Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
ramonayy icon

rag2mcp_client

by ramonayy

Sec8

Provides a RAG (Retrieval Augmented Generation) service via an MCP (Message Control Protocol) endpoint, allowing semantic search over vectorized document sections stored in a PostgreSQL database.

Setup Requirements

  • ⚠️Docker required to run the PostgreSQL database with pgvector extension.
  • ⚠️Requires Python 3.13 or higher.
  • ⚠️Initial database population requires running 'src/database/db.py' with PDF documents present in the configured data directory.
  • ⚠️Requires a HuggingFace SentenceTransformer model (specified by EMBEDDING_MODEL env var) to be downloaded/accessible.
Verified SafeView Analysis
SQL queries utilize parameterized statements to prevent injection. Database credentials are expected to be loaded from environment variables (e.g., .env file). Input validation for the 'ids' parameter converts string parts to integers, which helps prevent direct code injection, but malformed input could lead to runtime errors.
Updated: 2025-12-03GitHub
0
0
Medium Cost
trupti79916 icon
Sec4

The MCP server acts as a unified gateway to connect to and interact with multiple database types (PostgreSQL, MongoDB, Redis, SAP HANA) via dynamically generated tools.

Setup Requirements

  • ⚠️Requires Python 3.8+ and `pip install -r requirements.txt`.
  • ⚠️Requires meticulous configuration of `config.yaml` and a `.env` file with correct database credentials for active connectors.
  • ⚠️The MongoDB connector includes `tlsAllowInvalidCertificates=True`, which is a significant security risk for production environments that users must explicitly address by removing or properly configuring TLS.
  • ⚠️Database connectors are initialized lazily, meaning connection errors for a specific database will only surface when a tool targeting that database is first called, not during server startup.
  • ⚠️The HANA DB connector (`hdbcli`) might have specific system-level dependencies or installation complexities beyond typical Python packages.
Review RequiredView Analysis
The MongoDB connector sets `tlsAllowInvalidCertificates=True`. While the code comment suggests this is for development, it is a critical security vulnerability for production deployments as it disables TLS certificate validation, making the connection susceptible to man-in-the-middle attacks. This makes the system unsafe for sensitive data in production. Other database connectors use parameterized queries (PostgreSQL, HANA), which is good for SQL injection prevention. Credentials are handled via environment variables, which is a good practice.
Updated: 2025-11-26GitHub
0
0
Low Cost
Anshida-Ansari icon

mcp-server

by Anshida-Ansari

Sec9

Provides a simple API for classifying messages into predefined categories based on keywords.

Setup Requirements

  • ⚠️Requires Node.js runtime.
  • ⚠️The 'dotenv' dependency is imported but 'dotenv.config()' is not called in 'index.js', meaning the 'PORT' environment variable must be explicitly set in the environment (e.g., `PORT=3000 node index.js`) rather than relying on a .env file for automatic loading by the application.
  • ⚠️The server utilizes 'express' version 5.2.1, which is a pre-release (alpha/beta) version. This might lead to unexpected behavior or compatibility issues compared to the stable Express 4.x.x series.
Verified SafeView Analysis
The server uses Zod for input validation and the provided 'classifyMessage' tool's logic is simple string matching, making it resistant to common injection attacks. No 'eval', hardcoded secrets, or direct network risks are observed in the provided code. The use of Express v5.x.x, an unstable version, could introduce unforeseen issues, but the immediate implementation is robust for its scope.
Updated: 2025-12-15GitHub
0
0
Medium Cost
ishumilin icon
Sec9

Provides a read-only Model Context Protocol (MCP) server for interacting with Switzerland's open data portal (opendata.swiss, CKAN).

