Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Rishabh899 icon
Sec9

This server acts as an expense tracker, allowing users to add, list, and summarize financial expenditures using a FastMCP API.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher, as specified in `pyproject.toml`.
  • ⚠️The SQLite database (`expenses.db`) is created in a temporary directory, meaning all expense data will be lost upon system reboot or cleanup of temporary files. This design makes the data non-persistent across sessions.
  • ⚠️The `categories.json` file is expected in the same directory as `main.py` for custom categories. While defaults are provided if not found, custom category management requires this file placement.
Verified SafeView Analysis
The code employs parameterized queries for all database interactions, effectively preventing SQL injection vulnerabilities. There are no instances of `eval` or code obfuscation. No hardcoded secrets or API keys are present. The database is initialized and managed in a temporary directory, which is generally safe for isolation, though it means data is non-persistent. The server binds to `0.0.0.0`, requiring external network security if exposed publicly.
Updated: 2025-11-20GitHub
0
0
Low Cost
remysaissy icon

mcp-unix-tools

by remysaissy

Sec7

A local Model Context Protocol (MCP) server that exposes a collection of Unix tools to AI models for local development and automation tasks.

Setup Requirements

  • ⚠️Rust toolchain (2024 edition or later) and Cargo required
  • ⚠️Unix-like environment (Linux, macOS, or WSL on Windows) is mandatory
  • ⚠️Provided source for `src/main.rs` is currently a 'Hello world.'; actual Unix tool implementations are not yet present in the snippet.
Verified SafeView Analysis
The project is explicitly designed for local development and warns against exposing the server to untrusted networks. It states principles of 'Input Validation' and 'Sandboxing' for future Unix tool implementations. However, the provided `src/main.rs` is currently a 'Hello world.', so the actual implementation of command execution and its security hardening measures are not visible for direct audit. Running arbitrary commands via an AI still presents inherent risks if not perfectly isolated and validated.
Updated: 2025-11-20GitHub
0
0
Medium Cost
NikhilAdvani icon
Sec9

Manages personal expenses by allowing users to add, list, summarize, edit, delete, and search expense entries.

Setup Requirements

  • ⚠️Database stored in a temporary directory (`/tmp` or similar) and will not persist across system reboots or temporary directory cleanups, leading to potential data loss.
  • ⚠️Requires Python 3.12+ due to project configuration.
Verified SafeView Analysis
SQL queries use parameterized statements, effectively preventing SQL injection vulnerabilities. No 'eval' or other dangerous code patterns are present. No hardcoded secrets or sensitive API keys were found. The database is stored in a temporary directory, which while generally writable, could be a minor concern regarding persistence and isolation in multi-user environments.
Updated: 2025-12-13GitHub
0
0
Medium Cost
Bazilio-san icon

mcp-atlassian-ts

by Bazilio-san

Sec9

Automate and extend Atlassian JIRA and Confluence operations for AI agents using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires valid Atlassian JIRA and/or Confluence URL and credentials (username/password or Personal Access Token) in the .env file.
  • ⚠️Mandatory `MCP_SERVICE_MODE` environment variable must be set to 'jira' or 'confluence' for the server to start.
  • ⚠️Default port 3000 might be in use; requires changing `SERVER_PORT` environment variable if conflict occurs.
Verified SafeView Analysis
The server employs multiple authentication methods (Basic, PAT, OAuth2), uses `helmet` for security headers, and `rate-limiter-flexible` to prevent abuse. Sensitive configurations are correctly externalized to `.env` files. The user substitution (impersonation) feature, while powerful, requires careful administrator setup to prevent unauthorized access. CORS is limited to development environments, which is appropriate. No `eval` or obfuscation detected. Strong error handling and logging contribute to overall security and maintainability.
Updated: 2025-11-26GitHub
0
0
Medium Cost
yohanesmario icon

atlassian-mcp

by yohanesmario

Sec8

Automates interactions with Atlassian Jira and Confluence by providing a custom, unified MCP server with optimized token usage for tool definitions and robust Markdown to Atlassian Document Format (ADF) conversion.

