Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Alex1966design icon

thai-customs-ed01-mcp

by Alex1966design

Sec9

Facilitates the generation of draft Thai Customs ED01 declarations, either via a Gradio web interface from uploaded PDFs or programmatically through MCP tools from structured data, including item parsing and weight allocation.

Setup Requirements

  • ⚠️Requires Python 3.x
  • ⚠️Requires `pymupdf` library (for PDF text extraction in `app.py`)
  • ⚠️Requires `gradio` library (for the web UI in `app.py`)
  • ⚠️Requires `mcp` library (for the MCP server functionality in `server.py`)
Verified SafeView Analysis
The code employs robust PDF text extraction (PyMuPDF) and 'STRICT' parsing logic, mitigating risks of arbitrary code execution through input. No critical hardcoded secrets are found. Potential security considerations include vulnerabilities within the PyMuPDF library itself when processing untrusted PDFs (outside the scope of this code review), and the exposure of detailed error messages if the Gradio app's debug mode (`debug=True`) is used in a public production environment. The MCP server tools handle structured JSON inputs and perform deterministic calculations, with no direct use of `eval` or similar dangerous functions on user-provided data.
Updated: 2025-12-14GitHub
0
0
Low Cost
fajar661 icon

Researcher

by fajar661

Sec8

An AI-powered research assistant designed to simplify academic research through features like paper summarization, research gap identification, and literature exploration.

Setup Requirements

  • ⚠️Requires Node.js and a package manager (npm, yarn, or pnpm) for development.
  • ⚠️Full AI functionality for summarization and gap detection is not implemented in the provided frontend code, requiring backend development and potentially a Gemini API key.
  • ⚠️The README suggests the final product is distributed as a desktop application (Windows, macOS, Linux .zip download), implying an Electron-like wrapper or similar framework is used for cross-platform distribution of the web application.
Verified SafeView Analysis
The provided source code is primarily for a Next.js frontend application and does not contain server-side logic or direct API calls that would expose immediate security risks like hardcoded secrets or malicious network activity. The chatbot feature explicitly notes that 'AI logic will be added later,' meaning core AI integration, which could introduce new security considerations, is not part of this truncated codebase. The `SidebarProvider` sets a non-sensitive UI state cookie directly via `document.cookie`.
Updated: 2026-01-19GitHub
0
0
Medium Cost
roy777rajat icon

AWS-MCP-SERVER

by roy777rajat

Sec7

Enables autonomous AI agents (like Microsoft Copilot Studio) to interact with AWS cloud services by implementing the Model Context Protocol (MCP) and providing a set of callable AWS automation tools.

Setup Requirements

  • ⚠️Requires Python 3.9+.
  • ⚠️Requires pre-configuration of AWS credentials (access key, secret key, region) either locally or via environment variables.
  • ⚠️Requires a pre-existing S3 bucket for audit logging (specified by `AUDIT_BUCKET`) and the server's AWS IAM role must have `s3:PutObject` permissions to it.
  • ⚠️The server's AWS IAM role needs broad `Resource: "*"` permissions for various AWS services, which should be carefully reviewed and possibly narrowed down for production environments.
Verified SafeView Analysis
The server correctly uses environment variables for AWS credentials, preventing hardcoding. However, the CORS configuration `allow_origins=["*"]` is overly broad and should be restricted in production. The documented AWS IAM permissions for the server include `Resource: "*"` for various services, granting extensive access which requires careful management and should ideally be scoped down using least privilege principles. Audit logging failures are silently handled, which could mask critical security information.
Updated: 2026-01-16GitHub
0
0
High Cost
thostetler icon

scix-mcp

by thostetler

Sec9

Enables LLMs to interact with the NASA SciX API for astronomical literature search, metadata retrieval, citation analysis, and bibliography export.

Setup Requirements

  • ⚠️Requires a NASA SciX API Key, which must be obtained manually from scixplorer.org after creating an account.
  • ⚠️Requires Node.js (version 18 or higher) to be installed on the system.
Verified SafeView Analysis
The server demonstrates good security practices by explicitly requiring the API key from environment variables (SCIX_API_TOKEN) rather than hardcoding. The HTTP client handles common API errors (401, 404, 429) and implements request timeouts. There are no apparent uses of `eval`, obfuscation, or direct `child_process` execution for untrusted input. The system primarily acts as a secure proxy to the SciX API. The main risk is the security of the API key itself, which is appropriately handled by user setup instructions.
Updated: 2025-11-26GitHub
0
0
Low Cost
MohamedHamed19m icon

capl-docs-parser-mcp

by MohamedHamed19m

Sec5

This MCP server enables AI agents to search and retrieve structured information from local Vector CAPL documentation in Markdown format.

