Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
satishkamavaram icon

a2a-aws-strands-mcp

by satishkamavaram

Sec7

A minimal agent system demonstrating how to integrate LLM agents with external tools (Jira, weather, appointments) via an MCP server and A2A SDK.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid service for LLM calls).
  • ⚠️Requires two Python servers (MCP and A2A agent) to be run concurrently on different ports (8001 and 10001) for full functionality.
  • ⚠️Python 3.10+ is required.
Verified SafeView Analysis
This is explicitly a Proof of Concept (POC) and should not be evaluated for production. It uses `os.getenv` for API keys, which is good. There are no obvious 'eval' or command injection vulnerabilities. However, it relies on an `OPENAI_API_KEY` which is a critical secret. The OAuth2 implementation for the A2A server points to a localhost token URL, indicating a development setup. `contextvars` are used for access token handling, which is a safer pattern than global variables. The tool implementations are mocked, reducing direct external system integration risks within the provided code.
Updated: 2025-11-25GitHub
0
0
Medium Cost
WenZH2233 icon

Orangepi-Util-

by WenZH2233

Sec3

A versatile home voice assistant for controlling various devices via infrared, managing a calendar, playing music, monitoring system status, and integrating with AI services, also functioning as a set-top box.

Setup Requirements

  • ⚠️Requires `wiringPi` for DHT11 temperature sensor, specific to Raspberry Pi/OrangePi hardware setup.
  • ⚠️Infrared (IR) control functionality depends on `pyserial` and correct serial port permissions (e.g., `/dev/ttyS1`).
  • ⚠️Camera and screenshot functionalities require `opencv-python` and `Pillow` (PIL), and may involve external AI APIs (e.g., ZhipuAI) for analysis, incurring network and potentially computational costs.
  • ⚠️Music playback relies on `pygame` and external music search/stream APIs (e.g., `kuwo.cn`, `xiaodaokg.com`).
Review RequiredView Analysis
The `math_tools.py` module uses a sandboxed `eval()` function, which, while restricting direct system calls, still allows arbitrary Python expressions that could be crafted to consume excessive system resources, potentially leading to a Denial of Service. More critically, the `system_tools.py` module's `launch_application` function and the `mcp/tools/system/app_management/launcher.py` module directly use `subprocess.Popen` with user-provided application names (`app_name`). While there are attempts at application matching and whitelisting for known applications, a malicious user could potentially exploit this to execute arbitrary commands or launch unauthorized programs on the host system if the input is not sufficiently sanitized or strictly validated against a limited whitelist. Similarly, the ability to `kill_application` by PID could be misused. Web search and content reading tools expose the system to external network requests, which is expected but should be noted for potential SSRF if not properly controlled.
Updated: 2025-12-17GitHub
0
0
Medium Cost
markbsigler icon

MCP_Architecture

by markbsigler

Sec9

Provides comprehensive architectural guidelines and implementation standards for developing secure, scalable, and maintainable enterprise Model Context Protocol (MCP) servers, enabling AI applications to securely interact with external systems and data sources.

Setup Requirements

  • ⚠️Requires Python 3.11+ for local development and build scripts.
  • ⚠️Production deployments mandate containerization (e.g., Docker/Kubernetes), HTTP/SSE transport, and external dependencies like PostgreSQL and Redis.
  • ⚠️Requires configuration of OAuth 2.1/JWT provider for authentication in production.
  • ⚠️Requires API keys or IAM roles for integration with specific AI service providers when using LLM sampling.
Verified SafeView Analysis
The architecture explicitly promotes a multi-layered security model including OAuth 2.1 authorization with PKCE, JWT authentication, RBAC, and capability-based access control. It mandates robust input validation, PII detection/masking, audit logging, and the use of security headers. Containerization best practices (non-root users, dropped capabilities, read-only filesystems) are enforced. Crucially, it prohibits STDIO transport in production environments and requires external secret management via services like AWS Secrets Manager or Vault for credentials, preventing hardcoded secrets.
Updated: 2026-01-07GitHub
0
0
Medium Cost
gloria112 icon

any-api

by gloria112

Sec9

An API gateway for integrating and normalizing requests across multiple AI models like OpenAI Chat, Claude, and Gemini, abstracting away their individual protocols and enabling flexible model routing.

