Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
simoalanne icon
Sec9

Provides tools for AI assistants to interact with a funding application evaluation backend, primarily for semi-automated QA testing.

Setup Requirements

  • ⚠️Requires Node.js 22+
  • ⚠️Requires the 'SolitaProject' backend running locally on `localhost:3000` or an external deployment configured via `API_BASE_URL`.
  • ⚠️The full workflow described (including financial data) implies a need for a separate web scraping tool or manual data input for complete financial data.
Verified SafeView Analysis
The server uses `zod` for robust input validation, which significantly reduces the risk of malformed data or injection attacks. It explicitly filters out 'metadata' from API responses to reduce token usage and prevent oversharing potentially sensitive information with the AI agent. Communication happens via stdio (`StdioServerTransport`), minimizing external network attack surfaces. The `API_BASE_URL` is configurable via environment variables, preventing hardcoded endpoints, though its security depends on proper deployment configuration (e.g., pointing to a trusted backend). No `eval` or obfuscation found.
Updated: 2025-12-02GitHub
0
0
Low Cost
Ver-zhzh icon
Sec8

Enables AI assistants to interact with and manage Minecraft servers through a standardized interface.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires a Minecraft Spigot/Paper server version 1.8.9-1.21.x (excluding 1.17).
  • ⚠️Building the Java plugin requires Java JDK 8+ and Maven.
Verified SafeView Analysis
The project demonstrates good security practices for its purpose. The Java plugin implements API key authentication and the `ConfigManager` auto-generates a strong, random API key if a default one is detected, which is excellent. It also defaults to binding the HTTP server to `127.0.0.1` (localhost) in `config.yml`, although the `README` example shows `0.0.0.0` which would be less secure if exposed publicly without firewalling. The `CommandExecutor` includes input validation (length check) and a configurable blacklist for critical commands like 'stop' and 'restart', mitigating some risks. However, if the API key for the Minecraft plugin is compromised, an attacker could execute arbitrary commands (not in the blacklist) with console (OP) permissions. This is an inherent risk of such a powerful tool and necessitates strict API key management and network security around the Minecraft server's HTTP API.
Updated: 2025-11-25GitHub
0
0
Low Cost
sreehari-sreesunil icon

MCP_expense_tracer

by sreehari-sreesunil

Sec7

A lightweight MCP server for tracking personal expenses, integrable with Claude Desktop.

Setup Requirements

  • ⚠️Requires Python 3.13+ (as per pyproject.toml)
  • ⚠️Requires 'uv' package manager for setup
  • ⚠️Intended for use with Claude Desktop client
Verified SafeView Analysis
The `summarize_expenses` function contains a critical bug where it attempts to append strings to a `sqlite3.Cursor` object (`query += ...`), leading to a `TypeError` if a category is provided. While this specific bug prevents the code from executing the problematic string concatenation, it indicates poor SQL query construction. If this bug were 'fixed' by building the SQL query string via concatenation *without* proper parameterization, it *would* introduce a SQL injection vulnerability for the `category` parameter. Other functions (`add_expense`, `list_expenses`) correctly use parameterized queries, mitigating immediate SQL injection risks for those operations. The server is designed for local use with no apparent hardcoded secrets or explicit network exposures beyond its local FastMCP interface.
Updated: 2025-12-14GitHub
0
0
Medium Cost
justinhaaheim icon

apple-reminders-mcp

by justinhaaheim

Sec9

Integrate Apple Reminders with Claude Desktop for comprehensive task management and reminders via conversation.

Setup Requirements

  • ⚠️Requires macOS 14.0 (Sonoma) or later.
  • ⚠️Requires Swift 5.9 or later.
  • ⚠️Requires the Claude Desktop app.
  • ⚠️Requires granting 'Full Access to Reminders' permission on first run.
Verified SafeView Analysis
The server operates locally via stdio, limiting network attack surfaces. It relies on macOS EventKit permissions, requiring explicit user consent for Reminders access. No 'eval' or similar dangerous functions are apparent in the Swift codebase. A 'test mode' environment variable restricts write operations to specially-prefixed lists, enhancing safety during development and testing.
Updated: 2026-01-19GitHub
0
0
Low Cost
trung-persefoni icon

obsidian-kanban-mcp

by trung-persefoni

Sec8

Manage Obsidian Kanban boards programmatically through an MCP server.

