Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
Aniketps4 icon
Sec9

This server provides tools to track, list, and summarize personal or small-scale expenses using a local SQLite database.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer, which might be a barrier as 3.13 is currently in early development and not widely adopted.
  • ⚠️The database (`expenses.db`) is stored in a temporary directory, which means data is not persistent across system restarts unless handled externally.
Verified SafeView Analysis
The server correctly uses parameterized queries for all database operations, effectively preventing SQL injection vulnerabilities. There are no clear signs of `eval` usage, obfuscation, hardcoded sensitive secrets (as it's a local SQLite DB), or other malicious patterns. Error handling is present to return structured messages instead of raw stack traces. The database is stored in a temporary directory, which limits potential impact on system-critical files.
Updated: 2026-01-19GitHub
0
0
Low Cost
zemi-gh icon

ctf-mcp-server

by zemi-gh

Sec8

Facilitate LLM assistance in Capture The Flag (CTF) challenges and cybersecurity training in a controlled lab environment.

Setup Requirements

  • ⚠️Requires Debian/Ubuntu system with `sudo` access and internet connectivity for setup.
  • ⚠️The `setup.sh` script installs numerous cybersecurity and development tools, effectively making the host system a dedicated CTF environment.
  • ⚠️Node.js and npm are required, though `setup.sh` attempts to install them.
Verified SafeView Analysis
The server exposes powerful command-line tools (e.g., `radare2`, `pwntools`) and a Python sandbox, allowing LLMs to execute arbitrary Python code. While category-specific command execution is restricted to a strict whitelist of binaries, the Python sandbox is an explicit remote code execution vector. It is, however, designed and documented for use *only* in controlled CTF labs and sandboxes, with explicit warnings against use in production systems or untrusted networks. No `eval` in JavaScript code, no hardcoded secrets, and no unintended network exposures are apparent.
Updated: 2025-11-29GitHub
0
0
High Cost
manish6007 icon

mcp_servers

by manish6007

Sec4

A combined Model Context Protocol (MCP) server that provides tools for querying Amazon Redshift databases and performing vector-based knowledge base searches.

Setup Requirements

  • ⚠️Requires AWS credentials with access to Bedrock, Redshift, S3, and Secrets Manager.
  • ⚠️Requires a running Amazon Redshift cluster and a PostgreSQL database with the `pgvector` extension enabled.
  • ⚠️Requires S3 buckets for both the knowledge base markdown files and for storing large Redshift query results.
  • ⚠️Local development uses Docker Compose to set up PostgreSQL and LocalStack for AWS service emulation, adding complexity.
Review RequiredView Analysis
The `run_query` tool directly accepts raw SQL as input, which is a significant SQL injection vulnerability if exposed to untrusted user input or if an LLM generates malicious SQL. The `list_tables` and `describe_table` tools use f-strings to embed `schema` and `table` names directly into SQL queries, also creating SQL injection opportunities if these parameters are not rigorously sanitized by the calling agent or application. The `query_vectorstore` tool similarly uses f-strings for the `query` parameter within `plainto_tsquery`, which could lead to unexpected behavior or resource exhaustion with malicious input. While intended for LLM agents, these patterns pose a high risk without strict input validation or sandboxing.
Updated: 2026-01-18GitHub
0
0
Low Cost
MaNGOSDX icon

NixOS

by MaNGOSDX

Sec4

An unofficial Electron-based desktop client for Nvidia's GeForce NOW game streaming service on Linux, offering native integration and Discord Rich Presence.