Setup Requirements

  • ⚠️Requires local CAPL documentation (.md files) to be placed in the specified `inputs` directory or other `doc_paths`.
  • ⚠️Requires `uv` for efficient dependency management and virtual environment setup (e.g., `uv venv`, `uv sync`).
  • ⚠️Requires Python 3.7+ and specific Python packages: `fastmcp`, `scikit-learn`, `numpy`.
Review RequiredView Analysis
The server uses `pickle.load` to deserialize cached TF-IDF models and vectors. If an attacker could tamper with the `.pkl` files in the `.cache` directory, this could lead to arbitrary code execution. Additionally, the `parse_md_file` and `_build_index_if_needed` functions accept arbitrary file paths via `file_path` and `doc_paths` parameters, respectively. If the server runs with broad file system access, a malicious client could potentially use this to read or parse unintended files, leading to information disclosure or resource exhaustion.
Updated: 2025-11-29GitHub
0
0
Low Cost
NalinKaushik icon

crypto-mcp-server

by NalinKaushik

Sec9

A production-ready Python-based MCP server for retrieving real-time and historical cryptocurrency market data from major exchanges using CCXT and CoinMarketCap APIs.

Setup Requirements

  • ⚠️Requires Python 3.9+ for execution.
  • ⚠️Requires `pip` or `uv` package manager for dependency installation.
  • ⚠️Requires configuration via a `.env` file for server settings, default exchange, caching, and rate limiting.
Verified SafeView Analysis
The server uses environment variables for configuration, including potential API keys for exchanges (though not passed in the provided `CCXTClient` instantiation example, it supports them). No hardcoded secrets, `eval` usage, or obfuscation were found in the provided code snippets. The async architecture, robust error handling with retries and timeouts, and rate limiting contribute to its resilience against network issues and API abuse. A deeper audit of `config.py` and full credential handling would be needed for a perfect score, but the structure is sound.
Updated: 2025-11-23GitHub
0
0
Low Cost
r3-yamauchi icon

bedrock-kb-mcp-server

by r3-yamauchi

Sec9

This server provides an unofficial Model Context Protocol (MCP) interface to manage Amazon Bedrock Knowledge Bases, data sources, ingestion jobs, and perform RAG queries against them.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires the `uv` tool for dependency management and execution (`uv` is an experimental Python package installer and runner).
  • ⚠️Requires an AWS account with configured credentials (e.g., `AWS_PROFILE`, `AWS_ACCESS_KEY_ID`/`AWS_SECRET_ACCESS_KEY`) and appropriate IAM permissions for Bedrock, S3, and STS. Underlying AWS Bedrock service usage will incur costs, which can be high depending on data volume and query frequency.
Verified SafeView Analysis
The server demonstrates strong security practices for an AWS-interacting application. It relies on standard boto3 credential chain (environment variables, profiles) and does not hardcode secrets. A `StructuredFormatter` is implemented to automatically mask sensitive information (ARNs, credentials, IDs) in logs, enhancing data protection. No `eval` or similar dangerous patterns were found. Network interactions are confined to AWS APIs via boto3, configured with retries and timeouts for robustness. Proper IAM roles and S3 permissions are explicitly highlighted as prerequisites for secure operation.
Updated: 2025-12-21GitHub
0
0
Medium Cost
mdlopresti icon

loom-pattern

by mdlopresti

Sec9

Provides hierarchical memory capabilities for AI agents to remember, share, recall, and isolate information across sessions and projects.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0
  • ⚠️Requires a NATS server with JetStream enabled
Verified SafeView Analysis
The server demonstrates a strong focus on security, implementing clear project and agent isolation. Private memories are strictly agent-specific, and shared memories require the creating agent's ID for deletion. Core memories are protected and require a 'force' flag for deletion. Content size is limited to 32KB per memory, mitigating some DoS vectors. Authentication for the NATS backend is supported via URL credentials or environment variables (`NATS_USER`, `NATS_PASS`). No 'eval' or obvious hardcoded secrets were found in the provided source. Reliance on external NATS server for transport security is assumed to be handled outside this component's scope.
Updated: 2025-12-12GitHub
0
0
Low Cost
Anny-1079 icon
Sec9

Provides wellness tips based on a user's mood, designed to be used as a tool by an AI agent or directly via a FastAPI endpoint.