Setup Requirements

  • ⚠️Requires Node.js installed.
  • ⚠️Requires Obsidian vault with the Kanban plugin installed.
  • ⚠️Requires `VAULT_PATH` environment variable set to your Obsidian vault path, or it defaults to `~/workspace/cursor-vault`.
Verified SafeView Analysis
The server primarily interacts with the local file system using the provided VAULT_PATH. It uses `path.join` to construct file paths, which helps mitigate path traversal issues. No 'eval' or direct 'child_process' spawns were observed. Environment variables are used for configuration, which is a standard practice. The main security considerations would be ensuring the VAULT_PATH is set to a trusted location and protecting access to the process itself, as it can modify local files.
Updated: 2025-11-30GitHub
0
0
Medium Cost
Scan-Documents icon

node-sdk

by Scan-Documents

Sec8

This MCP Server exposes image and PDF processing functionalities to AI agents, allowing them to perform tasks like applying image effects, converting formats, detecting documents, extracting text, and manipulating PDF files.

Setup Requirements

  • ⚠️Requires `SCAN_DOCUMENTS_API_KEY` environment variable for authentication (paid API likely).
  • ⚠️The 'code mode' tool delegates code execution to an external service (`CODE_MODE_ENDPOINT_URL`), whose security and sandbox integrity are critical and external to this codebase. Trust in this external service is implied.
  • ⚠️Primarily designed for Node.js environments (v20 LTS or later recommended).
Verified SafeView Analysis
The server's 'code mode' tool executes agent-provided TypeScript code. While it delegates this execution to an external service (https://api.stainless.com/api/ai/code-tool by default) and claims execution in an isolated sandbox without network or filesystem access, the security of this external sandbox is beyond the scope of this codebase. Users overriding the `CODE_MODE_ENDPOINT_URL` environment variable should ensure their custom endpoint is trusted and securely sandboxed. No direct 'eval' or other un-sandboxed code execution is observed within the server's own code. Authentication is handled via an API key, which is read from environment variables or client options.
Updated: 2026-01-17GitHub
0
0
Medium Cost
Lina-go icon
Sec1

Provides a remote server with a set of tools to enable AI agents to interact with an Azure SQL Database and generate Power BI report URLs using the Model Context Protocol (MCP) SDK.

Setup Requirements

  • ⚠️Requires Python 3.10+ (specifically 3.12.2 for Azure deployment via Oryx).
  • ⚠️Requires Azure Functions Core Tools for local execution.
  • ⚠️Requires an Azure SQL Database connection string (`DB_CONNECTION_STRING`) to be provided.
  • ⚠️Power BI Workspace (`WORKSPACE_ID`) and Report IDs (`REPORT_ID`) are needed for Power BI URL generation.
  • ⚠️The MCP SDK hosting capability is currently in 'early preview'.
Review RequiredView Analysis
Multiple tools (e.g., `execute_sql_query`, `get_table_schema`, `get_table_row_count`, `get_distinct_values`, `get_primary_keys`) construct SQL queries using f-strings with direct insertion of user-provided arguments. This makes the server highly vulnerable to SQL injection, a critical security risk, as no input sanitization or parameterized queries are used.
Updated: 2026-01-17GitHub
0
0
High Cost
vivanov87 icon

Avaza-MCP-Server

by vivanov87

Sec3

This server provides 106 granular, semantic tools for managing Avaza API functionalities including schedules, timesheets, projects, tasks, financials, expenses, companies, contacts, and webhooks, designed for integration with Model Context Protocol (MCP) clients like LLMs.

Setup Requirements

  • ⚠️Requires Node.js 18+ and an Avaza API Key, which must be manually added to a `.env` file for the main server to function.
  • ⚠️The `test-runner.js` in the repository contains a hardcoded Avaza API key, which is a severe security risk if the repository is cloned or the test runner is executed without removing/replacing this key.
  • ⚠️Functional limitations exist for some tools (e.g., `update_project_booking` does not consistently apply updates, and the `Notes` field for schedules is often ignored). Integration with n8n via HTTP/SSE is currently non-functional, requiring alternative setup or stdio mode.
Review RequiredView Analysis
The `test-runner.js` file in the source code contains a hardcoded Avaza API key (e.g., `1011968-b89ff68fca62ddb710974570fee6a759dec07f96`). This is a critical security vulnerability as it exposes a valid API key to anyone who clones or views the repository. Executing the `test-runner.js` would also effectively use this exposed key. While the main server (`src/index.ts`) correctly uses environment variables for the API key, the presence of a live key in the repository significantly lowers the overall security score. Additionally, the server uses `Access-Control-Allow-Origin: *` for its SSE and health check endpoints, which, while common for local client integrations, implies any web origin could interact with it.
Updated: 2026-01-19GitHub
0
0
Low Cost
davidl71 icon
Sec7

Automating project management workflows and integrating local AI models for enhanced developer productivity and project health monitoring within an IDE environment.

