Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
FractalizeR icon

mcp_servers

by FractalizeR

Sec9

Facilitate AI agents to interact with Yandex Wiki API for documentation, knowledge management, and content automation, allowing programmatic creation, modification, and retrieval of wiki pages and dynamic grids.

Setup Requirements

  • ⚠️Requires Node.js version 22.0.0 or higher.
  • ⚠️Requires an OAuth token for Yandex Wiki API, set via the `YANDEX_WIKI_TOKEN` environment variable.
  • ⚠️Requires an organization ID, set via either `YANDEX_ORG_ID` (for Yandex 360) or `YANDEX_CLOUD_ORG_ID` (for Yandex Cloud Organization) environment variable. Only one of these should be provided.
Verified SafeView Analysis
The project demonstrates strong security awareness: explicit handling of sensitive OAuth tokens (not saved to disk), active auditing with `gitleaks` for secrets and `Socket.dev` for supply-chain risks. The `ResponseFieldFilter` is a critical feature to prevent accidental data exposure to LLMs, reducing prompt injection and data leakage risks. File write operations (e.g., for downloading attachments) are present, which could be a risk if `saveToPath` is not properly sanitized/restricted by the client or tool invocation. However, the core framework is robust with `axios` and built-in retry mechanisms.
Updated: 2026-01-01GitHub
0
0
Medium Cost
sj0405-lee icon

my-mcp-server

by sj0405-lee

Sec8

A TypeScript boilerplate server implementing the Model Context Protocol (MCP) SDK, offering various tools like greeting, calculation, time, AI image generation, and a code review prompt, along with a server information resource.

Setup Requirements

  • ⚠️Requires a Hugging Face API token (HF_TOKEN) for the 'generate-image' tool.
  • ⚠️Requires Node.js (version 18 or higher recommended by dependencies).
  • ⚠️Requires `npm install` and `npm run build` to compile TypeScript to JavaScript before execution.
Verified SafeView Analysis
The server uses environment variables or a configuration object to manage sensitive API tokens (e.g., Hugging Face API token), which is a good practice. There are no clear instances of 'eval', obfuscation, or other overtly malicious patterns. Network risks are confined to calls to legitimate third-party AI services. The code review prompt, while useful, sends user-provided code to an LLM, which implies trust in the LLM provider and handling of potentially sensitive code.
Updated: 2025-11-27GitHub
0
0
Medium Cost
Sharadendu icon

MCPFileIO

by Sharadendu

Sec2

A comprehensive Model Context Protocol (MCP) server designed for AI agents to perform file operations, compiler tasks, execute code, monitor logs, and manage processes on the host system.

Setup Requirements

  • ⚠️Requires .NET 9.0 or later
  • ⚠️Some tools are Windows-specific, limiting cross-platform functionality
Review RequiredView Analysis
The server provides powerful capabilities to AI agents, including reading/writing/deleting files, executing arbitrary C# code snippets and other executables, compiling projects, and managing processes. If an AI agent's input is compromised or maliciously crafted, these tools can be abused for arbitrary code execution, data exfiltration, system damage, or privilege escalation. There is no mention of sandboxing or strict input validation in the provided documentation, making it inherently risky to run in an environment exposed to untrusted input. The ability to run 'dotnet applications, executables, and C# code snippets' is a critical risk.
Updated: 2026-01-19GitHub
0
0
Low Cost
pcjx8 icon
Sec5

Production-ready Model Context Protocol (MCP) server for Electronic Health Records with OAuth 2.0 authentication.

Setup Requirements

  • ⚠️Requires `oauth_clients_credentials.json` file to be present in the working directory for testing and deployment, containing plaintext client secrets. This file must be kept secure and never committed to version control.
  • ⚠️The default `JWT_SECRET_KEY` must be changed in the `.env` file for production deployments. Failure to do so poses a critical security risk.
  • ⚠️The server includes an authentication bypass for convenience if no access token is provided, which must be removed or properly secured for production use in an EHR context.
  • ⚠️CORS is configured with `allow_origins=['*']` in the SSE server, requiring explicit tightening for production deployments.
Review RequiredView Analysis
The system implements OAuth 2.0 with JWT tokens and SHA-256 hashed secrets, along with role-based and scope-based access control, which are good practices. However, it has several critical security vulnerabilities and anti-patterns: 1) A default `JWT_SECRET_KEY` (`'your-secret-key-change-in-production'`) is used if `JWT_SECRET_KEY` is not set via environment variables. This is a major security risk for production. 2) The `server.py` explicitly includes a bypass for token validation (`'No access token provided, bypassing authentication for demo/testing'`) if no `access_token` is present, which is highly inappropriate for an EHR system in production. 3) The `sse_server.py` uses `CORS(allow_origins=['*'])`, which opens up the API to cross-origin attacks. 4) The `oauth_clients_credentials.json` file is expected to exist in the working directory (and is used by test scripts) containing plaintext client secrets, a significant credential management risk. 5) Sensitive data (request bodies, headers) are logged by a middleware in `sse_server.py`, potentially exposing PII or secrets. These issues make the system unsafe for a production EHR environment without substantial hardening.
Updated: 2025-12-04GitHub
0
0
Medium Cost
hmake98 icon