Setup Requirements

  • ⚠️Requires ATLASSIAN_EMAIL, ATLASSIAN_API_TOKEN, and ATLASSIAN_DOMAIN environment variables to be set.
  • ⚠️If using a .env file for credentials, it must have secure permissions (e.g., `chmod 600 .env`) or it will be silently skipped.
  • ⚠️The ATLASSIAN_DOMAIN must be in the format `company.atlassian.net` (domain only, no protocol or path).
Verified SafeView Analysis
The server demonstrates good security practices including input validation (e.g., issue keys, page IDs), enforcement of TLS 1.2 for network requests, and a critical check for secure permissions (chmod 600) on the .env file. API tokens are passed via standard Basic Auth, relying on environment variable security. Potential risks include the inherent complexity of markdown-to-ADF parsing which could theoretically be vulnerable to Regular Expression Denial of Service (ReDoS) if exposed to extremely large and malicious inputs, though Go's regex engine is generally robust. Attachment uploads are handled carefully with filename sanitization and size limits. No 'eval' or direct code execution from user input is apparent.
Updated: 2025-12-15GitHub
0
0
Low Cost
berkayinam icon

mcp-server

by berkayinam

Sec9

Provides an HTTP interface for the Model Context Protocol, offering basic tools and compatibility with `mcp-use` and `MCP Inspector`.

Setup Requirements

  • ⚠️Python dependencies (via pip)
Verified SafeView Analysis
The server correctly handles JSON-RPC requests for predefined tools without dynamic code execution. Inputs are processed safely (e.g., `float()` conversion for 'add' tool). CORS is explicitly handled. No critical vulnerabilities like 'eval' or hardcoded secrets were found.
Updated: 2025-11-20GitHub
0
0
Medium Cost
Sec8

HTTP client for storing and retrieving binary/JSON data via tokens from an MCP Data Buffer server.

Setup Requirements

  • ⚠️Requires a running instance of the MCP Data Buffer server.
  • ⚠️An API token is required for most operations, obtained via `buffer-cli token:create` or similar.
  • ⚠️The `cleanup` method requires admin scope authentication.
Verified SafeView Analysis
This is an HTTP client library. Security risks are primarily related to proper handling of the `apiToken` and ensuring the configured `url` points to a trusted MCP Data Buffer instance. No `eval` or obvious obfuscation detected within the provided context.
Updated: 2025-11-20GitHub
0
0
Medium Cost
HollowLeaf1981 icon

chessboardmagic-mcp

by HollowLeaf1981

Sec9

Access user's chess repertoires and games, and retrieve TCEC and correspondence chess statistics and games for analysis within AI assistants.

Setup Requirements

  • ⚠️Requires a Chessboard Magic subscription.
  • ⚠️Requires generating a Personal Access Token (PAT) from Chessboard Magic profile.
  • ⚠️Requires Claude Pro and Claude Desktop installed for typical usage.
Verified SafeView Analysis
The server retrieves the Personal Access Token (PAT) from an environment variable, which is good practice. It does not contain 'eval' or other highly dangerous functions. Network requests are made to a specific HTTPS endpoint. Input validation primarily checks for the presence of required arguments (gameId, repertoireId, fen); the backend API is expected to handle deeper validation. There are no obvious injection vulnerabilities identified from the provided source code.
Updated: 2025-12-18GitHub
0
0
Medium Cost
laica-ayudavets icon

mcp-inmovilla

by laica-ayudavets

Sec8

Enables LLMs to manage properties, clients, owners, and retrieve enumerations from the Inmovilla real estate platform by exposing an MCP-compliant API.

