Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
kipkemoifred icon

mcp_server

by kipkemoifred

Sec9

A Spring Boot application demonstrating Spring AI tool integration for retrieving weather information and a GraphQL client for fetching country data, acting as a service component for conversational AI.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) 17+.
  • ⚠️Building the application requires a build tool like Maven or Gradle (not explicitly provided in source, but implied by project structure).
Verified SafeView Analysis
The application makes external API calls to 'https://countries.trevorblades.com/' (GraphQL) and 'https://api.weather.gov/' (REST). No hardcoded sensitive secrets are visible. There are no signs of 'eval' or other dangerous dynamic code execution patterns. The 'User-Agent' in WeatherService includes a placeholder email ('your@email.com') which should be configured for a production environment but isn't a direct security risk.
Updated: 2025-11-25GitHub
0
0
Low Cost
dmj03 icon
Sec9

Automate Jira issue creation and management through an MCP server.

Setup Requirements

  • ⚠️Requires access to a Jira instance and a user with permissions to create issues and generate an API token.
  • ⚠️The environment variables JIRA_URL (optional, defaults to deepakjohnart.atlassian.net), JIRA_EMAIL, and JIRA_API_TOKEN must be correctly configured.
  • ⚠️Requires Python packages 'fastmcp' and 'httpx' to be installed.
Verified SafeView Analysis
Uses environment variables for sensitive credentials (JIRA_EMAIL, JIRA_API_TOKEN), which is a good security practice. No 'eval' or other dynamic code execution detected. The server connects to an external Jira API, which implies a reliance on the security of the configured Jira instance and API token.
Updated: 2026-01-19GitHub
0
0
Low Cost
NirjharDeb icon
Sec3

An MCP server prototype for evaluating hidden-payload delivery to LLMs in agentic IDEs for ML security research and defensive testing.

Setup Requirements

  • ⚠️Requires `fastmcp` Python library (implicit dependency)
  • ⚠️Requires Python 3.8+
Verified SafeView Analysis
The project's explicit goal is to evaluate 'hidden-payload delivery to LLMs', and its source code implements several techniques that are inherently security-relevant patterns. The `translate_text` tool, for instance, actively injects a base64-encoded 'SYSTEM INSTRUCTION' into its output, which contains instructions intended to manipulate the LLM's behavior (e.g., to call another tool). Other tools use zero-width characters, hidden HTML comments/divs, and ANSI escape codes for obfuscation. The `read_gdoc` tool performs network requests to external Google Docs, which, while targeted, represents a potential vector for SSRF if not carefully managed or if a malicious URL could be injected. While the project states 'no malicious use' and is for 'defensive testing', the techniques demonstrated are direct implementations of methods used in LLM instruction injection and payload delivery, which are security vulnerabilities in a general context. The `send_email` tool is simulated and does not actually send emails, which is a positive from a security perspective.
Updated: 2025-11-30GitHub
0
0
Medium Cost
PaulRoze icon
Sec9

Provides comprehensive documentation, code patterns, and troubleshooting guides for NVIDIA ConnectX-7, DOCA, VMA, and RDMA driver development, primarily for high-performance networking and broadcast/media teams.

Setup Requirements

  • ⚠️Requires Python >=3.10.
  • ⚠️Manual setup involves cloning a Git repository, creating a virtual environment, installing dependencies, and configuring a specific absolute path to the executable in Claude Code's settings.json.
  • ⚠️Requires internet access to fetch documentation if not already cached.
Verified SafeView Analysis
The server fetches external web content using `httpx` and parses it with `BeautifulSoup` and `markdownify`. While the documentation sources are hardcoded, reducing arbitrary URL fetching risk, parsing external content can always have edge cases. No use of `eval` or obvious malicious patterns found. File system access is limited to a cache directory for downloaded documentation.
Updated: 2026-01-19GitHub
0
0
Low Cost
bioanywhere icon

ui

by bioanywhere

Sec8

API client for accessing and processing world news from various sources.