Setup Requirements

  • ⚠️Requires Node.js and npm for building from source.
  • ⚠️Primarily designed for Linux operating systems; Flatpak is the recommended installation method, with manual installs not officially supported.
  • ⚠️The `contextIsolation: false` setting in Electron introduces a significant security risk, allowing potential arbitrary code execution via XSS in the loaded web content.
Review RequiredView Analysis
The application sets `contextIsolation: false` in its Electron `webPreferences`. This is a significant security risk as it allows the loaded GeForce NOW web content to access Node.js APIs directly. A Cross-Site Scripting (XSS) vulnerability in the remote web application could be exploited to achieve arbitrary code execution on the user's system. While the client loads the 'official' GFN web page, this configuration inherently trusts the remote content's security, which is generally not recommended for Electron apps. The Discord client ID is hardcoded, but it is a public identifier and not a secret.
Updated: 2025-11-28GitHub
0
0
Low Cost
beatrizcristina-ux icon

akilomba-

by beatrizcristina-ux

Sec10

This project defines and documents a comprehensive design system (Majoris) through design tokens for spacing, elevation, colors, and typography, to ensure consistency and scalability in UI development.

Setup Requirements

  • ⚠️Requires loading the custom font 'Bradesco Sans' in the consuming project for full typographic fidelity.
  • ⚠️Requires a build process (e.g., using Style Dictionary or similar tools) to generate consumable CSS variables and JavaScript objects from the raw JSON design token files.
  • ⚠️Relies on a Figma Design System ('Majoris') as the source of truth for token definitions, implying potential future synchronization needs.
Verified SafeView Analysis
The provided source code consists solely of declarative design tokens in JSON format and documentation in Markdown. It does not contain any executable code, network operations, or user input processing, thus posing no direct runtime security risks. There are no hardcoded secrets or suspicious patterns.
Updated: 2025-12-15GitHub
0
0
Low Cost
umesh-khatiwada icon

list-of-mcp-server

by umesh-khatiwada

Sec1

Provides local SQLite database operations for managing people data, enabling AI assistants to interact with it using SQL queries.

Setup Requirements

  • ⚠️Requires Python 3.7+ (usually pre-installed)
  • ⚠️SQLite is required (usually included with Python)
  • ⚠️Severe SQL injection vulnerability due to direct execution of user-provided SQL queries.
Review RequiredView Analysis
The server directly executes SQL queries provided by the 'query' parameter in both 'add_data' and 'read_data' functions. This design is highly vulnerable to SQL injection, as there is no apparent input sanitization or use of parameterized queries. A malicious AI assistant or user could inject arbitrary SQL commands to read, modify, or delete database contents.
Updated: 2026-01-07GitHub
0
0
Medium Cost
clikader icon
Sec8

Enables AI coding agents to interact with BitBucket Cloud for repository, branch, pull request, code search, and memory management operations.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires a BitBucket App Password with specific permissions (Repositories: Read, Write, Admin; Pull requests: Read, Write).
  • ⚠️Requires `BITBUCKET_USERNAME`, `BITBUCKET_API_TOKEN`, and `BITBUCKET_WORKSPACE` environment variables to be set.
Verified SafeView Analysis
The server uses environment variables for credentials, which is a good practice. It wraps synchronous Atlassian API calls with asyncio.to_thread, and subprocess.run is used for git commands with controlled inputs ('origin' or no direct user input in `get_current_branch`). No obvious 'eval' or malicious patterns were found. The memory system stores JSON data, not executable code. Potential risk from un-sanitized 'query' parameters passed to BitBucket API functions, though BitBucket's API itself should handle sanitization.
Updated: 2026-01-19GitHub
0
0
Medium Cost
bioanywhere icon

quindio

by bioanywhere

Sec8

This project provides client libraries to interact with the World News API for programmatic access to news data, including semantic search and content extraction.

Setup Requirements

  • ⚠️Requires Python 3.7+
  • ⚠️Relevant API keys are required for World News API access (paid service).
Verified SafeView Analysis
The client libraries are generated using OpenAPI Generator and generally follow standard practices for API interaction. The C++ client includes an OAuth implementation with a local HTTP server listening on port 9999 for callbacks, which includes basic CSRF protection via the `state` parameter. No obvious `eval` or hardcoded secrets found within the provided source. Network communication relies on underlying HTTP libraries (e.g., Qt's QNetworkAccessManager, OkHttp) and SSL/TLS configurations, which are assumed to be handled securely. Users are responsible for secure storage and management of API keys.
Updated: 2025-12-13GitHub
0
0
Low Cost
Rohit2332000 icon

mcp-math-server

by Rohit2332000

Sec10

This server provides a set of basic mathematical operations (addition, subtraction, multiplication, division, modulus) as tools via the FastMCP framework, intended for integration with AI agents or larger computational platforms.

