Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
fazilataqveem19 icon

MCP-Server

by fazilataqveem19

Sec8

This project implements a basic server for a Minecraft-like protocol, handling client connections, packet processing, and fundamental game state.

Setup Requirements

  • ⚠️Requires Python 3
Verified SafeView Analysis
The code does not use dangerous functions like 'eval' or 'exec' and shows no signs of obfuscation. No hardcoded secrets (API keys, passwords) were found. The server binds to 0.0.0.0 (all interfaces) by default, which is standard for a server but requires appropriate firewall configuration in production environments. The packet parsing logic (VarInt, struct) appears to handle variable lengths correctly, mitigating common buffer overflow risks in Python, but the '_process_packet' method is a placeholder and would be a critical area for future security review upon implementation.
Updated: 2025-12-02GitHub
0
0
Medium Cost
Raghav0005 icon
Sec9

Provides analytical insights and search capabilities for NYC taxi trip data from January 2025.

Setup Requirements

  • ⚠️Requires significant local data files (parquet, csv) to be present in a 'data' directory (3.5M+ trips).
  • ⚠️Requires pre-installation of Python libraries: pandas, pyarrow, fastmcp, whoosh.
  • ⚠️Initial setup involves generating a Whoosh search index (548k documents) which can take time and disk space.
Verified SafeView Analysis
The server primarily uses Pandas for data analysis and Whoosh for full-text search, with data loaded from hardcoded local paths. There are no explicit uses of `eval`, `exec`, or `subprocess.run` with unvalidated user input. It does not appear to open public network ports directly, relying on the FastMCP framework for local inter-process communication with the Gemini CLI. Data loading from parquet/csv is generally safe when file paths are controlled, as they are here. No hardcoded secrets were found.
Updated: 2025-12-15GitHub
0
0
High Cost
kanishka-namdeo icon

yfnhanced-mcp

by kanishka-namdeo

Sec9

Provides a resilient and validated financial data infrastructure for AI assistants, transforming unreliable APIs into dependable sources for investment platforms and trading systems.

Setup Requirements

  • ⚠️Significant financial statement tools (`get_balance_sheet`, `get_income_statement`, `get_cash_flow_statement`) are currently broken due to deprecation of underlying Yahoo Finance APIs and validation issues with the new `fundamentalsTimeSeries` API.
  • ⚠️Crypto (`get_crypto_quote`) and Forex (`get_forex_quote`) tools return placeholder/mock data, not real-time values, requiring custom implementation for live data.
  • ⚠️Other tools like `get_news` and `get_options` are reported to be broken due to API integration issues ('invalid options', 'set-cookie header missing'), requiring fixes to the Yahoo Finance library interaction.
Verified SafeView Analysis
The server implements robust security measures including input validation, output sanitization, and configuration validation. It actively checks for dangerous patterns, SQL injection, and command injection. Network security is enforced to prevent invalid protocols or access to private IPs. Hardcoded secrets are avoided by design, relying on environment variables or configuration files. The primary deduction is due to the inherent reliance on a frequently changing external API (Yahoo Finance), which the provided test report indicates has broken several core functionalities, potentially introducing new attack vectors or data integrity risks if not constantly monitored and adapted.
Updated: 2026-01-19GitHub
0
0
Low Cost
ganeshmalkar icon

MCP-Control-Lite

by ganeshmalkar

Sec3

Manages Model Context Protocol (MCP) servers for AI coding assistants on macOS, offering configuration, synchronization, and monitoring capabilities through a native desktop GUI and CLI.

Setup Requirements

  • ⚠️Requires macOS 10.15 (Catalina) or higher.
  • ⚠️Requires Node.js and npm for installing and managing MCP server packages from NPM.
  • ⚠️Relies on system binaries like 'curl' and 'mdfind' being available and functioning correctly.
Review RequiredView Analysis
The application's core functionality involves executing arbitrary shell commands and installing external (potentially untrusted) NPM packages directly via `npm install` and `npx`. This presents a significant security risk, as a malicious package or a compromised NPM registry could lead to arbitrary code execution on the user's system. The `search_npm_packages` function constructs shell commands that source user-specific shell configuration files (`.zshrc`, `.bashrc`, etc.), which could be exploited if those files are compromised. Extensive local file system read/write operations on application configuration files (e.g., in `~/Library/Application Support` and `~/.config`) could be a local privilege escalation vector if not handled with extreme care, especially if the app runs with elevated permissions. While `PathUtils::is_safe_path` exists, its usage might not cover all potential path traversal attack surfaces. Network calls to external registries (NPM, GitHub, PulseMCP) are also made, introducing reliance on the security of those third-party services. The application does not appear to hardcode sensitive secrets in the provided code.
Updated: 2026-01-19GitHub
0
0
High Cost
kyisoe101 icon

Varon-AI

by kyisoe101

Sec8

Varon AI is an intelligent multi-agent system designed to automate everyday tasks, including web search, messaging, coding, design, and data scraping, by coordinating a team of specialized AI agents.