Setup Requirements

  • ⚠️Requires access to the external opendata.swiss (CKAN) API for full functionality.
  • ⚠️SQL datastore queries via `datastore_search_sql` are disabled by default and require setting `ENABLE_SQL=true` in the environment variables to use.
Verified SafeView Analysis
The server demonstrates strong security practices including comprehensive input validation using Zod, server-side clamping of row limits, and configurable HTTP timeouts. The most sensitive tool, `datastore_search_sql`, is disabled by default (`ENABLE_SQL=false`) and includes basic regex guards against DDL/DML operations if enabled. No 'eval' or obfuscation found. Network calls are primarily to a configurable CKAN API base URL. The `fetchResource` utility, while capable of fetching arbitrary URLs, is not directly exposed as an MCP tool in the provided code, mitigating potential SSRF risks through that pathway.
Updated: 2025-11-20GitHub
0
0
Low Cost
KyleDeng icon

mcp_server_test

by KyleDeng

Sec8

Implements a Model Context Protocol (MCP) server to expose Python functions as tools, resources, and prompts for AI agent interaction, facilitating local file system operations, simple arithmetic, and account tracking.

Setup Requirements

  • ⚠️Requires Python 3.x environment.
  • ⚠️Certain tools (e.g., `list_desktop_files`) are Linux/MacOS exclusive due to platform-specific path resolution (`os.path.expanduser("~/Desktop")`).
  • ⚠️Creates data files (`.accounting_data/accounting_data.json`, `history.json`) in the current working directory, which might lead to unexpected files if not managed.
Verified SafeView Analysis
The server primarily performs local file system operations and arithmetic calculations. The 'list_desktop_files' tool exposes desktop file names, which is a minor privacy consideration if exposed to untrusted agents, but is explicitly documented. No 'eval' or other direct code execution vulnerabilities found. Uses local network (127.0.0.1) for SSE transport by default, limiting immediate external exposure. Tools typically require user approval in the client agent.
Updated: 2025-12-03GitHub
0
0
Low Cost
DavidMFresneda icon

MCPStreamable

by DavidMFresneda

Sec9

This server exposes a simple 'greeting' function as an HTTP-streamable microservice using the MCP framework.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher
  • ⚠️Requires the 'mcp[cli]' package to be installed
Verified SafeView Analysis
The provided code snippet does not contain any obvious security vulnerabilities like 'eval', hardcoded secrets, or malicious patterns. Security relies heavily on the underlying 'mcp' framework and its handling of the 'streamable-http' transport.
Updated: 2025-12-15GitHub
0
0
Low Cost
WizzdimAdmin icon

mcpresearch

by WizzdimAdmin

Sec9

An MCP-compliant server designed for learning, experimentation, and integration with an AI platform, providing placeholder tools, resources, and prompts.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Local setup recommends Conda environment for dependencies
  • ⚠️Docker is needed for HTTP transport in a deployed context
Verified SafeView Analysis
The server's current implementation is minimal with placeholder logic for most tools, resources, and database/backend interactions, which limits immediate attack surface. It uses standard Python libraries and FastMCP SDK. The `backend_client` uses `httpx` with `response.raise_for_status()` for basic error handling and has a hardcoded internal Docker network URL (`http://backend:8000`), which is appropriate for a containerized setup. No obvious 'eval', 'exec', or direct command injection vectors are present in the provided source code. Future expansions, especially when filling in placeholder implementations for actual database queries, external API calls, or agent logic, will require careful security review.
Updated: 2025-12-14GitHub
0
0
Medium Cost
quartz-labs-dev icon

pabal-web-mcp

by quartz-labs-dev

Sec3

A Model Context Protocol (MCP) server for bidirectional conversion and optimization of App Store Optimization (ASO) data with web SEO content, enabling synchronized app store listings and web presence.

Setup Requirements

  • ⚠️Requires Node.js >= 18.
  • ⚠️Requires `pabal-mcp` to be installed and its `dataDir` configured in `~/.config/pabal-mcp/config.json` to the absolute path of the `pabal-web` project.
  • ⚠️Requires `mcp-appstore` server (an external tool) to be installed and running/configured for `keyword-research` functionality.
Review RequiredView Analysis
CRITICAL: Path Traversal Vulnerability. The `slug` and `appSlug` parameters used in tools (e.g., `init-project`, `aso-to-public`, `public-to-aso`, `improve-public`, `validate-aso`, `keyword-research`, `create-blog-html`) are directly concatenated into file paths using `path.join`. These parameters are user-provided strings (after `trim()`) and are not sanitized to prevent path traversal sequences (e.g., `../../`). A malicious user could potentially read, write, or overwrite arbitrary files on the system by providing a crafted `slug` or `appSlug`. MODERATE: External Image Downloads. The `downloadImage` function in `public-to-aso` fetches images from external URLs. While the URLs originate from the `config.json` (assumed trusted), if `config.json` could be manipulated by a malicious actor, it could lead to Server-Side Request Forgery (SSRF) or downloading of malicious content. No obvious hardcoded credentials were found, as the server defers credential management to `pabal-mcp`'s configuration.
Updated: 2025-12-28GitHub
0
0
Medium Cost
dongood icon
Sec9

