Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
coreyhahn icon

vivado_mcp

by coreyhahn

Sec2

Enables AI assistants to directly interact with AMD/Xilinx Vivado FPGA development tools for tasks like session management, project manipulation, design flow, reports, analysis, design queries, and simulation.

Setup Requirements

  • ⚠️Requires AMD/Xilinx Vivado (tested with 2023.2+) to be installed on the host system.
  • ⚠️Vivado executable must be in the system's PATH or explicitly specified during session startup.
  • ⚠️Initial Vivado session startup can take 20-30 seconds, leading to a noticeable delay for the first command.
Review RequiredView Analysis
The server includes a `run_tcl` tool that allows arbitrary Vivado TCL commands to be executed directly on the host system. Tools like `open_project` and `generate_full_report` can read from and write to arbitrary file paths on the host system. There is no explicit input sanitization against TCL injection or path traversal for user-provided arguments in many commands. These capabilities, while powerful for AI automation, pose significant security risks if the server or the AI client interacting with it were compromised or misused, potentially leading to arbitrary code execution, data exfiltration, or system damage.
Updated: 2026-01-18GitHub
0
0
Low Cost
Aarav-Shokeen icon

retell-mcp-server

by Aarav-Shokeen

Sec7

A Node.js server that acts as a custom Minecraft server or proxy, allowing Minecraft clients to connect and interact using the Minecraft Protocol.

Setup Requirements

  • ⚠️Requires Node.js runtime.
  • ⚠️Requires 'npm install' to resolve dependencies (e.g., 'mineflayer-server', 'ws').
  • ⚠️The server defaults to 'onlineMode: false', allowing unauthenticated connections, which poses a security risk if exposed publicly.
Verified SafeView Analysis
No 'eval', obfuscation, hardcoded secrets, or obvious malicious patterns were found in the provided code. However, the 'mineflayer-server' is configured with 'onlineMode: false', which means it does not authenticate users with Mojang. This is a significant security risk if the server is exposed publicly, allowing anyone to connect with any username. For local or development use, it might be acceptable, but it requires careful consideration for production deployment.
Updated: 2025-11-24GitHub
0
0
High Cost
LiamDabelstein icon

4970r-smart-coding-mpc

by LiamDabelstein

Sec9

This MCP server enables LLMs to securely analyze GitHub codebases, gather context (repo map, project overview, commit history, PR intent), and safely submit code contributions like automated documentation and refactoring via a structured branch and Pull Request workflow.

Setup Requirements

  • ⚠️Requires a specific GitHub App ('4970r-smart-coding-mpc') to be installed on the user's GitHub account or organization for repository access.
  • ⚠️Users must manually complete a GitHub OAuth Device Flow (click a link, enter a code) to generate a personal access token, which then needs to be manually configured into the LLM client's environment (e.g., as 'GITHUB_PERSONAL_ACCESS_TOKEN' in Claude Desktop config).
  • ⚠️The server requires the 'GITHUB_CLIENT_ID' environment variable to be set for the GitHub App.
  • ⚠️Python dependencies (fastmcp, httpx, python-dotenv) must be installed.
Verified SafeView Analysis
The server implements good security practices for GitHub integration. It uses environment variables for sensitive IDs, a secure OAuth Device Flow for user authentication, and validates access tokens for basic format. All network requests use httpx, a standard secure client. Commit operations leverage SHA verification to prevent conflicts. No 'eval' or other direct arbitrary code execution patterns were found. The primary security consideration lies in the permissions granted to the GitHub App and the capabilities of the LLM interacting with the server.
Updated: 2025-12-03GitHub
0
0
Medium Cost
lin-jona icon

hn_flat

by lin-jona

Sec8

A tool to fetch and flatten Hacker News discussions into clean, readable markdown format, designed for use with AI assistants.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires `uv` for dependency management and execution
  • ⚠️Requires manual configuration in Claude Desktop's `claude_desktop_config.json` for AI assistant integration
Verified SafeView Analysis
The server fetches HTML from a user-provided URL using the `requests` library and parses it with `BeautifulSoup`. This is its intended functionality. While making network requests to arbitrary URLs inherently carries a risk of exposing the host to external content, there are no obvious code injection points, uses of `eval`, or hardcoded secrets in the provided source code. As with any web fetching tool, care should be taken regarding what URLs are processed if the server is run in a sensitive environment.
Updated: 2026-01-19GitHub
0
0
Medium Cost
congthien2003 icon

sabo-mcp

by congthien2003

Sec8

A Model Context Protocol (MCP) server for AI/LLMs to store conversational memories locally and optionally synchronize them with a Supabase cloud backend, and to pull AI agent workflows into a project directory.