Setup Requirements

  • ⚠️Requires API keys (api-key and/or x-api-key) which must be obtained from worldnewsapi.com.
  • ⚠️The C++ client requires CMake 3.2+, Qt, and a C++ compiler.
  • ⚠️The Python client requires Python 3.7+.
Verified SafeView Analysis
The project consists of OpenAPI-generated client libraries across multiple languages. The C++ client includes an OAuth implementation that starts a local TCP server on port 9999 to handle redirect URIs. While this is a standard pattern for some OAuth flows, exposing a local port could be a potential, albeit low, attack surface if not properly secured (e.g., binding only to localhost and correctly validating incoming requests). API keys are expected to be provided by the user programmatically; the library itself does not hardcode them. No obvious 'eval' or obfuscation techniques were detected.
Updated: 2025-12-13GitHub
0
0
Medium Cost
asaprivate icon

gitflow-for-pms

by asaprivate

Sec9

Enables non-technical Product Managers to manage Git and GitHub workflows directly through AI coding assistants.

Setup Requirements

  • ⚠️Requires Docker Desktop (or Rancher Desktop) to run the PostgreSQL database and Redis cache.
  • ⚠️Requires Node.js v20+ to run the server.
  • ⚠️Requires manual creation and configuration of a GitHub OAuth App to obtain GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET, which is a multi-step process outside the direct installation commands.
Verified SafeView Analysis
The server demonstrates strong security practices: GitHub OAuth tokens are stored in the system keychain via 'keytar' (or encrypted in DB as fallback), and are explicitly never logged in plaintext. Database queries use parameterized statements to prevent SQL injection. Input validation is performed using 'zod' for all MCP tool arguments. The 'GitService' correctly sanitizes URLs before logging to prevent token exposure. The 'PolicyRejectionHandler' actively detects and helps users mitigate GitHub Push Protection violations (e.g., exposed secrets) by guiding safe history sanitization and re-pushing using '--force-with-lease'.
Updated: 2026-01-17GitHub
0
0
High Cost
igorrodrigz icon

MCP-SERVER

by igorrodrigz

Sec6

A FastAPI backend serving as a virtual tourist guide chatbot, leveraging the Groq API for natural language processing and integrating with a database to provide location-specific information for Uruguaiana, Brazil.

Setup Requirements

  • ⚠️Requires a Groq API Key, implying a dependency on a potentially paid external AI service.
  • ⚠️Requires a database setup: by default, it expects a MySQL instance with pre-existing tables (`pontos_turisticos_pontoturistico`, `estabelecimentos_restaurante`). If configured for SQLite, a `turismo.db` file with `cidades`, `pontos_turisticos`, and `restaurantes` tables is needed. The database schema itself is not provided in the source code.
  • ⚠️External Python dependencies (e.g., fastapi, uvicorn, requests, python-dotenv, mysql-connector-python) must be installed prior to running.
Verified SafeView Analysis
The application correctly utilizes environment variables for sensitive API keys and database credentials, which is a good security practice. However, the `CORSMiddleware` is configured with `allow_origins=["*"]`, which permits requests from any domain. This setting is generally unsafe for production environments as it exposes the API to cross-origin attacks and should be restricted to specific, trusted origins.
Updated: 2025-12-10GitHub
0
0
Medium Cost
premkalyan icon

jira-mcp

by premkalyan

Sec9

Integrates Jira Cloud with AI agents and automation systems via Model Context Protocol, providing comprehensive issue, project, and sprint management capabilities.

Setup Requirements

  • ⚠️Requires Node.js 18.0.0 or higher.
  • ⚠️Requires access to a Jira Cloud instance with an API Token and appropriate permissions (Browse projects, Create/Edit issues, Work on issues, Add comments).
  • ⚠️For multi-tenant Vercel deployment, it depends on an external Project Registry (https://project-registry-henna.vercel.app) and requires setting `REGISTRY_URL` and `REGISTRY_AUTH_TOKEN` environment variables in Vercel.
Verified SafeView Analysis
The project has explicitly addressed and fixed a critical security vulnerability involving a hardcoded Bearer token by moving it to an environment variable (`REGISTRY_AUTH_TOKEN`). Jira API credentials are dynamically fetched from a Project Registry per request in the serverless deployment, preventing their direct exposure. Input validation is implemented for environment variables and Jira configuration fields. Rate limiting is present to prevent API abuse. While documentation might suggest a default `REGISTRY_AUTH_TOKEN` value, the code itself reads from environment variables, which is a secure practice. Rotating this registry token is a deployment best practice.
Updated: 2025-12-14GitHub
0
0
Medium Cost
taihen icon

mcp-ripestat

by taihen

Sec5

A Model Context Protocol (MCP) server that enables Large Language Models (LLMs) to query the RIPEstat Data API for network information, IP addresses, prefixes, and ASNs using natural language.