Enables Claude to communicate with Jenkins CI/CD servers to query build information, analyze failures, and monitor CI/CD infrastructure.

Setup Requirements

  • ⚠️Requires JENKINS_URL, JENKINS_USERNAME, and JENKINS_API_TOKEN environment variables.
  • ⚠️When configured with Claude Desktop or Claude Code, the 'args' path to the server's 'build/index.js' must be an absolute path.
Verified SafeView Analysis
The server uses environment variables for sensitive information (Jenkins URL, username, API token), preventing hardcoding. Communication with Jenkins relies on HTTPS and Basic Authentication, securing credentials in transit. Error messages are sanitized via `extractSafeError` to prevent sensitive data leakage. No 'eval' or obvious obfuscation was found. The use of stdio for MCP communication avoids exposing network ports directly from the server.
Updated: 2026-01-16GitHub
0
0
Low Cost
dominicholmes21 icon

hello-world-mcp

by dominicholmes21

Sec9

A minimal Model Context Protocol (MCP) server designed to verify MCP client configurations and test a basic end-to-end integration workflow.

Setup Requirements

  • ⚠️Requires Node.js v18.0.0 or higher.
  • ⚠️Communicates over standard input/output (stdio), expecting to be spawned by an MCP client or managed process for interaction.
Verified SafeView Analysis
The server implements very minimal logic, primarily returning a static "Hello World!" message. It utilizes the `@modelcontextprotocol/sdk` and communicates via standard I/O (stdio), which limits direct network exposure but requires a secure execution environment. No obvious malicious patterns, hardcoded secrets, or dangerous functions like `eval` are present in the provided source. Reliance on the security of the MCP SDK.
Updated: 2026-01-19GitHub
0
0
Low Cost
bioanywhere icon
Sec9

Provides Docker deployment and CI/CD configuration for a generic MCP server application.

Setup Requirements

  • ⚠️Requires Docker installed to build and run containers.
  • ⚠️GCP_CREDENTIALS and GCP_PROJECT_ID secrets are required in repository settings for automated builds to Google Artifact Registry.
  • ⚠️The actual server application code itself is not provided, only the deployment infrastructure.
Verified SafeView Analysis
The provided Docker deployment configuration files (`docker-compose.yml`, `run.sh`, `README.md`) utilize standard, secure practices for containerization and CI/CD setup. No 'eval', hardcoded secrets, obfuscation, or obvious malicious patterns were found. Environment variables for credentials are noted to be handled as secrets in CI/CD. The primary security surface would lie within the actual application code run inside the Docker image, which is not provided in this analysis.
Updated: 2025-12-02GitHub
0
0
Medium Cost
Dhull442 icon
Sec9

Interactive AI chat with document retrieval and extensible tool integration via a command-line interface.

Setup Requirements

  • ⚠️Requires Openrouter API Key (Paid)
  • ⚠️Requires Python
  • ⚠️Requires `MODEL` environment variable (e.g., 'anthropic/claude-3-haiku:beta')
Verified SafeView Analysis
API keys are properly loaded from environment variables. Local server communication uses standard I/O (stdio_client). Tools defined in `mcp_server.py` (read_doc, edit_doc, write_doc) operate on an in-memory dictionary, preventing direct file system access and significantly limiting potential malicious actions related to document manipulation. No 'eval' or code obfuscation found.
Updated: 2025-11-22GitHub
PreviousPage 639 of 713Next