Setup Requirements

  • ⚠️Python 3.11+ required
  • ⚠️Requires installation of specified Python dependencies (e.g., fastmcp, langchain)
Verified SafeView Analysis
The code is minimal and straightforward, implementing basic arithmetic operations. The `_as_number` utility robustly handles type conversion from integers, floats, or numeric strings without introducing any execution risks (e.g., no `eval`). There are no hardcoded secrets, network vulnerabilities, or other dangerous patterns present in the provided source.
Updated: 2025-11-26GitHub
0
0
Low Cost
cp-weiland icon

biohackathon2025MCP

by cp-weiland

Sec7

This project demonstrates an AI agent interacting with multiple local Micro-Co-Pilot (MCP) servers, each providing specialized tools for tasks like hashing, weather forecasting, and SPARQL queries against various data sources.

Setup Requirements

  • ⚠️Requires Ollama server running locally with the `qwen3:1.7b` model installed.
  • ⚠️Requires `uv` package manager to be installed and accessible in the PATH for starting sub-servers.
  • ⚠️Requires Python dependencies such as `mcp-use`, `mcp.server.fastmcp`, `SPARQLWrapper`, `loguru`, `httpx`, and `langchain_ollama` to be installed.
Verified SafeView Analysis
The system directly executes LLM-generated SPARQL queries against public endpoints (DBpedia, Research Vocabularies Australia). While `SPARQLWrapper` handles the protocol, an LLM could formulate resource-intensive or unintended queries. The `simpleServerFLOPO.py` mitigates this by hardcoding the query in its description. No `eval`, obfuscation, or hardcoded secrets were identified. Network risks are confined to calls to known public APIs (weather.gov, various SPARQL endpoints).
Updated: 2025-12-03GitHub
0
0
Medium Cost
consigcody94 icon

notion-weaver

by consigcody94

Sec9

Automate Notion workspace tasks and integrate them into AI workflows using the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Notion API Key (Internal Integration Token) configured as an environment variable.
  • ⚠️The Notion integration must be explicitly shared with any pages or databases it intends to access.
  • ⚠️Node.js version 18.0.0 or higher is required.
Verified SafeView Analysis
The server retrieves the Notion API key from environment variables (NOTION_API_KEY) and explicitly checks for its presence. Input validation for tool arguments relies on JSON schemas defined for each tool, which are processed by the @modelcontextprotocol/sdk. The code uses `args as unknown as Type`, implicitly trusting the SDK's validation. No 'eval', code obfuscation, or hardcoded secrets were found. Comprehensive error handling for API calls is implemented.
Updated: 2025-11-22GitHub
0
0
Low Cost
zjc19891106 icon

easeim-mcp-server

by zjc19891106

Sec8

Provides documentation query, source code search, intelligent assistance, and integration diagnosis capabilities for EaseIM SDK as a local MCP (Model Context Protocol) server.

Setup Requirements

  • ⚠️Requires Node.js >= 18.
  • ⚠️Requires a build step (`npm run build`) before running if not installed globally via npm.
  • ⚠️The `smart_assist` feature relies on an external LLM (e.g., Claude), which would incur separate API costs and requires client-side configuration for an API key.
Verified SafeView Analysis
The server is designed to run locally as a development assistant. It uses argument validation to prevent arbitrary input from being executed directly. Data sources are local JSON files. While it interacts with the local development environment, no direct shell execution of user-supplied commands or clear hardcoded secrets were found in the provided server-side code that would pose an immediate risk beyond normal development tool operations. Potential risks like SSRF in URL preview (if user-controlled) or code generation from untrusted inputs are mitigated by its local context and schema validation, but inherent to such tooling.
Updated: 2026-01-19GitHub
PreviousPage 663 of 713Next