Setup Requirements

  • ⚠️Requires Node.js 18+.
  • ⚠️Requires a MongoDB instance and `MONGO_URL` environment variable.
  • ⚠️Requires a Google Cloud Project with OAuth client ID and secret (`GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`).
  • ⚠️Requires an SMTP service (e.g., Brevo) and credentials (`SMTP_USER`, `SMTP_PASSWORD`) for email verification.
  • ⚠️Requires a Google Gemini API Key, likely two separate keys (`VARON_AI_API_KEY`, `VARON_AI_TEAM_API_KEY`) for main AI and specialist agents.
  • ⚠️Requires a SerpAPI Key for web search capabilities.
  • ⚠️Puppeteer (used for scraping) may require additional OS-specific dependencies (e.g., browser binaries, `libgconf-2-4` on Linux).
Verified SafeView Analysis
The server demonstrates good security practices including externalized environment variables for sensitive data (API keys, database credentials, JWT secret), robust cookie handling (`httpOnly`, `secure`, `sameSite`), and JWT-based authentication. CORS is properly configured to restrict origins. Input validation is present for user registration and login. The use of `puppeteer-extra` with `StealthPlugin` for web scraping, while powerful and intended for legitimate use, introduces a dependency that can bypass anti-bot measures, requiring trust in how the AI (and thus the user) is directed to use it. No 'eval' or obvious malicious code patterns were found. The extensive `systemInstruction` for the AI aims to embed safety and ethical guidelines.
Updated: 2026-01-19GitHub
0
0
Medium Cost
deeprunnerai icon

odoo-mcp-server

by deeprunnerai

Sec8

An MCP server enabling AI assistants like Claude to interact with Odoo ERP for reading and writing data across various modules.

Setup Requirements

  • ⚠️Requires Node.js (version 18+) installed locally on the user's machine.
  • ⚠️Requires manual configuration in Claude Code's settings (~/.claude.json) including the absolute path to the server's executable.
  • ⚠️Odoo authentication credentials (URL, DB, username, password) must be securely provided as environment variables.
Verified SafeView Analysis
The server correctly retrieves Odoo credentials from environment variables, preventing hardcoded secrets. It utilizes HTTPS for Odoo communication if configured, enhancing transport security. The `odoo_execute` tool, while powerful, directly exposes Odoo's method execution capabilities, which requires careful handling by the AI agent to prevent unintended operations. The overall design is sound for its intended purpose, but relies on secure environment configuration and responsible AI agent behavior.
Updated: 2025-12-09GitHub
0
0
Medium Cost
jeanlopezxyz icon

mcp-prometheus

by jeanlopezxyz

Sec9

MCP Server for Prometheus monitoring, enabling AI assistants to query metrics, analyze trends, and monitor infrastructure health.

Setup Requirements

  • ⚠️Requires Java 21+
  • ⚠️Requires a running Prometheus instance accessible from the server
Verified SafeView Analysis
The server uses standard Quarkus/MicroProfile REST client for Prometheus API interactions, handling PromQL queries as parameters. It securely retrieves Kubernetes ServiceAccount tokens for authentication within a cluster if available. The npm CLI downloads the JAR from GitHub releases via HTTPS. No obvious 'eval' or malicious patterns were found. The primary security risk would be the PromQL queries themselves if they are resource-intensive for the Prometheus server, but the MCP server acts as a secure proxy.
Updated: 2025-12-10GitHub
0
0
Medium Cost
gebl icon
Sec9