Setup Requirements

  • ⚠️Requires an Inmovilla API Token (obtained from Inmovilla CRM, expires after 3 months of inactivity).
  • ⚠️Requires an OpenAI API Key (a paid service, used by the provided Python testing client).
  • ⚠️Requires a custom 'MCP_API_KEY' for authenticating against the MCP server itself.
  • ⚠️Requires Node.js version 18.19.0 or higher.
Verified SafeView Analysis
The server demonstrates good security practices by using environment variables for API keys and employing Zod for robust input validation across its tools. No 'eval' or obfuscation patterns were found in the provided source code. All external API calls are directed to the legitimate Inmovilla API endpoint. The main security consideration is the broad CORS policy (allowOrigin: "*") which could be a risk if the server is exposed publicly without additional network access controls; however, for a local MCP server, this might be an expected configuration.
Updated: 2025-12-17GitHub
0
0
High Cost
hyperflow-wms icon

montage-mcp-server

by hyperflow-wms

Sec2

Generates astronomical image mosaic workflows using the Montage toolkit through an MCP server interface, primarily for integration with LLMs like Claude Desktop.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for execution and testing.
  • ⚠️Requires access to the Docker socket (`/var/run/docker.sock`) for workflow execution.
  • ⚠️Requires network access to the IPAC archive for downloading FITS files.
Review RequiredView Analysis
Critical shell injection vulnerability in workflow generation scripts (`montage-workflow-yaml.py`, `montage-workflow-wfformat.py`): User-controlled inputs (`survey`, `band`) are directly interpolated into shell commands (`mArchiveList`, `mDAGTbls`, `mOverlaps`), allowing arbitrary command execution. Critical container escape vulnerability: The `docker-compose.yml` mounts `/var/run/docker.sock` into the `hyperflow` container, giving it root access to the host's Docker daemon. Use of `yaml.UnsafeLoader` in `server.py` could be a deserialization vulnerability if the generated YAML is ever untrusted, though in current context it loads self-generated content.
Updated: 2025-12-04GitHub
0
0
Low Cost
Digital-Defiance icon

mcp-filesystem

by Digital-Defiance

Sec9

Provides advanced filesystem operations for AI agents within strict security boundaries, including batch operations, directory watching, file search/indexing, and permission management.

Setup Requirements

  • ⚠️Requires 'workspaceRoot' to be explicitly configured in a 'mcp-filesystem-config.json' file or via 'MCP_FILESYSTEM_WORKSPACE_ROOT' environment variable.
  • ⚠️If running in Docker directly (not via docker-compose), manual ownership and permission adjustments (e.g., 'chown -R 1001:1001 workspace') for the mounted workspace directory might be necessary.
  • ⚠️The default configuration sets 'requireConfirmation: true' for destructive operations, which may interrupt automated workflows and requires explicit handling or adjustment.
Verified SafeView Analysis
The server implements a robust 10-layer security architecture, including absolute path resolution, workspace boundary checks, path traversal detection, hardcoded system/sensitive path blocklists, configurable allow/block lists, read-only mode, and symlink validation. It features extensive audit logging, rate limiting, and optional user confirmation. The Docker deployment enforces non-root users, minimal capabilities, and network isolation. No direct 'eval' or code obfuscation found; 'eval' is only mentioned in patterns for detecting malicious content, not for execution.
Updated: 2026-01-17GitHub
0
0
Medium Cost
xxfmin icon
Sec9

A Python server for indexing documents and performing semantic search on them, often used for RAG applications.

Setup Requirements

  • ⚠️Requires Python 3.14 or higher, which is a very recent version and may require environment setup.
  • ⚠️Access to the default embedding model ('Qwen/Qwen3-Embedding-0.6B') or other HuggingFace models may require an `HF_TOKEN` environment variable, which could necessitate a HuggingFace account and potentially incur costs for larger models.
  • ⚠️Relies on `fastmcp` for local development and running, which is a specific framework that users need to install.
  • ⚠️Leverages LanceDB for vector storage, which might have system-level dependencies depending on the operating system.
Verified SafeView Analysis
No direct usage of 'eval' or similar dangerous functions found in the provided Python source code. Sensitive configurations like HuggingFace tokens, server host/port, and CORS origins are properly managed via environment variables. The server exposes HTTP endpoints for communication (SSE/Streamable HTTP), which is standard for web services, but proper CORS configuration is crucial for production deployments. No obvious malicious patterns were detected.
Updated: 2025-12-15GitHub
PreviousPage 632 of 713Next