Setup Requirements

  • ⚠️No built-in authentication/authorization; requires external security measures (e.g., firewall, MCPProxy).
  • ⚠️Requires Go 1.24.4+ and Make for building and running directly.
  • ⚠️Usage might be affected by RIPEstat API quotas, despite internal rate limiting.
Review RequiredView Analysis
The server explicitly states it does not provide authentication or authorization, recommending external firewalling or an MCP proxy for security. While it implements CORS with origin validation and secure client IP extraction, and includes per-instance rate limiting to manage RIPE API quotas, the lack of built-in access control makes direct public exposure a significant security risk. No 'eval' or malicious patterns were found in the provided source code, and development security practices like `govulncheck`, `Trivy`, and `CodeQL` are mentioned.
Updated: 2026-01-19GitHub
0
0
Low Cost

ocs-mcp-server

by AILLY2025

Sec2

The OCS MCP Server acts as an API gateway for an OCS (Order Management System), providing tools for order review, order querying, and warehouse management to automate business processes.

Setup Requirements

  • ⚠️Requires Python 3.12+.
  • ⚠️Requires 'uv' package manager for dependency management.
  • ⚠️Requires various OCS API credentials (e.g., OCS_BASE_URL, OCS_ACCESS_TOKEN or OCS_USERNAME/OCS_PASSWORD) to be configured via environment variables for proper functionality.
Review RequiredView Analysis
CRITICAL: Hardcoded Docker registry credentials (`DOCKER_USERNAME`, `DOCKER_PWD`) are present in `build.sh`, posing a severe risk if the repository is public. Hardcoded `fallback_access_token`, `application_key`, default `username`/`password`, and cookie values are present in `config.py`. Disabling SSL/TLS certificate verification (`httpx.AsyncClient(verify=False)`, `aiohttp.ClientSession(ssl=False)`) in `services/ocs_service.py` and `services/auth_service.py` makes the application vulnerable to Man-in-the-Middle (MITM) attacks, especially in production environments.
Updated: 2025-11-27GitHub
0
0
Low Cost
raalrwai icon

MCP

by raalrwai

Sec9

A minimal API server exposing simple tools for potential integration with AI agents or other applications.

Setup Requirements

  • ⚠️Requires the 'mcp' Python library to be installed.
Verified SafeView Analysis
The code itself is simple and does not contain obvious security vulnerabilities like eval, hardcoded secrets, or malicious patterns. The server binds to 0.0.0.0, which means it listens on all available network interfaces; this is standard but should be considered if deploying publicly without proper network segmentation.
Updated: 2025-12-10GitHub
0
0
Medium Cost
nulone icon
Sec9

Provides AI assistants with persistent, feedback-learning memory to save insights, track feedback, and improve information retrieval.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️Requires Claude CLI or Claude Desktop for integration as an MCP server. Manual configuration of `claude.json` (or `claude_desktop_config.json`) with an absolute path to `dist/index.js` is necessary.
  • ⚠️While general operations (add, list, search) are efficient, retrieving full content for an insight (`get_detail`) or exporting all memory (`export_memory`) can return large amounts of text, potentially leading to higher token consumption by the AI client.
Verified SafeView Analysis
The server operates locally via standard I/O (stdio) and does not expose any network interfaces, significantly reducing external attack surface. It explicitly avoids `console.log` to prevent stdout pollution, which is critical for the MCP protocol. Robust input validation (`src/validation.ts`) prevents oversized or malformed data. Data integrity is prioritized with atomic file writes using a temp-file-and-rename pattern, mutex protection for concurrent access, and automatic recovery with backup generation for corrupted data files. No hardcoded secrets or 'eval' statements were found. The use of XDG Base Directory Specification for data storage is good practice.
Updated: 2026-01-19GitHub
PreviousPage 657 of 713Next