server uses parameterized queries for SQLite, preventing SQL injection. It relies on a local, open-source LeetCode API proxy, which shifts some security responsibility to the proxy's implementation. Username parameters are passed directly to the proxy URL without explicit sanitization, but this is a minor risk assuming the proxy handles typical LeetCode usernames robustly. No hardcoded secrets or 'eval' statements were found.
Updated: 2025-12-07GitHub
0
0
Medium Cost
TimoWilhelm icon
Sec5

An unauthenticated Model Context Protocol (MCP) server deployed on Cloudflare Workers, providing API access to basic arithmetic, Cloudflare AI-powered text generation (Llama 3.1), and image generation (Flux 1) tools.

Setup Requirements

  • ⚠️Requires a Cloudflare account with Workers AI enabled and configured.
  • ⚠️Deployment is inherently unauthenticated; requires external Cloudflare access controls (e.g., Cloudflare Access or WAF rules) if exposed publicly to prevent abuse and manage costs for AI services.
Review RequiredView Analysis
The server is explicitly designed "without authentication" (`Authless Calculator`). This means anyone with the deployed URL can invoke its tools, including calls to Cloudflare's paid AI models. This poses a significant risk of misuse, abuse, and unexpected cost accumulation if deployed publicly without additional, external access controls (e.g., Cloudflare Access, WAF rules). No internal code vulnerabilities like `eval` or hardcoded secrets were found in the provided source code.
Updated: 2026-01-19GitHub
0
0
Low Cost
krzysztofbarangit icon

badamygeny

by krzysztofbarangit

Sec8

A Minecraft proxy server for intercepting and modifying game traffic between a client and a target server.

Setup Requirements

  • ⚠️Requires Node.js installed
  • ⚠️Run `npm install` to resolve dependencies
Verified SafeView Analysis
The server is a network proxy, inherently requiring network exposure. The provided code does not contain 'eval', obfuscation, or hardcoded secrets. It logs chat messages and player positions, which is standard for game servers. Basic security best practices for network services should be followed during deployment.
Updated: 2025-11-28GitHub
0
0
Low Cost

prolex-mcp

by ProlexAi

Sec1

A server component potentially designed to interact with or implement aspects of the Minecraft Protocol, which could be used for custom game mechanics, proxies, or development tools.

Review RequiredView Analysis
No source code was provided for analysis, making it impossible to perform a comprehensive security audit. The score reflects the inability to verify safety or identify specific risks, thus defaulting to the lowest safety assurance.
Updated: 2025-11-24GitHub
0
0
Low Cost
MandalAutomations icon

GitHub-Documentation-Rag-Agent

by MandalAutomations

Sec8

A Retrieval-Augmented Generation (RAG) system that provides intelligent answers to questions about GitHub documentation using local LLMs and vector embeddings.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for core services (Ollama, PostgreSQL).
  • ⚠️Requires VS Code Dev Containers extension for the recommended setup, or manual host configuration if run standalone.
  • ⚠️Ollama models (e.g., llama3.2:1b, granite-embedding:30m) need to be downloaded, which may take time and consume significant local disk space and RAM.
Verified SafeView Analysis
The code generally uses parameterized queries for database interactions and structured JSON for API calls, mitigating common injection risks. Configuration relies on environment variables, though default database credentials in `VectorDB` are weak for production but acceptable for a local dev setup. Network interactions are primarily with a local Ollama server, assumed to be trusted. No 'eval' or obfuscation observed.
Updated: 2025-11-19GitHub
0
0
Low Cost
zerolagtime icon

mcp-server-python

by zerolagtime

Sec9

A Minimal Compute Platform (MCP) tool for the continue.dev VSCode plugin to execute, lint, type-check, and security-scan Python code in an isolated Docker environment.

Setup Requirements

  • ⚠️Docker must be installed and running on the machine.
  • ⚠️The Docker image ('python-mcp') must be built manually using `docker build -t python-mcp .` before first use.
  • ⚠️The README mentions 'ty' for type checking, but the source code uses 'pyright' via `python3 -m pyright`. Users expecting 'ty' might be confused if it's not present or configured differently.
Verified SafeView Analysis
The server implements robust sandboxing mechanisms, including running in an isolated Docker container as a non-root user, dynamically blocking dangerous Python imports/builtins (like 'eval', 'exec', 'compile', network modules, and system execution modules) from user code, and using isolated temporary directories for each session. This significantly reduces the risk of malicious code execution or data exfiltration. Execution also includes a 30-second timeout. While no sandbox is perfectly impenetrable, these measures provide a high level of security for untrusted code execution.
Updated: 2025-11-25GitHub
0
0
Low Cost
amritpattnaik icon

mcpstreamabledeploy

by amritpattnaik

Sec10

Exposes a simple Python function as an HTTP-streamable API endpoint using the MCP framework.

Setup Requirements

  • ⚠️Python 3.11+ required
  • ⚠️Requires the 'mcp' Python package (mcp[cli]>=1.22.0)
Verified SafeView Analysis
The provided source code is minimal and does not contain any obvious security vulnerabilities such as 'eval', hardcoded secrets, or malicious patterns. The 'greeting' tool is safe.
Updated: 2025-12-01GitHub
0
0
High Cost
srimanikantaBattu icon

livekit-backend

by srimanikantaBattu

Sec8

A starter project for building voice AI assistants using LiveKit Agents for Node.js and LiveKit Cloud.

Setup Requirements

  • ⚠️LiveKit Cloud Account Required: Requires a LiveKit Cloud account and API keys (LIVEKIT_URL, LIVEKIT_API_KEY, LIVEKIT_API_SECRET) to function.
  • ⚠️Initial Model Download: An explicit 'pnpm run download-files' command is needed before the first run to download local models like Silero VAD.
  • ⚠️Specific Node.js and Package Manager Versions: Requires Node.js version '>=22.0.0' and uses 'pnpm' as the package manager.
  • ⚠️Usage-based AI Models: Involves costs for external AI services (OpenAI, AssemblyAI, Cartesia) through LiveKit Cloud, charged per usage.
Verified SafeView Analysis
The server acts as a voice AI agent, relying on the LiveKit Agents SDK and LiveKit Cloud for core functionality, including STT, LLM, and TTS inference. Secrets (LIVEKIT_URL, LIVEKIT_API_KEY, LIVEKIT_API_SECRET) are correctly managed via environment variables loaded from .env.local. No direct eval or unsafe file system operations with arbitrary user input were found in the provided src/agent.ts. The primary security considerations involve the trustworthiness of the LiveKit platform and its integrations with third-party AI models (OpenAI, AssemblyAI, Cartesia).
Updated: 2025-11-27GitHub
PreviousPage 607 of 713Next