Setup Requirements

  • ⚠️Critical FastMCP framework bug (100% tool failure rate) requires the `EXARP_FORCE_STDIO=1` environment variable workaround to function.
  • ⚠️Requires Python 3.10+ as per FastMCP dependency.
  • ⚠️Project dependencies must be installed (recommended: `uv sync`).
  • ⚠️Local Ollama server must be running and models pulled (e.g., `ollama pull phi3`) for Ollama-based AI tools.
  • ⚠️Apple Silicon Mac required for MLX/CoreML tools, with relevant models downloaded.
  • ⚠️MCP client configuration in `.cursor/mcp.json` requires absolute paths to the `exarp-uvx-wrapper.sh` script, necessitating local path adjustments via `scripts/setup_mcp_config.sh` or manual configuration.
  • ⚠️A complete restart of the Cursor IDE is typically required after MCP configuration changes.
Verified SafeView Analysis
The project integrates robust security middleware for access control, path validation, and rate limiting. It employs a `safe_subprocess` utility to validate commands before execution. No hardcoded secrets or explicit 'eval' patterns were identified. However, there is a critical, framework-level bug in its primary FastMCP dependency ('object dict can't be used in 'await' expression' errors) that causes all tools to fail without a mandatory `EXARP_FORCE_STDIO=1` environment variable workaround, which forces the server to use a simpler stdio interface. This bug affects functionality and stability, but the project has implemented defensive measures and a direct bypass to mitigate potential operational impact.
Updated: 2026-01-01GitHub
0
0
Medium Cost
DGdev91 icon
Sec5

Manages and stores game-related data for a Minecraft Coder Pack (MCP) server using a SQL database.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) installed.
  • ⚠️Requires a running SQL database server instance (e.g., MySQL, PostgreSQL, SQL Server) to connect to.
  • ⚠️Requires appropriate JDBC drivers for the chosen SQL database.
Review RequiredView Analysis
Cannot perform a full security audit as no source code was provided. Without code, it's impossible to check for common vulnerabilities like SQL injection, hardcoded secrets, or improper error handling. A score of 5 is assigned as a neutral stance due to lack of visibility.
Updated: 2025-12-03GitHub
0
0
High Cost
diplinfmarkodrews icon

rs-mcp-agent

by diplinfmarkodrews

Sec7

Provides an AI-powered chat interface to integrate with a legacy Java-based ReportServer application using both UI automation (Playwright) and direct RPC communication, enhanced with semantic search and multi-LLM provider support.

Setup Requirements

  • ⚠️Requires a ReportServer instance running for integration.
  • ⚠️Requires .NET 9.0 SDK or later installed.
  • ⚠️Requires Docker Desktop for containerized services (Ollama, Qdrant) orchestrated by .NET Aspire.
  • ⚠️Ollama GPU support is enabled by default in the Aspire host; it may crash if a compatible GPU is not available.
  • ⚠️API keys for commercial LLMs (Anthropic, OpenAI, Azure OpenAI) must be configured as environment variables or in `appsettings.json`.
  • ⚠️Playwright browsers and its dependencies need to be installed on the system if not managed by .NET Playwright CLI.
Verified SafeView Analysis
Uses Keycloak OIDC for modern authentication, but also supports legacy username/password authentication directly with ReportServer, which may be less secure depending on the specific implementation and threat model. `ClientSecret` values are placeholders (empty strings) in configuration files; these must be replaced with actual secrets, ideally from environment variables, for production deployments. `AllowedHosts: *` is used in the production `appsettings.json`, which should be restricted to specific domains. `RequireHttpsMetadata: false` is set in development configurations, requiring careful consideration to enable HTTPS in production. Cross-origin iframe monitoring for authentication is a standard pattern but relies on proper configuration of the authentication provider to prevent issues. The project references Playwright installation scripts that employ `sudo` and `curl | bash` patterns, which carry inherent risks if the source is not fully trusted.
Updated: 2026-01-18GitHub
0
0
Low Cost
belvg-public icon

belvg_mcp_extended

by belvg-public

Sec9

Extends PrestaShop's MCP Server to provide AI agents with high-level business logic tools for store management and analytics.

Setup Requirements

  • ⚠️Requires PrestaShop 8.0.0 or higher.
  • ⚠️Requires PHP 8.1 or higher.
  • ⚠️The official 'ps_mcp_server' module must be installed and active.
  • ⚠️Requires manual clearing of the ps_mcp_server cache file (.mcp/.cache.json) after installation for new tools to be recognized.
Verified SafeView Analysis
The module uses PrestaShop's pSQL() function and explicit type casting (int) for all SQL query parameters, effectively mitigating SQL injection risks. No 'eval' or other highly dangerous functions are present. No hardcoded secrets or suspicious network activity were found.
Updated: 2025-11-25GitHub
PreviousPage 666 of 713Next