Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
ka1222te icon

growi-mcp

by ka1222te

Sec8

Facilitates interaction with Growi wiki instances through an MCP server, enabling AI tools to manage pages, attachments, and user information.

Setup Requirements

  • ⚠️Requires Growi API token, domain, and API version configured via environment variables (GROWI_DOMAIN, GROWI_API_TOKEN, GROWI_API_VERSION).
  • ⚠️Requires 'uv' or 'uvx' package manager for installation and execution.
  • ⚠️Some Growi servers may require a 'connect.sid' session cookie (GROWI_CONNECT_SID) for the 'download_attachment' function, which can be challenging to obtain.
  • ⚠️User registration via 'register_user' may require administrator approval on the Growi server depending on its settings.
Verified SafeView Analysis
The server uses environment variables for sensitive API keys (GROWI_API_TOKEN) and the Growi domain, which is good practice. No 'eval' or obvious malicious patterns are found in the provided source code. The primary security risk involves the permissions granted to the Growi API token and the potential for AI agents (especially with 'Auto-approve' enabled) to inadvertently expose private information or modify pages, as explicitly warned in the README. The 'download_attachment' function might require a 'connect.sid' session cookie for some Growi server configurations, which adds a dependency on browser-level authentication that needs careful handling.
Updated: 2025-12-01GitHub
0
0
Low Cost
glebmish icon
Sec9

A Model Context Protocol (MCP) server that provides AI agents (specifically Claude Code) with tools for discovering OpenRewrite refactoring recipes and retrieving their documentation through semantic search.

Setup Requirements

  • ⚠️Docker and Docker Compose required (for the PostgreSQL database).
  • ⚠️Java 21 required (for the OpenRewrite documentation generator).
  • ⚠️Python 3.8+ required (for the MCP server implementation).
  • ⚠️Requires ~3GB disk space for generator artifacts, generated docs, and embedding models.
Verified SafeView Analysis
The server utilizes parameterized queries to prevent SQL injection and loads database credentials from environment variables, which are good security practices. It leverages a standard SentenceTransformer model for embeddings. The `startup.sh` script manages a local PostgreSQL Docker container in a controlled environment. While the broader workflow involves executing OpenRewrite recipes (which could theoretically perform arbitrary code changes), the MCP server itself is designed to provide search and documentation, and the `validate-recipe.sh` script uses trusted local init scripts to execute Gradle, mitigating direct malicious code injection through the recipe YAMLs. No 'eval' or obfuscation found.
Updated: 2026-01-02GitHub
0
0
Low Cost
loveyou001 icon

github-mcp-server

by loveyou001

Sec10

This repository provides a GitHub Skills course that teaches users how to create a static website or blog using GitHub Pages and Jekyll.

Setup Requirements

  • ⚠️Requires a GitHub account to start the course and host the generated site.
  • ⚠️Private GitHub Pages repositories consume GitHub Actions minutes, which may incur costs depending on usage.
  • ⚠️Basic understanding of Git concepts (branches, commits, pull requests) is a prerequisite.
Verified SafeView Analysis
The provided content is a README file for a tutorial, not an executable server application. It contains no runnable code with security vulnerabilities like 'eval', obfuscation, or network risks. The only 'code-like' snippet is client-side JavaScript within an HTML comment, used to construct a GitHub URL, which poses no server-side security risk.
Updated: 2026-01-16GitHub
0
0
Medium Cost
EdgeworthHitbox icon

dwr-mcp-server

by EdgeworthHitbox

Sec3

This server acts as a Model Context Protocol (MCP) interface, enabling AI models to retrieve various water-related data and administrative calls from the Colorado Division of Water Resources (DWR) REST API.