Seamless integration of AI assistants with Microsoft OneNote for knowledge management and content organization via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Microsoft Azure App Registration with 'Notes.ReadWrite' delegated API permissions and a configured redirect URI.
  • ⚠️Requires Go 1.21+ for local development or Docker Engine for containerized deployment.
  • ⚠️OAuth 2.0 PKCE authentication flow requires a one-time browser interaction for initial setup or re-authentication.
Verified SafeView Analysis
The project transparently highlights security risks related to AI agents autonomously modifying data and Microsoft Graph API limitations. It implements a 'Notebook-Scoped Authorization' system as an AI safety guardrail with a 'Default-Deny Security Model', preventing cross-notebook access and enforcing permissions. Authentication uses secure OAuth 2.0 PKCE. Sensitive configuration data was purged from Git history, and best practices for secret management are documented. The code does not appear to contain 'eval', obfuscation, or other malicious patterns, focusing on robust and secure integration with OneNote.
Updated: 2025-12-22GitHub
0
0
High Cost
Aldiharley icon

secpluger

by Aldiharley

Sec6

Automates multi-step penetration testing workflows, including reconnaissance, vulnerability scanning, exploitation, and reporting, with AI orchestration and evidence collection.

Setup Requirements

  • ⚠️Requires installation of numerous external security tools (e.g., Nmap, Gobuster, SQLMap, Nuclei, Nikto, tshark, mitmproxy, hydra, rustscan, playwright).
  • ⚠️Many tools require root/sudo privileges or specific user permissions (e.g., tshark/Wireshark requires adding user to 'wireshark' group and setting dumpcap permissions).
  • ⚠️BurpSuite integration requires BurpSuite Professional and 'burp-rest-api' running separately.
  • ⚠️Screenshot capture requires Playwright to be installed and browser binaries downloaded ('playwright install chromium').
  • ⚠️Optimal functionality may require an NVD API key for comprehensive CVE lookups.
Review RequiredView Analysis
The server's core function involves executing external security tools and exploits, often using 'subprocess.run(shell=True)' with dynamically constructed commands. While designed for offensive security, this poses a risk of shell injection or arbitrary command execution on the host machine if workflow JSON files or user-provided inputs (e.g., target URLs, parameters) are manipulated by untrusted sources or contain unexpected metacharacters. Strong sandboxing/isolation of the server is highly recommended.
Updated: 2025-12-04GitHub
0
0
Medium Cost

mcp-server

by charlesdassonville

Sec5

Acts as a generic server application, its specific purpose cannot be determined without source code.

Review RequiredView Analysis
No source code was provided for analysis, therefore a thorough security audit is impossible. The score is a placeholder reflecting the inability to verify safety or identify risks. There is no evidence of 'eval' or other dangerous patterns because no code was available to review.
Updated: 2025-11-25GitHub
0
0
Low Cost
deb-sahu icon
Sec8

A generic template for building Model Context Protocol (MCP) servers with a modular architecture for plug-and-play business logic.

Setup Requirements

  • ⚠️Requires Poetry for local development
  • ⚠️Requires Python 3.10+
  • ⚠️Example tools must be replaced with your custom business logic for actual use cases
Verified SafeView Analysis
The core infrastructure (Docker, Kubernetes readiness, non-root user, environment variable configuration) exhibits strong security practices. However, the `http_tools.py` example demonstrates making HTTP requests to arbitrary URLs (`fetch_api_data`). If this tool is exposed in the custom business logic without proper input validation or network controls, it could introduce Server-Side Request Forgery (SSRF) vulnerabilities. Developers should implement strict URL validation and whitelist/blacklist mechanisms when using or extending such HTTP capabilities.
Updated: 2025-11-26GitHub
0
0
High Cost
Avidan87 icon

MCP-SERVER

by Avidan87

Sec9

Estimates food portion sizes from images using depth estimation for a KAI agent, focusing on Nigerian cuisine.

Setup Requirements

  • ⚠️Initial Docker build can take 15-20 minutes due to the Depth Anything V2 model download (~100MB).
  • ⚠️Warm inference on CPU (e.g., Railway serverless) can take 30-60 seconds per request, leading to long response times and high CPU-hour consumption.
Verified SafeView Analysis
The server uses standard practices for FastAPI and ML model loading. `subprocess.run` is used in the startup script but with well-defined, non-user-controlled arguments. CORS is set to `allow_origins=["*"]`, which is broad but common for internal microservices; for a publicly exposed API, this might be overly permissive depending on the specific threat model. No hardcoded secrets or 'eval' statements were found.
Updated: 2026-01-13GitHub
PreviousPage 630 of 713Next