Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
KotDath icon

aurora-rs-mcp

by KotDath

Sec7

A minimal MCP server for Aurora OS, demonstrating Rust application development, cross-compilation, and integration with core Aurora OS interfaces (D-Bus, C libraries, C++, Qt).

Setup Requirements

  • ⚠️Requires 'cross' for cross-compilation, which typically uses Docker/Podman.
  • ⚠️Requires 'aurora-cli' for Aurora OS SDK management, sysroot synchronization, and RPM building.
  • ⚠️Aurora OS SDK and corresponding sysroots must be installed and configured (e.g., via `aurora-cli services --sysroot`).
  • ⚠️C++ Qt5 development libraries (Qt5Core, Qt5Network) are required in the sysroot for successful C++/Rust interop builds.
  • ⚠️Deployment scripts assume SSH access to an Aurora OS device/emulator with specific SSH key paths configured.
Verified SafeView Analysis
The server application itself (aurora-rs-mcp) appears to have no obvious critical security vulnerabilities in its core logic, relying on established libraries like `dbus` and `rmcp`. However, the provided `run.sh` and `build.sh` deployment scripts contain significant security risks: they use `ssh -o StrictHostKeyChecking=no`, which disables host key verification, making SSH connections vulnerable to man-in-the-middle attacks. Additionally, paths to SSH private keys (`$HOME/.ssh/qtc_id` or `$VAR_SDK/vmshare/ssh/private_keys/sdk`) are hardcoded, which is generally not a best practice for security or portability. While these issues are in the deployment scripts and not the server's runtime code, they represent a risk in the project's operational setup.
Updated: 2025-12-01GitHub
0
0
Low Cost
cafalchio icon

mcp-client-shell

by cafalchio

Sec9

Provides a command-line interface to interact with local FastMCP servers for tool listing and execution.

Setup Requirements

  • ⚠️Requires Python 3.13+.
  • ⚠️A FastMCP server must be running locally for the client to connect.
  • ⚠️The provided run instructions use 'uv' for virtual environment management, which may need to be installed.
Verified SafeView Analysis
The client connects to a local FastMCP server (http://localhost:port/mcp) and passes user input directly as tool arguments. Security largely depends on the trustworthiness of the local FastMCP server and its exposed tools. No 'eval', hardcoded secrets, or obvious client-side vulnerabilities were found. As a client, it does not expose network services.
Updated: 2025-11-20GitHub
0
0
Medium Cost
DEVtheOPS icon

insights-mcp

by DEVtheOPS

Sec9

Provides persistent storage and full-text search for project-specific or global insights within Claude Code sessions.

Setup Requirements

  • ⚠️Requires Node.js (version 18 or higher is specified in package.json).
  • ⚠️The 'better-sqlite3' dependency is a native Node.js addon, which may require compilation during installation if a prebuilt binary is not available for your specific environment (OS/architecture/Node.js version).
  • ⚠️The default database file path is '~/.insights-mcp/insights.db', which might need to be explicitly overridden using the '--db-path' flag or 'INSIGHTS_MCP_DB_PATH' environment variable for certain use cases or containerized environments.
Verified SafeView Analysis
The server appears robust against common web vulnerabilities. It uses 'better-sqlite3' with prepared statements, mitigating SQL injection risks. Input validation for all MCP tools is handled by 'zod' schemas, adding a strong layer of protection. No usage of 'eval' or obvious hardcoded secrets was found. The HTTP mode exposes a '/mcp' endpoint; secure deployment practices (e.g., proper firewalling, access control) are required if exposed beyond a local or trusted network.
Updated: 2025-11-25GitHub
0
0
Medium Cost
jbutcher21 icon

senzing-mcp-server

by jbutcher21

Sec8

Provides entity resolution capabilities from the Senzing SDK to AI assistants via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Senzing SDK version 4 installed and its environment variables (LD_LIBRARY_PATH, PYTHONPATH) configured.
  • ⚠️Requires a configured and accessible Senzing database, specified via SENZING_ENGINE_CONFIGURATION_JSON.
  • ⚠️Requires Python 3.10 or higher.
Verified SafeView Analysis
The code itself is well-structured and does not use dangerous functions like `eval`. All Senzing SDK calls are wrapped for asynchronous execution within a ThreadPoolExecutor. Security relies heavily on the underlying Senzing SDK and the secure configuration of its environment variables (`SENZING_ENGINE_CONFIGURATION_JSON`, `LD_LIBRARY_PATH`, `PYTHONPATH`). The HTTP/SSE transport can be configured to listen on all interfaces (`0.0.0.0`), which is a network risk if not properly secured via firewalls or proxies. By default, it uses localhost for HTTP/SSE or STDIO, which are safer.
Updated: 2026-01-06GitHub
0
0
Low Cost
classhopperapp icon