Setup Requirements

  • ⚠️Requires `npm run build` to compile TypeScript before running.
  • ⚠️No built-in authentication for HTTP/SSE mode; exposed public endpoints are accessible by anyone.
  • ⚠️The generic `query_dwr_api` tool allows access to any DWR API endpoint via the server, which could be misused due to lack of authentication.
Review RequiredView Analysis
The server explicitly states in its `SECURITY.md` and through code analysis that it has no authentication, making it unsafe for public or production use. Any client connecting to its `/sse` endpoint or `/api/*` REST endpoints will have full, unauthenticated access. Furthermore, the `query_dwr_api` tool allows arbitrary DWR API endpoints and parameters to be queried via the server's base URL, which, without authentication, could lead to abuse or unintended resource consumption on the DWR API.
Updated: 2025-11-19GitHub
0
0
Medium Cost
infil00p icon

DriveBC_MCP

by infil00p

Sec9

Provides AI assistants with real-time BC highway conditions, road closures, and weather alerts via the Open511-DriveBC API.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher to run due to ES module and fetch API usage.
  • ⚠️Designed to be used with MCP-compatible AI clients (e.g., Claude Desktop, LM Studio) via stdio transport, not as a standalone web service.
Verified SafeView Analysis
The server architecture is straightforward, using standard TypeScript practices and the Model Context Protocol SDK. It interacts with a public, unauthenticated API (Open511-DriveBC) and includes basic error handling, timeouts, and retries for API calls. Input validation for tool arguments is defined via JSON schema and further handled within the tool functions (e.g., region name validation, highway normalization). There are no detected uses of 'eval', direct child process execution without sanitization, or hardcoded sensitive credentials. The in-memory cache implementation is safe. Logging cache hits/misses to stderr is not a security flaw, but rather a minor operational detail. Overall, the codebase appears robust and secure for its intended purpose.
Updated: 2025-12-14GitHub
0
0
Low Cost
sumikko-Charlotte icon

mcp-time-server

by sumikko-Charlotte

Sec9

A minimal Model Context Protocol (MCP) server that exposes a 'get_current_time' tool, returning the current system time.

Verified SafeView Analysis
The server operates via standard I/O (stdio_server), limiting direct network exposure unless explicitly piped. Tool calls are strictly validated against 'get_current_time', preventing arbitrary command execution. No 'eval', hardcoded secrets, or suspicious external calls were identified.
Updated: 2025-12-13GitHub
0
0
Low Cost
flyfox666 icon
Sec7

Deploy a remote Model Context Protocol (MCP) server on Cloudflare Workers, providing an unauthenticated calculator tool for AI clients like Cloudflare AI Playground or Claude Desktop.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment.
  • ⚠️Requires Node.js and npm/npx installed locally for development.
  • ⚠️The server is explicitly 'Authless', meaning no authentication is required for client connections. This is suitable for a demo but not for sensitive applications.
Verified SafeView Analysis
The server is explicitly designed to be 'authless', meaning it does not require authentication to access its tools. While this is stated in the README and acceptable for the simple calculator tool demonstrated, it is a significant security risk if deployed with more powerful or sensitive tools. The code itself does not contain obvious vulnerabilities like 'eval' or hardcoded secrets, and inputs for the calculator are schema-validated. However, the 'authless' nature means anyone can use the deployed API.
Updated: 2025-11-29GitHub
0
0
Low Cost
wminson icon
Sec8

Enables AI assistants to interact with GitHub Copilot CLI for command suggestions, explanations, and configuration management through a standardized Model Context Protocol (MCP) interface.

Setup Requirements

  • ⚠️Requires GitHub Copilot subscription (paid)
  • ⚠️Requires GitHub CLI (gh) installed
  • ⚠️Requires GitHub Copilot extension for gh (`gh extension install github/gh-copilot`)
  • ⚠️Requires Python 3.10+
Verified SafeView Analysis
The server safely executes GitHub CLI commands via subprocess.run, passing arguments as a list to mitigate shell injection risks. No eval or hardcoded secrets are present. The SSE transport (server_sse.py) defaults to binding on 0.0.0.0 and attempts to disable certain transport security features (DNS rebinding protection, host/origin restrictions) for broad network accessibility. While this enhances flexibility, it requires careful deployment considerations regarding network exposure.
Updated: 2025-12-11GitHub
0
0
Medium Cost
theflysurfer icon