nestjs-mcp

by hmake98

Sec8

A NestJS library for integrating the Model Context Protocol (MCP) into applications, enabling decorator-based development of MCP servers that expose tools, resources, and prompts.

Setup Requirements

  • ⚠️Requires NestJS v10.0.0+, `reflect-metadata`, and `rxjs` as peer dependencies.
  • ⚠️Optional transport dependencies (`ws`, `ioredis`, `@grpc/grpc-js`, `@grpc/proto-loader`) must be installed manually for specific transports (WebSocket, Redis, gRPC) due to lazy loading.
  • ⚠️When using the `rootPath: true` option to place MCP endpoints at the root level, the NestJS `app.setGlobalPrefix()` must be configured with an `exclude: ['/mcp(.*)']` pattern.
Verified SafeView Analysis
The library is well-structured and follows NestJS best practices. It correctly uses `readFileSync` for static internal files (playground HTML) and employs `axios` for client-side introspection, which are standard practices. Transport adapters (`grpc`, `websocket`, `redis`) bind to network interfaces, which is expected server behavior; network exposure should be managed through deployment configurations. No `eval` or arbitrary code execution from untrusted input was found. Input validation for MCP methods leverages Zod schemas. No hardcoded production secrets were identified.
Updated: 2025-11-27GitHub
0
0
Low Cost
EiriniOr icon
Sec9

Exposes fictional municipal policy documents via Model Context Protocol (MCP) for AI assistants to list, search, and retrieve programmatically.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Requires local 'policies.json' file in the same directory as server.py
Verified SafeView Analysis
The code uses a local JSON file for data, performs simple string matching for search, and direct ID lookup for retrieval. There are no dynamic code execution (e.g., eval), hardcoded secrets, or obvious network vulnerabilities. Input handling is basic and does not appear susceptible to common injection attacks given the local file and string comparison methods. The re-loading of the policies.json file on every request (via _load_policies) is inefficient but not a security risk.
Updated: 2025-11-28GitHub
0
0
Medium Cost
suparngp icon

mcp-servers

by suparngp

Sec4

Provides indexed documentation search capabilities for coding agents, enabling natural language queries over API references, SDKs, and technical guides.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for embeddings and other LLM interactions.
  • ⚠️Requires Docker for running the local ChromaDB vector store (or an external ChromaDB instance).
  • ⚠️Requires Python 3.9+ (preferably 3.13) and Playwright browser dependencies for crawling, managed via a virtual environment setup script.
Review RequiredView Analysis
Critical vulnerabilities: Potential path traversal in file operations (reading/writing raw/cleaned documents) due to insufficient validation of 'projectName' and URL-derived paths. High risk of Cross-Site Scripting (XSS) in the web interface if unsanitized markdown content is indexed and rendered directly via 'x-html'. Insecure default: ChromaDB configured with permissive CORS ('*') in development Docker setup.
Updated: 2025-12-09GitHub
0
0
Low Cost
markgromer icon

titan-mcp-server

by markgromer

Sec8

A Node.js server built to interact with the Model Context Protocol (MCP) for defining, validating, and serving data models, likely acting as an API layer for AI/ML contexts.

Setup Requirements

  • ⚠️Requires Node.js runtime environment (version >=18 as per SDK dependencies).
  • ⚠️A .env file is likely needed for configuration, including potential Model Context Protocol API keys or endpoints.
  • ⚠️Requires interaction with an external Model Context Protocol service.
Verified SafeView Analysis
No obvious direct security vulnerabilities like 'eval' or hardcoded secrets are present in the provided package.json and package-lock.json files. The project uses 'dotenv' for environment variables, which is good practice for managing secrets. Dependencies like 'express-rate-limit' and 'pkce-challenge' indicate an awareness of common API security practices. The actual server logic in 'server.mjs' is not available for a full code audit.
Updated: 2025-11-28GitHub
0
0
Medium Cost
CODGODMW icon
Sec8

Provides a Model Context Protocol server that allows an agent to play Minesweeper by interacting with a local game server.