classhopper-mcp-server

by classhopperapp

Sec7

Deploy a remote Model Context Protocol (MCP) server on Cloudflare Workers, providing a set of calculator tools without authentication for easy integration with AI clients like Cloudflare AI Playground or Claude Desktop.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment and Cloudflare's 'wrangler' CLI for local development and deployment.
  • ⚠️The server is intentionally deployed 'Without Auth' by design, meaning anyone with the URL can access the exposed tools.
  • ⚠️Local development and setup require Node.js and npm.
  • ⚠️Connecting local MCP clients (e.g., Claude Desktop) necessitates the use of the 'mcp-remote' proxy.
Verified SafeView Analysis
The server is explicitly designed to operate "Without Auth" as stated in the README, making it publicly accessible. While intentional for a demo/playground integration, this means the endpoint should only expose non-sensitive functionality. The provided tools (add, calculate) perform simple arithmetic and use Zod for robust input validation, mitigating common injection risks for these specific operations. No malicious patterns or 'eval' usage are observed in the source code. The primary security consideration is to avoid deploying this 'authless' setup for any sensitive production use cases.
Updated: 2025-12-05GitHub
0
0
Medium Cost
RahulM0912 icon

icore_mcp_server

by RahulM0912

Sec5

Provides a backend API for a Minecraft-related application or service.

Setup Requirements

  • ⚠️Requires a specific runtime environment (e.g., Node.js, Python, Java).
  • ⚠️May require a database (e.g., MongoDB, PostgreSQL) and corresponding connection details.
  • ⚠️Configuration via environment variables is expected for production use.
Review RequiredView Analysis
Source code was not provided for analysis. Therefore, a thorough security audit could not be performed. The score reflects an unknown risk level, as no specific vulnerabilities or dangerous patterns (like 'eval' or hardcoded secrets) could be identified or ruled out.
Updated: 2025-11-24GitHub
0
0
Medium Cost
wildan14ar icon

MCP-Server

by wildan14ar

Sec2

Manages remote SSH servers and manipulates Excel files without Microsoft Excel, serving as a modular Model Context Protocol (MCP) server for agents.

Setup Requirements

  • ⚠️Requires SSH credentials (host, user, password/private key) for server module.
  • ⚠️File path sandboxing (EXCEL_FILES_PATH) can be bypassed by providing absolute paths to Excel tools.
  • ⚠️Python 3.10+ is required (as per `pyproject.toml`).
Review RequiredView Analysis
The server has critical security vulnerabilities. 1. Arbitrary SSH Command Execution: The `SSHSession.execute` function, used by both WebSocket (`execute` message with `skip_confirm=True` or confirmed) and REST API (`/server/mcp/execute`), allows direct execution of arbitrary commands on the remote SSH server. The command warning system is client-side and bypassable for REST API calls, and the `allowlist`/`disallowlist` are not enforced by default in the WebSocket handler's SSHSession instantiation. This means a compromised MCP token or malicious client can execute any command on the remote SSH server. 2. Arbitrary Local File System Access: The `get_excel_path` function, intended to sandbox Excel file operations within `EXCEL_FILES_PATH`, is vulnerable. If an absolute path is provided as `filepath` (e.g., `/etc/passwd`), the server will attempt to access that file directly on the machine running the MCP server, potentially allowing an attacker to read or write to arbitrary files outside the intended directory. This is a severe local file access vulnerability. 3. Information Disclosure: Combining these, a malicious actor could use the local file access vulnerability to read sensitive local files, or use arbitrary SSH commands to extract sensitive data from remote servers.
Updated: 2026-01-16GitHub
0
0
Low Cost
NotMrAdan icon
Sec1

Automates the process of searching for job listings on LinkedIn and extracting relevant job data.

Setup Requirements

  • ⚠️The primary setup instruction to run 'python' directly on a remote .zip file URL is highly problematic and likely incorrect syntax, indicating a dubious installation method.
  • ⚠️Requires manual installation of Python 3.6+ and the Selenium library.
  • ⚠️Users must provide their LinkedIn login credentials directly to the application, which is a significant security risk given the suspicious installation instructions.
Review RequiredView Analysis
The installation instructions are highly suspicious: users are directed to download a .zip file from a raw GitHub link and then attempt to run it directly with 'python <zip_url>'. This command is syntactically incorrect for direct execution of a remote zip file as a Python script, which is a significant red flag. Furthermore, all 'resource' links provided in the README (Python, Selenium documentation, LinkedIn guide) also point to this same .zip file URL. This highly unusual pattern strongly suggests a potential attempt to mislead users into downloading and executing untrusted code. The application also requires users to enter their LinkedIn login credentials, posing a severe risk of credential theft if the downloaded application is malicious.
Updated: 2026-01-19GitHub
0
0
Low Cost
darkbard81 icon
Sec7

Facilitates WebSocket communication between Foundry VTT and an external Message Control Protocol (MCP) relay server.

