Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
willbaldlygo icon

notebook_mcp

by willbaldlygo

Sec8

An MCP server enabling AI agents to query Google NotebookLM notebooks via a persistent browser session.

Setup Requirements

  • ⚠️Requires manual export and injection of Google NotebookLM cookies.
  • ⚠️Google cookies expire periodically, necessitating re-export.
  • ⚠️Requires Playwright browser dependencies (`playwright install chromium`).
  • ⚠️The browser automation is single-threaded and not designed for high-concurrency requests.
Verified SafeView Analysis
The server relies on the user to manually export and securely store Google session cookies in `notebooklm_cookies.json`. While the file is git-ignored, any compromise of the local file system could expose these cookies. The `ARTIFACTS_DIR` is hardcoded, which is not ideal for portability but not a direct security risk.
Updated: 2025-12-05GitHub
0
0
High Cost
msdeepak052 icon

Kubernetes-MCP-Server

by msdeepak052

Sec6

Provides an AI-driven interface within VS Code (via WSL) to interact with and debug Kubernetes clusters using natural language queries.

Setup Requirements

  • ⚠️Requires Windows Subsystem for Linux (WSL) with Ubuntu installed.
  • ⚠️Requires `kubectl`, `aws`, and `minikube` to be pre-configured and working within WSL.
  • ⚠️Requires Node.js (LTS) to be installed within WSL.
  • ⚠️Relies on an external `@kubernetes/mcp-server` npm package which is downloaded and executed by npx.
Verified SafeView Analysis
The primary security consideration is the execution of an external 'npx' package (`@kubernetes/mcp-server`). Without its actual source code, a comprehensive security audit is impossible. The server will have direct access to the Kubernetes cluster via the user's `kubectl` and kubeconfig in WSL. The instructions mention optional flags (`--read-only`, `--disable-destructive`) to mitigate risks in production, implying default behavior might allow cluster modifications. The use of `npx -y` bypasses interactive confirmation, which can be a minor supply chain risk if the package name is compromised.
Updated: 2026-01-08GitHub
0
0
Medium Cost
Project-Saturday icon

Echo

by Project-Saturday

Sec2

Echo is an AI with persistent consciousness that learns, adapts, and develops personality through a dual-layer architecture integrated with Neo4j and Google Gemini, serving as an MCP server for natural language interaction.

Setup Requirements

  • ⚠️Requires Python 3.13+
  • ⚠️Requires Neo4j 5.15+ (with Neosemantics plugin)
  • ⚠️Requires a Google API key (Google Gemini is a paid service)
Review RequiredView Analysis
The default Neo4j password in `docker-compose.yml` and `SemanticConsciousnessManager.__init__` is hardcoded to 'password'. This is a critical security vulnerability and should be changed immediately for any deployment beyond local development. No obvious 'eval' or malicious patterns were found.
Updated: 2025-11-20GitHub
0
0
Medium Cost
saikophat icon
Sec9

AI-powered interview preparation and recruiter interactions using Retrieval-Augmented Generation (RAG) with a professional digital twin.

Setup Requirements

  • ⚠️Requires Upstash Vector Database URL and Token (free tier available with usage limits).
  • ⚠️Requires Groq API Key (free tier available with usage limits).
  • ⚠️The `digitaltwin.json` file must be populated with personal data, and then `embed_digitaltwin.py` (Python script) must be run to populate the Upstash Vector DB before the RAG system is fully functional.
  • ⚠️For local Claude Desktop integration, two separate terminal windows are required: one for the Next.js server (`pnpm dev`) and another for the `mcp-remote` bridge (`npx -y mcp-remote...`).
Verified SafeView Analysis
The project follows good security practices by storing API keys in environment variables and explicitly mentions not committing `.env.local` to Git. The Next.js server-side code handles JSON-RPC requests with input validation, reducing direct injection risks. There are no obvious uses of `eval` or other dangerous dynamic code execution patterns.
Updated: 2025-12-01GitHub
0
0
Medium Cost
Business-On-Steroids icon

MCP-VoiceAI-WhiteLabel

by Business-On-Steroids

Sec6

This MCP server integrates AI assistants with communication platforms, enabling management of users, API tokens, AI assistants, and Twilio for voice calls and SMS in the context of the VoiceAI VAVicky AiAgency platform.