Setup Requirements

  • ⚠️Requires a separate Minesweeper game server to be running on http://localhost:5000.
  • ⚠️Requires Node.js and npm to run from source.
Verified SafeView Analysis
The server itself does not contain obvious security vulnerabilities like 'eval' or hardcoded secrets. Its primary function is to act as a proxy, forwarding commands (start_game, click, flag, unflag) to a local HTTP endpoint (http://localhost:5000/api/play) and returning the resulting image. The 'row' and 'col' arguments are numeric and used in a simple string interpolation, limiting direct injection risks from this server. However, the overall security depends heavily on the trustworthiness and security of the external Minesweeper game server running on 'http://localhost:5000'. If that external server is malicious or vulnerable, it could lead to risks, but this server's code itself is relatively safe.
Updated: 2026-01-19GitHub
0
0
Medium Cost
jadragfly icon

select_test_mcp

by jadragfly

Sec8

Collects, stores, and manages Web test operation reports via WebSocket and MCP protocol interfaces for local development and testing.

Setup Requirements

  • ⚠️Reports are stored in memory and will be lost after service restart.
  • ⚠️Requires Node.js 12.0 or higher.
  • ⚠️The 'ws' package is listed as a dev dependency in 'package.json' but is critical for runtime operation; it might be necessary to ensure dev dependencies are installed or move 'ws' to 'dependencies'.
Verified SafeView Analysis
The server is designed for local use (`ws://localhost:8982`) and stores data in memory. No obvious 'eval' or hardcoded secrets were found in the provided code snippets. Potential security considerations if deployed publicly without proper access controls or if excessively large/malformed input data is not handled robustly.
Updated: 2025-11-25GitHub
0
0
Low Cost
radish2951 icon

linear-lite-mcp

by radish2951

Sec9

Provides a lightweight Model Context Protocol (MCP) server on Cloudflare Workers for interacting with Linear's issue tracking and document management features.

Setup Requirements

  • ⚠️Requires manual creation and configuration of a Linear OAuth Application (Client ID, Client Secret).
  • ⚠️Requires 4 environment variables/secrets (`LINEAR_OAUTH_CLIENT_ID`, `LINEAR_OAUTH_CLIENT_SECRET`, `COOKIE_ENCRYPTION_KEY`, `MCP_API_KEY_SECRET`) to be configured.
  • ⚠️Requires Cloudflare Workers infrastructure for full deployment, including KV Namespace and Durable Object bindings.
  • ⚠️Uses pnpm as the package manager, not npm.
Verified SafeView Analysis
The server employs robust security practices: Linear OAuth 2.0 with CSRF protection, nonce verification, and signed cookies. Sensitive Linear tokens are encrypted using AES-GCM with a randomly generated IV and stored in Cloudflare KV. API key authentication is protected by an `X-MCP-Secret` header. Input validation uses Zod, and human-readable names are resolved server-side to prevent ID injection. Callback URLs are validated to prevent open redirects. Automatic token refresh and rate limit handling enhance reliability. No 'eval' or obvious malicious patterns were found. The primary dependencies are from Cloudflare and Model Context Protocol SDKs, assumed to be secure.
Updated: 2025-12-13GitHub
0
0
Medium Cost
pr0xc3nt4ur1 icon

mcp-hyperautomation

by pr0xc3nt4ur1

Sec8

The Hyperautomation MCP Server bridges LLM clients and HA workflows for dynamic security orchestration through natural language interactions in a SOAR-like fashion.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with BigQuery API enabled, a specific dataset, and a table with a predefined schema.
  • ⚠️Requires a Google Service Account JSON key file for BigQuery access with appropriate roles, and its path must be securely configured via environment variables.
  • ⚠️Relies on pre-configured webhook endpoints for each HyperAutomation Agent, requiring setup within an external SentinelOne HyperAutomation platform.
Verified SafeView Analysis
The server uses environment variables for sensitive configurations (e.g., Google Cloud credentials path), which is good practice. It does not employ 'eval' or other obviously dangerous functions. External agents are contacted via configurable webhook endpoints. The primary security risks lie in the secure configuration and storage of the Google Cloud service account JSON key file and the security of the external HyperAutomation webhooks.
Updated: 2025-12-02GitHub
PreviousPage 661 of 713Next