Setup Requirements

  • ⚠️Requires Bun runtime (>= 1.2.x).
  • ⚠️Supabase account and configured MEMORIZE_MCP_SUPABASE_URL, MEMORIZE_MCP_SUPABASE_SERVICE_ROLE_KEY environment variables are required for cloud sync features.
  • ⚠️Database schema migration (SQL) must be manually run on the Supabase project for cloud sync features.
  • ⚠️Environment variables for project root, project slug, and workflow target directory are essential for full functionality.
Verified SafeView Analysis
The server uses environment variables (e.g., MEMORIZE_MCP_SUPABASE_SERVICE_ROLE_KEY) for sensitive Supabase credentials, which is good practice. Path traversal vulnerabilities are explicitly mitigated in the `pullWorkflows` logic using `path.basename` and `path.resolve` checks. However, a similar explicit input sanitization/validation for the `filename` parameter in `save_memorize` (handled by `saveLocalMemory`) is not as robust. While `path.join` offers some protection, an adversarial `filename` (e.g., containing `../`) could potentially write files outside the intended memory directory if not sanitized before being passed to `path.join`. No `eval` or code obfuscation was found.
Updated: 2026-01-19GitHub
0
0
Medium Cost
sjjsjj2554 icon

SitecoreMCP

by sjjsjj2554

Sec5

Integrate Sitecore CMS with AI assistants (such as Claude and GitHub Copilot) to manage content, track versions, navigate hierarchies, and perform CRUD operations using natural language commands or explicit tool calls via GraphQL.

Setup Requirements

  • ⚠️Requires a Sitecore instance (version 10.1+ recommended for full GraphQL features).
  • ⚠️Requires a valid Sitecore API key with appropriate permissions (read/write depending on operations).
  • ⚠️Default `rejectUnauthorized: false` for HTTPS agent makes it insecure for production over untrusted networks unless explicitly configured otherwise.
  • ⚠️Sitecore GraphQL schema can vary; some features (e.g., `templates()` query, advanced search filters, sites query returning data) may not function as expected on all instances, necessitating schema investigation and client-side filtering/sorting.
Review RequiredView Analysis
The server uses `rejectUnauthorized: false` for its HTTPS agent by default, which bypasses SSL certificate validation. While noted for local development with self-signed certificates, this setting is a critical security vulnerability in production environments as it allows for Man-in-the-Middle (MITM) attacks. All secrets (API key, username, password) are correctly loaded from environment variables. The natural language command parser maps to predefined internal methods, limiting direct remote code execution from chat commands, but relies on the AI model's safety and proper tool instruction. The project explicitly bans Sitecore PowerShell Extensions (SPE) due to high security risks, which is a strong positive.
Updated: 2026-01-19GitHub
0
0
Low Cost
YunYouJun icon

starter-mcp-server

by YunYouJun

Sec9

This server acts as a proxy to the National Weather Service (NWS) API, providing weather alerts and forecasts based on state codes or geographical coordinates.

Setup Requirements

  • ⚠️Requires pnpm for dependency management and script execution.
  • ⚠️The MCP Server configuration (`mcp.json`) for clients requires an absolute path to the compiled `dist/index.mjs` file.
  • ⚠️Relies on the National Weather Service (NWS) API, which primarily covers US locations; requests for non-US locations will likely fail for the forecast tool.
Verified SafeView Analysis
The server makes outgoing HTTP requests to 'https://api.weather.gov', a legitimate public weather API. Input validation for tool arguments is implemented using 'zod', mitigating common injection risks. Communication with the MCP client is handled via StdioServerTransport, which communicates over standard I/O, reducing typical network attack surfaces. No hardcoded secrets or 'eval' statements were found. The User-Agent is generic and could be more descriptive for API politeness in a production environment, but this is not a security flaw.
Updated: 2025-12-13GitHub
0
0
Low Cost
friedrichwilken icon
Sec8

An extendable Kubernetes Model Context Protocol (MCP) server that replicates original functionality and serves as a foundation for custom toolset extensions.