Setup Requirements

  • ⚠️Requires `VAVICKY_API_KEY` and `ACCESS_TOKEN_SECRET` environment variables.
  • ⚠️Node.js version >= 18 is required.
  • ⚠️The provided tool `callback` implementations are stubs and do not execute any actual logic for interacting with external APIs (OpenAI, ElevenLabs, Twilio). Significant development is needed to make the server fully functional for its advertised features.
  • ⚠️There is a likely bug in `app.js` where `tools/assistants.js` is imported as `Twilio` and `tools/twilio.js` as `Assistant`, leading to the wrong sets of tools being registered under their intended names.
Verified SafeView Analysis
The server uses `app.use(cors())` without specific options, which defaults to allowing all origins (`*`). This is a critical security risk for a production server handling sensitive user data and API keys, as it can be exploited in certain cross-origin attacks. While JWT authentication is implemented using `ACCESS_TOKEN_SECRET` from environment variables, which is good practice, the broad CORS policy weakens overall security. All tool `callback` functions in the provided code are placeholders, merely echoing input arguments and returning 'Done'. This means the server, as delivered, does not actively process or store sensitive data like API keys (OpenAI, ElevenLabs, Twilio SIDs/Tokens) or interact with external services, reducing immediate runtime risk from *this specific code*, but indicating a significant amount of missing functional implementation for its stated purpose.
Updated: 2026-01-19GitHub
0
0
Medium Cost
heyadam icon

aids-server

by heyadam

Sec8

A production-ready MCP server that exposes design system components and style guides for AI assistants to generate UI code and understand design tokens.

Setup Requirements

  • ⚠️Requires manual configuration (modifying JSON files) in AI clients (e.g., Cursor, Claude) to connect to the MCP server, followed by a client restart.
  • ⚠️The in-memory rate limiting mechanism is reset upon serverless cold starts, meaning rate limits are not consistent across serverless instances or prolonged local development.
  • ⚠️Generating boilerplate for local development with `@mcpsystem/ui` components might require an `npm link` step if the UI package is not published.
Verified SafeView Analysis
The server implements strong input validation using Zod schemas for all JSON-RPC requests, preventing malformed inputs and potential injection attacks. Host header validation is in place to prevent injection. Rate limiting (100 requests/minute/IP) is implemented, mitigating basic DoS attacks, but it is in-memory and resets on serverless cold starts, making it less robust for persistent, distributed attacks. CORS allows all origins ('*'), which is acceptable for a public API but could be tightened if specific client origins are known. No hardcoded secrets or 'eval' usage were identified.
Updated: 2025-12-13GitHub
0
0
Medium Cost
bioanywhere icon

el-chavo-del-ocho

by bioanywhere

Sec9

A Model Context Protocol (MCP) server that provides onchain tools for AI applications to interact with the Base Network and Coinbase API, enabling direct blockchain and financial operations.

Setup Requirements

  • ⚠️Requires Coinbase Developer Platform (CDP) API Key Name and Private Key for core functionality.
  • ⚠️A wallet seed phrase is required for any write operations (e.g., transfers, contract deployments); read-only operations can use a generated fallback phrase.
  • ⚠️Additional third-party API keys (Alchemy for NFTs, Neynar for Farcaster, Coinbase Project ID for Onramp, and optionally OpenRouter for credits) are necessary to enable full tool functionality.
Verified SafeView Analysis
The server demonstrates good security practices by utilizing environment variables for all sensitive API keys (COINBASE_API_KEY_NAME, COINBASE_API_PRIVATE_KEY, SEED_PHRASE, ALCHEMY_API_KEY, NEYNAR_API_KEY, OPENROUTER_API_KEY, COINBASE_PROJECT_ID) instead of hardcoding them. It includes checks for the presence of critical environment variables before proceeding with operations. There are no instances of `eval` or obvious obfuscation. Network interactions are with well-known Web3 and Coinbase APIs, and anonymous usage telemetry is is mentioned in the CHANGELOG. The primary security considerations are external to the code's direct vulnerabilities, focusing on the secure handling of the wallet seed phrase and API keys by the user, and the inherent risks associated with on-chain transactions. The client-side configuration using `npx -y base-mcp@latest` has a minor theoretical supply-chain risk if a malicious package is published, but this is a standard npm behavior for running packages.
Updated: 2025-12-10GitHub
0
0
Medium Cost
Ahmedvision icon

zen-mcp-server

by Ahmedvision

Sec9

A Multi-Model Communication Protocol (MCP) server designed for orchestrating and enhancing various AI-powered software development and analysis tools and workflows.