Setup Requirements

  • ⚠️Requires Python environment (e.g., Python 3.8+).
  • ⚠️Requires `fastapi`, `uvicorn`, and `modelcontextprotocol` Python packages to be installed.
  • ⚠️The `wellness_mcp_server.py` script requires an MCP-compatible client to interact with it.
Verified SafeView Analysis
The FastAPI server (`main.py`) uses `allow_origins=["*"]` for CORS, which is generally not recommended for production environments but common for development. The core MCP server (`wellness_mcp_server.py`) communicates via stdin/stdout (JSON-RPC) and does not expose direct network interfaces. No `eval`, hardcoded secrets, or obvious malicious patterns were found. Input is sanitized using `.lower()` before dictionary lookup, mitigating basic injection risks.
Updated: 2025-11-27GitHub
0
0
Medium Cost
cqyefeng119 icon

windows-outlook-mcp

by cqyefeng119

Sec3

Manages Microsoft Outlook emails (inbox, sent, drafts, search, create, summarize) and calendar events (list, create, update, delete, find free slots, attendee status, list calendars) on a Windows desktop.

Setup Requirements

  • ⚠️Requires Windows 10/11 Operating System.
  • ⚠️Requires Microsoft Outlook desktop application to be installed and configured locally.
  • ⚠️Requires PowerShell 5.0 or higher.
  • ⚠️Relies on COM (Component Object Model) for Outlook interaction, which is Windows-specific.
  • ⚠️The 'src/index.ts' file, which is the main entry point, does not expose the advanced draft generation tools (like `generate_smart_draft` from `draft-generator.ts`) that are present in the source code. This might indicate incomplete feature integration or a versioning discrepancy in the provided files.
Review RequiredView Analysis
The server executes dynamically constructed PowerShell scripts via `child_process.spawn` using the `-ExecutionPolicy Bypass` flag. While string arguments passed to PowerShell are partially sanitized (e.g., quotes replaced, control characters removed), embedding user-controlled input into shell commands is an inherently high-risk pattern for injection vulnerabilities. A sophisticated attacker could potentially craft inputs that break out of the intended string literals in PowerShell, leading to arbitrary command execution on the local machine where the server is running. No explicit hardcoded secrets were found.
Updated: 2025-11-19GitHub
0
0
Low Cost
debanjanbasu icon

aws-lambda-mcp

by debanjanbasu

Sec9

Provides a secure, OAuth-authenticated Model Context Protocol (MCP) server for Amazon Bedrock AgentCore, enabling AI agents to interact with custom tools for functionalities like weather lookup and personalized greetings.

Setup Requirements

  • ⚠️Requires installation of multiple development tools: Rust, cargo-lambda, UPX, Zig, jq, Terraform, AWS CLI, Azure CLI.
  • ⚠️Requires a one-time `make setup-backend` command to configure S3 for Terraform state.
  • ⚠️Requires creation and configuration of a GitHub App (including private key and ID) and an Opencode.ai API key for CI/CD and bot functionality.
Verified SafeView Analysis
The project demonstrates strong compile-time security measures with `Cargo.toml` lints (`unsafe_code = "deny"`, `unwrap_used = "deny"`, `expect_used = "deny"`, `panic = "deny"`), promoting robust and safe Rust code. While `jsonwebtoken::dangerous::insecure_decode` is used in the interceptor, it's contextually acceptable as the architectural diagram indicates full JWT validation (OIDC) occurs upstream at the Bedrock Gateway; the interceptor's role is specifically for claim extraction and expiry checking. Configurable logging levels allow balancing operational visibility with sensitive data protection. Adherence to least privilege for IAM roles, HTTPS for external API calls, and explicit guidance against hardcoding secrets further bolster security.
Updated: 2026-01-14GitHub
0
0
Medium Cost
kacie-phillippo icon
Sec3

Connects an LLM to a PostgreSQL database for natural language querying of the Steam game dataset.

Setup Requirements

  • ⚠️Requires PostgreSQL database
  • ⚠️Requires Claude Desktop access
  • ⚠️Requires setup of external mcp-database-server
  • ⚠️Requires 'Steam Dataset 2025: Multi-Modal Gaming Analytics' and data cleaning
Review RequiredView Analysis
The provided source code is limited to the README.md file, which describes the usage of an external MCP server (https://github.com/executeautomation/mcp-database-server) rather than containing its implementation. Therefore, a direct security audit of the MCP server's source code for dangerous patterns like 'eval', obfuscation, or hardcoded secrets cannot be performed within the scope of this repository. The security posture would depend entirely on the external server's implementation. General risks for such a setup include potential SQL injection vulnerabilities if the LLM-to-SQL translation is not robustly secured, and improper handling of database credentials.
Updated: 2025-12-13GitHub
PreviousPage 624 of 713Next