Setup Requirements

  • ⚠️Requires Go 1.25 or later.
  • ⚠️Requires access to a Kubernetes cluster and a configured kubectl with appropriate permissions.
  • ⚠️The `kubernetes-mcp-server` repository must be cloned as a sibling directory to this project for building, due to a Go module `replace` directive.
Verified SafeView Analysis
The server's primary function is to expose Kubernetes tools, which inherently involves sensitive operations on a cluster. However, the source code provided does not reveal obvious internal vulnerabilities such as 'eval' or direct arbitrary command execution outside of specific test scenarios. It offers configurable security measures for HTTP transport, including OAuth, token validation, and CA certificate support. Hardcoded secrets are not apparent. The comprehensive testing strategy also indicates a focus on reliability and compatibility, which can contribute to overall security.
Updated: 2025-11-26GitHub
0
0
Low Cost
STetsing icon

sourcify-mcp

by STetsing

Sec8

This server acts as a Model Context Protocol (MCP) wrapper for the Sourcify API, enabling AI assistants to perform smart contract verification, lookup, and similarity searches.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher to run.
  • ⚠️Relies on configuration via a `.env` file for Sourcify API base URL and timeout, though defaults are provided.
  • ⚠️Designed to be consumed by an MCP-compatible client (e.g., Claude Desktop) which manages the server process and communication (typically via stdio).
Verified SafeView Analysis
The server correctly uses environment variables for sensitive configurations like API URLs and timeouts, avoiding hardcoded secrets. Input validation for tool parameters is implemented using Zod, enhancing robustness against malformed requests. Comprehensive error handling wraps Sourcify API errors for clearer communication. However, the HTTP mode explicitly enables `CORS` for all origins (`*`), and while an `ALLOWED_HOSTS` environment variable is defined, it is not currently used to restrict this, which could be a concern in some deployment scenarios if the server is exposed publicly beyond a trusted MCP client network. For its intended use as a local or controlled AI agent tool, the risk is mitigated.
Updated: 2026-01-19GitHub
0
0
Low Cost
evilGmonkey icon
Sec9

A production-ready Model Context Protocol (MCP) server for secure, multi-database SQL access to Supabase and PostgreSQL instances, built for AI coding assistants and automation workflows.

Setup Requirements

  • ⚠️Requires Docker and docker-compose (recommended) or Python 3.11+ for local development.
  • ⚠️Requires access to PostgreSQL/Supabase databases with valid credentials.
  • ⚠️Requires manual creation of dedicated database roles (e.g., 'mcp_readonly', 'mcp_readwrite') in your PostgreSQL/Supabase instance, although a setup script is provided.
  • ⚠️Requires configuring 'MCP_TOKEN' and at least one complete database connection (CONN_<name>_HOST, CONN_<name>_DBNAME, CONN_<name>_USER, CONN_<name>_PASSWORD) in a '.env' file.
Verified SafeView Analysis
The server demonstrates a strong security posture with a default read-only mode, bearer token authentication, and robust SQL injection prevention through parameterized queries. A well-defined database role strategy (mcp_readonly and mcp_readwrite) promotes the principle of least privilege. The 'is_readonly' function effectively blocks common write operations. Warnings are logged if the authentication token is not set, preventing silent unauthenticated access. While authentication via query parameters is supported, the documentation correctly recommends using HTTP headers for better security.
Updated: 2026-01-19GitHub
0
0
Low Cost
marcusbaer icon

poc-mcp-server-wttr

by marcusbaer

Sec9

Provides a weather forecasting tool for Model Context Protocol (MCP) agents by integrating with the wttr.in API.

Setup Requirements

  • ⚠️Requires a Node.js runtime environment.
Verified SafeView Analysis
The server makes external 'fetch' requests to the public wttr.in API. The 'city' input parameter is properly URL-encoded using 'encodeURIComponent' to mitigate injection risks. No hardcoded secrets, 'eval', or other malicious patterns were found in the provided source code. The primary risk is reliance on an external, untrusted API for data, which is inherent in its functionality.
Updated: 2025-11-28GitHub
0
0
High Cost
khglynn icon
Sec9

This server enables bulk Spotify operations including batch playlist creation, large-scale library management, and confidence-scored song matching for importing song lists.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires a Spotify account and Spotify Developer credentials (Client ID, Client Secret)
  • ⚠️One-time interactive authentication process (opens browser to log in to Spotify)
  • ⚠️Requires manual configuration in Claude Code settings (`~/.claude/settings.local.json`)
Verified SafeView Analysis
The server follows good practices for handling sensitive information by using environment variables (`.env`) for Spotify API credentials and by explicitly gitignoring the `.env` file and the `.spotify_cache/` directory where authentication tokens are stored. It uses `spotipy` for Spotify API interaction, which handles OAuth securely. No 'eval' or obvious malicious patterns were found. Users should be aware that the server requests broad Spotify API scopes necessary for its functionality (e.g., modifying playlists, reading library data), so understanding these permissions is important.
Updated: 2025-12-22GitHub
PreviousPage 635 of 713Next