Setup Requirements

  • ⚠️Requires Docker to be installed for deployment.
  • ⚠️At least one API key (e.g., GEMINI_API_KEY, OPENAI_API_KEY, or XAI_API_KEY) is mandatory, typically linking to paid AI services.
  • ⚠️Using certain advanced models (e.g., O3-Pro, as highlighted in `test_o3_pro_expensive.py`) can incur extremely high token costs.
Verified SafeView Analysis
The server demonstrates strong inherent security practices: it runs as a non-root user ('zenuser'), utilizes a read-only filesystem with tmpfs for temporary files, and operates solely via standard I/O (stdio) without exposing any network ports. Secrets are managed securely through environment variables. The codebase includes extensive tests for detecting various security vulnerabilities in *simulated* code, indicating a robust focus on security for the AI's output rather than the server's own vulnerabilities.
Updated: 2026-01-19GitHub
0
0
Medium Cost
abedmreyan icon

DEV-MCP-Server

by abedmreyan

Sec3

The server enables AI agents to manage software development lifecycle across multiple platforms like GitHub, Netlify, Supabase, Azure, and Google Workspace, effectively setting up a semi-autonomous dev team.

Setup Requirements

  • ⚠️Requires API keys/credentials for up to 10 different cloud and AI services, demanding extensive manual setup.
  • ⚠️Google Sheets and Tasks require specific Google Cloud API enablement and sharing a Google Sheet with a service account email.
  • ⚠️AI integrations (Perplexity, Gemini) will incur usage-based costs based on token consumption.
Review RequiredView Analysis
The direct execution of raw SQL queries provided by the AI agent through the `supabase_query`, `azure_query_postgresql`, and `azure_query_mysql` tools poses a severe SQL injection vulnerability. Similarly, `supabase_create_table` directly uses an input schema string, allowing arbitrary schema modification. Any malicious or unverified input from the AI could lead to unauthorized data access, modification, deletion, or schema manipulation on the integrated databases. These integrations lack explicit input sanitization, which is critical given the extensive access granted to an AI agent across numerous powerful platforms.
Updated: 2025-11-29GitHub
0
0
Low Cost
GoFeytch icon
Sec3

A minimal Model Context Protocol (MCP) server that acts as a connector to an AI LLM proxy, designed to forward chat requests for Data Loss Prevention (DLP) and policy enforcement.

Setup Requirements

  • ⚠️Requires an external AI LLM proxy running and accessible at the configured LLM_PROXY_URL.
  • ⚠️This server is an MCP server, meaning it requires an MCP host (e.g., Claude Desktop style) to connect to and invoke its 'secure_llm_chat' tool.
  • ⚠️The hardcoded 'Bearer demo-internal-key' is a security risk and should be replaced with a secure, configurable mechanism for production use.
Review RequiredView Analysis
The server includes a hardcoded secret `Authorization: "Bearer demo-internal-key"` in `src/proxyClient.ts`. This is a critical security vulnerability as it allows anyone with access to the code to authenticate with the LLM proxy, potentially bypassing intended access controls. The server's core function relies on an external proxy for all security enforcement, so its own security posture is limited to its role as a connector.
Updated: 2025-12-02GitHub
0
0
Medium Cost
samjjmmmm icon

n8n-hubspot-mcp

by samjjmmmm

Sec8

Facilitates an AI agent in fetching and summarizing HubSpot deal data, including engagements, by calling an n8n webhook.

Setup Requirements

  • ⚠️Requires an n8n instance with a workflow configured to fetch HubSpot deal and engagement data. The specific n8n webhook URL is hardcoded in `server.js` and needs to be updated in the source code if deploying to a different n8n instance.
  • ⚠️Requires Node.js to run.
Verified SafeView Analysis
The `N8N_WEBHOOK_URL` is hardcoded in `server.js`, which is a configuration management issue and reduces deployment flexibility. It should ideally be an environment variable. The `/sse` endpoint uses `Access-Control-Allow-Origin: *`, which is broad but acceptable for publicly exposing tool definitions. The server acts as a proxy, forwarding `dealId` to an n8n webhook; potential security risks related to data handling or authentication for HubSpot data depend entirely on the security and implementation of the n8n workflow. No `eval` or direct malicious patterns found in this server's code.
Updated: 2025-11-20GitHub
0
0
Medium Cost
umeshsungardas icon
Sec2

Provides backend API and control plane functionalities, potentially managing other services or devices.

Setup Requirements

  • ⚠️Likely requires a specific runtime environment (e.g., Node.js, Python, Java) to be installed.
  • ⚠️May require a database (e.g., PostgreSQL, MongoDB, MySQL) for data persistence.
  • ⚠️Specific port configurations might be necessary for network access.
Review RequiredView Analysis
A critical security audit cannot be performed as no source code was provided for analysis. Therefore, it's impossible to check for common risks like 'eval' usage, obfuscation, network vulnerabilities, hardcoded secrets, or malicious patterns. Running this server without a proper code review is highly risky.
Updated: 2025-11-27GitHub
PreviousPage 646 of 713Next