Setup Requirements

  • ⚠️Requires Foundry VTT v13.
  • ⚠️Requires a separate, browser-accessible WebSocket relay server, which is not provided by this module.
  • ⚠️Only the 'primary GM' (the active GM with the lowest user ID) will establish and maintain the WebSocket connection.
Verified SafeView Analysis
The module's core function is to establish a WebSocket connection to a user-specified relay server and expose Foundry VTT functionalities (like chat, journal, token data, and operations) over this connection. The API key for authentication is sent as a query parameter in the WebSocket URL, which can be logged by intermediaries or exposed if not using WSS (secure WebSocket). The `journal-page` handler allows powerful operations (create, update, delete, read) on journal entries via WebSocket messages. While internal Foundry IDs are mapped to obfuscated IDs for network transmission (using `encryptUuid`), this is not a security measure against unauthorized access if the API key is compromised. Therefore, the overall security critically depends on the trustworthiness and proper securing of the external WebSocket relay server and the API key. The presence of 'Item Pile' related strings in `en.json` (despite the module's description as an MCP bridge) is a minor inconsistency that could suggest sloppy development, but does not indicate a direct code vulnerability.
Updated: 2026-01-05GitHub
0
0
Medium Cost
terraform-ibm-modules icon

tim-mcp

by terraform-ibm-modules

Sec8

An MCP server that provides AI models with structured access to the Terraform IBM Modules ecosystem, facilitating intelligent discovery and utilization of IBM Cloud infrastructure for AI-assisted infrastructure code generation.

Setup Requirements

  • ⚠️Requires `uv` package manager (Python 3.11+) to be installed locally.
  • ⚠️A GitHub Personal Access Token is highly recommended for frequent use to avoid GitHub API rate limits (60 requests/hour without, 5000 with).
  • ⚠️For local development, manual configuration of `cwd` and `env` variables in MCP client settings (e.g., Claude Desktop, VS Code) is necessary.
Verified SafeView Analysis
The server performs network requests to external APIs (Terraform Registry, GitHub) and downloads a white paper from IBM Cloud documentation. While these sources are specified and generally trustworthy, relying on external services introduces a supply chain risk. No hardcoded secrets were found; sensitive tokens like `GITHUB_TOKEN` are explicitly handled via environment variables. The HTTP transport mode, if used in production, requires a reverse proxy with HTTPS (e.g., Nginx), which is documented. No 'eval' or obfuscation patterns were identified.
Updated: 2026-01-19GitHub
0
0
Medium Cost
HarshadPanchal12 icon

MCP_server_assignment

by HarshadPanchal12

Sec8

A server that provides real-time and historical cryptocurrency market data and analytics from multiple exchanges, with caching and indicators.

Setup Requirements

  • ⚠️Relies on external cryptocurrency exchange APIs (e.g., Binance, Coinbase), which are subject to their respective rate limits and availability.
  • ⚠️The `config.yaml` file defines server, cache, exchange, logging, and data parameters, but the provided `main.py` does not explicitly show loading and applying these configurations to the initialized services. This might require manual integration or an assumed mechanism within the Docker setup.
  • ⚠️While not explicitly required by the current public data functions, API keys might be necessary for higher rate limits or authenticated features on certain exchanges in a broader use case.
Verified SafeView Analysis
The server leverages the CCXT library for cryptocurrency exchange integration, a widely used and reputable choice. Input validation for symbols, timeframes, and data limits is well-implemented to prevent common input-related vulnerabilities. No direct use of dangerous functions (e.g., `eval`, `exec`) or hardcoded sensitive credentials is evident in the provided source. Exchange interactions are for public market data. A full production deployment would require careful consideration of server exposure and authentication/authorization mechanisms.
Updated: 2025-12-10GitHub
0
0
Medium Cost
jonasneves icon

canvas-mcp-server

by jonasneves

Sec8

This server acts as a local bridge, enabling Claude Desktop to access a user's Canvas LMS data (courses, assignments, grades, events) through a Chrome extension via the Model Context Protocol (MCP) for AI assistance.

Setup Requirements

  • ⚠️Requires Node.js 14 or higher (16+ recommended).
  • ⚠️Requires manual configuration of the Chrome extension ID in the native messaging manifest file after installation.
  • ⚠️Requires an existing installation and configuration of the CanvasFlow Chrome extension with the correct Canvas URL and an active Canvas LMS login.
  • ⚠️Requires manual addition of a specific entry to Claude Desktop's `mcp.json` configuration file with the correct path to the `host.js` script.
Verified SafeView Analysis
The server operates locally, binding only to `localhost` for HTTP communication with the Chrome extension, and uses `stdio` for communication with Claude Desktop. It does not store Canvas credentials, relying on the browser's active Canvas session. CORS is broadly enabled (`Access-Control-Allow-Origin: *`) for the local HTTP server, which is acceptable given its `localhost` binding but could be tightened if the extension's origin were known and fixed. `JSON.parse` is used on `stdin` input; while this is standard for native messaging, robust error handling is present. No hardcoded secrets, obfuscation, or obvious malicious patterns were detected.
Updated: 2026-01-18GitHub
PreviousPage 629 of 713Next