Setup Requirements

  • ⚠️Requires deployment as a Cloudflare Worker, not a standalone server.
  • ⚠️Requires at least one authentication key (WORKER_AUTH_KEY or WORKER_AUTH_KEYS) configured for clients accessing this gateway.
  • ⚠️Requires a comprehensive `ANY_API_CONFIG` environment variable in JSONC format to define upstream AI providers, their base URLs, API key environment variable names, and specific model configurations.
Verified SafeView Analysis
The server correctly leverages environment variables (Cloudflare Worker's Env) for all API keys and sensitive configuration, preventing hardcoded secrets. Sensitive values are masked in debug logs. Input validation, URL sanitization, and robust CORS handling are implemented. No usage of 'eval' or suspicious dynamic code execution patterns were found. Session-specific caching for `previous_response_id` and `thought_signature` uses hashed session keys and Cloudflare's built-in `caches.default`, which is appropriate for ephemeral worker environments, minimizing direct exposure of sensitive conversation data.
Updated: 2026-01-19GitHub
0
0
Medium Cost
sabikahamna icon
Sec1

Integrates Google Gemini AI via a Command Line Interface with a Minecraft Protocol (MCP) server environment, likely for enhanced server interactions or content generation.

Setup Requirements

  • ⚠️Requires Google Gemini API Key (Paid)
  • ⚠️Assumes familiarity with Minecraft Protocol (MCP) server setup and operation.
Review RequiredView Analysis
Unable to perform a security audit due to missing source code. The prompt provided only the README.md content and explicitly stated 'SOURCE CODE (Truncated, some files summarized):' but no actual code followed. Therefore, no checks for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns could be performed. Assume unsafe until code is provided and audited.
Updated: 2025-12-05GitHub
0
0
Low Cost
circling-booster icon

MCP_SERVER_AXON_DB

by circling-booster

Sec9

Serves user data from a CSV file via FastAPI endpoints, including paginated lists, user lookups, and searches, with a focus on audit logging and Prometheus metrics for a micro-capabilities platform (MCP).

Setup Requirements

  • ⚠️Requires a CSV file to be present at the path specified by the `CSV_FILE_PATH` environment variable.
  • ⚠️Requires the `MCP_API_TOKEN` environment variable to be set for API authentication.
Verified SafeView Analysis
Uses parameterized queries to prevent SQL injection. Authentication relies on a simple Bearer token loaded from environment variables. Sensitive data (like IP addresses) is masked in audit logs. No 'eval' or malicious patterns found. While the authentication mechanism is basic token comparison, it is implemented correctly for its intended scope.
Updated: 2026-01-19GitHub
0
0
Low Cost
PawanKumarAgrawal icon

MCP_Servers_and_Client

by PawanKumarAgrawal

Sec1

Provides a basic client-server architecture, likely for a custom application or communication system.

Review RequiredView Analysis
A comprehensive security audit cannot be performed as no source code was provided for analysis beyond the repository name and a truncated README. Without the actual code, it's impossible to check for common vulnerabilities, hardcoded secrets, dangerous functions like 'eval', or malicious patterns. Therefore, its safety cannot be guaranteed.
Updated: 2025-11-28GitHub
0
0
Medium Cost
influx-inc icon

sample-mcp-server

by influx-inc

Sec8

This server acts as a Model Context Protocol (MCP) server, integrating with external platforms like Intercom to provide dynamic data (user roles, status, orders) and functionality through defined tools and resources.

Setup Requirements

  • ⚠️Requires Node.js v18 or higher
  • ⚠️Uses `tsx` for direct TypeScript execution (handled by `npx -y`)
Verified SafeView Analysis
The server uses Express and `@modelcontextprotocol/sdk` to expose an API endpoint. Input validation for tool arguments is implemented using Zod, which is a good practice. There are no obvious signs of 'eval' usage, code obfuscation, or hardcoded sensitive secrets in the provided source code. The mock user data is not treated as sensitive production data. For a production environment, further considerations like robust authentication, authorization, and comprehensive error handling would be essential.
Updated: 2025-11-26GitHub
0
0
Low Cost
grooth-se icon

mcp-remote

by grooth-se

Sec4

Connects local Model Context Protocol (MCP) clients to remote MCP servers, acting as a proxy and handling OAuth authentication.