hydraspecter

by theflysurfer

Sec7

Multi-headed browser automation for web scraping, testing, or data collection with robust anti-detection and session persistence capabilities.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️Windows users requiring Chrome session syncing (VSS) need to run a PowerShell script (`sync-cookies-vss.ps1`) with Administrator privileges once.
  • ⚠️Chrome v127+ App-Bound encryption may prevent automatic cookie transfer from your real Chrome profile to HydraSpecter's `pool-0`. Manual login into HydraSpecter's `pool-0` (visible mode) and subsequent syncing to other pools via `scripts/sync-pools.ps1` will be necessary for persistent sessions on such domains.
  • ⚠️The default headless mode for anti-detection features is `false` (visible browser), which can consume more system resources.
Verified SafeView Analysis
The server exposes powerful primitives like `browser_evaluate` for arbitrary JavaScript execution within the browser context, which is standard for browser automation but requires careful handling by the orchestrating model to prevent misuse. The `trySyncViaVSS` function on Windows uses `execSync` to run a PowerShell script with string interpolation for directory paths. While these paths are derived internally from `os.homedir()`, it could pose a risk if path variables were somehow compromised to allow command injection. The tool also provides network access for navigation and proxying, which is inherent to its functionality.
Updated: 2026-01-19GitHub
0
0
High Cost
SPerekrestova icon

GitHub_MCP_Server

by SPerekrestova

Sec9

Provides Model Context Protocol (MCP) access to GitHub documentation via API for AI agents.

Setup Requirements

  • ⚠️Requires a GitHub Personal Access Token with 'repo', 'read:org', and 'read:user' scopes.
  • ⚠️Docker must be installed, or a Python environment with dependencies must be set up.
  • ⚠️Requires manual configuration in Claude Desktop's 'claude_desktop_config.json' file.
Verified SafeView Analysis
The code itself is clean, handles secrets via environment variables, and makes standard API calls to GitHub. No 'eval' or similar dangerous functions are used. The primary security consideration is the broad scope required for the GitHub Personal Access Token ('repo', 'read:org', 'read:user'), which grants significant access to private repositories if misused outside the application's read-only tools.
Updated: 2026-01-16GitHub
0
0
Medium Cost
rexnzm icon
Sec3

Retrieval-Augmented Generation (RAG) server for multi-format document ingestion and vector database integration, supporting Ollama or OpenAI embeddings.

Setup Requirements

  • ⚠️Requires Python >= 3.13 (as per pyproject.toml).
  • ⚠️Requires either an OpenAI API Key (which is a paid service and needs internet access, set via OPENAI_API_KEY) OR a local Ollama server running (which requires installing Ollama, downloading an embedding model like nomic-embed-text, and approximately 4GB of RAM, set via OLLAMA_BASE_URL and OLLAMA_EMBED_MODEL).
  • ⚠️The official setup guide in the README (downloading executables from raw GitHub links) is a critical security risk and should not be followed.
Review RequiredView Analysis
The primary security concern arises from the distribution method outlined in the README, which instructs users to download and run executables (.exe, .dmg) or archives (tar.gz) directly from raw GitHub URLs. This bypasses secure software distribution practices and poses a significant supply chain risk, making it unsafe to run by following the project's own setup instructions. Additionally, the 'ingest_document' tool can download files from arbitrary URLs, which could be exploited for denial-of-service or malicious content download if the server were exposed to untrusted inputs. However, no 'eval' or explicit hardcoded secrets are found in the provided Python source code, and network calls are to standard endpoints for Ollama or OpenAI.
Updated: 2026-01-19GitHub
0
0
Low Cost
AnuragRanjan2003 icon

NotesMCPServer

by AnuragRanjan2003

Sec7

This server provides a simple API for managing notes, allowing users to add, retrieve, update, and delete notes in an in-memory storage.

Setup Requirements

  • ⚠️Requires Python 3.13+
  • ⚠️Requires 'mcp[cli]' package (version >= 1.22.0)
Verified SafeView Analysis
The server uses in-memory storage, which limits direct database injection risks. However, there's no explicit input sanitization shown for string inputs (title, body) at the application layer. While the 'FastMCP' framework might offer some protection, reliance on it without explicit checks could be a risk if a persistent database were integrated later. No 'eval' or hardcoded secrets found. The concurrent utilities (ConcurrentDict, ConcurrentCounter) are basic thread-safe wrappers, not security concerns themselves.
Updated: 2025-11-22GitHub
PreviousPage 612 of 713Next