Setup Requirements

  • ⚠️Requires Node.js v18.0.0 or higher.
  • ⚠️Initial OAuth flow requires user interaction (opening a browser to authenticate).
  • ⚠️OAuth tokens are stored unencrypted on the local filesystem, which is a security concern for sensitive access tokens.
Review RequiredView Analysis
OAuth access and refresh tokens are stored unencrypted in plain text on the local filesystem (`~/.mcp-auth/`). This poses a significant risk if the local machine's file system permissions are not strictly enforced or if the machine is compromised. The `--allow-http` option, while explicitly marked as 'not recommended', enables insecure HTTP connections, which could expose users to Man-in-the-Middle attacks during data transfer or authentication if used. Default client ID is hardcoded which limits flexibility.
Updated: 2026-01-19GitHub
0
0
Low Cost
Starborn icon
Sec3

Automates the creation of production-ready TypeScript or Python MCP servers from simple configuration inputs.

Review RequiredView Analysis
A thorough security audit is not possible as the provided 'SOURCE CODE' is limited to only the README.md content. No actual code files (e.g., JavaScript, Python, configuration files) were available for analysis of 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. The score reflects the inability to perform a proper audit, implying an unknown security posture rather than confirmed vulnerabilities.
Updated: 2026-01-17GitHub
0
0
Low Cost
koyeb icon
Sec7

This server acts as a Model Context Protocol (MCP) endpoint, enabling OpenAI's GPT models via the Apps SDK to interact with and manage a simple to-do list through AI-accessible tools and a UI widget.

Setup Requirements

  • ⚠️Requires Node.js 20+ to run.
  • ⚠️Requires access to the OpenAI Apps SDK for full integration.
  • ⚠️The MCP endpoint is specifically at '/mcp', not the root URL.
Verified SafeView Analysis
The server exposes its '/mcp' endpoint with 'Access-Control-Allow-Origin: *', allowing cross-origin requests from any domain, which removes client-side same-origin policy protection. It operates in a stateless mode without explicit user authentication or authorization, making it suitable for personal AI assistant tools but not for multi-user or sensitive applications. The server reads the UI widget HTML from a local file, reducing dynamic code execution risks. No 'eval' or other directly malicious patterns were identified in the provided source code.
Updated: 2026-01-07GitHub
0
0
Medium Cost
Subhan696 icon
Sec4

An MCP server to help AI agents manage logistics invoices by fetching emails, downloading attachments, parsing PDFs, and storing structured data.

Setup Requirements

  • ⚠️Requires either `GEMINI_API_KEY` or `OPENAI_API_KEY` (paid services).
  • ⚠️CRITICAL: The `ENCRYPTION_KEY` environment variable must be explicitly set to a strong, random 32+ character key to avoid using an insecure default that compromises stored credentials.
  • ⚠️IMAP access for email providers like Gmail often requires generating an 'App Password' instead of using your primary account password.
Review RequiredView Analysis
CRITICAL: The `ENCRYPTION_KEY` in `src/utils/encryption.ts` has a hardcoded fallback value (`'default-secret-key-must-be-32-bytes'`) if `process.env.ENCRYPTION_KEY` is not explicitly set. This severely compromises the security of stored broker email credentials in a production environment. The `src/scripts/seedBroker.ts` file, while intended for development, encourages directly embedding sensitive email credentials into the source code, which is poor security practice. The `ImapService` correctly uses encrypted credentials for IMAP connections. Processing arbitrary PDF files (via `pdf-parse` and `tesseract.js`) can theoretically pose risks if malicious content is embedded, but no specific vulnerability in the parsing logic is immediately apparent.
Updated: 2026-01-19GitHub
PreviousPage 619 of 713Next