Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Kamwebdev icon
Sec5

Demonstrates the Model Context Protocol (MCP) for connecting an LLM to external tools and enabling dynamic tool calling within a client-server architecture.

Setup Requirements

  • ⚠️Requires a local Ollama instance running.
  • ⚠️Requires an Ollama model (e.g., 'llama3.1:8b') to be pulled locally.
Verified SafeView Analysis
The server exposes network utility tools ('ping', 'check_port_80') that take arbitrary host inputs from the LLM. In a non-isolated environment, this could allow the LLM to perform network reconnaissance or denial-of-service against internal or external targets. For a demonstration, this is acceptable, but for production, rigorous input validation and access controls would be essential.
Updated: 2025-12-12GitHub
0
0
Low Cost
toomy1992 icon

Wealthfolio-MCP

by toomy1992

Sec9

A Model Context Protocol (MCP) server that integrates Wealthfolio portfolio data, valuations, and analytics with AI agents (like OpenWebUI) and automation tools (like n8n).

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires Wealthfolio API access and a valid API key.
  • ⚠️For full MCP integration with AI agents (e.g., OpenWebUI), the `mcpo` proxy is recommended (and configured in the provided Dockerfile).
Verified SafeView Analysis
The server correctly loads API keys from environment variables/`.env` file, preventing hardcoding. It uses `httpx` for asynchronous requests and includes basic error handling for API calls. No `eval` or obvious malicious patterns were found. One point is deducted as the `fetch_portfolio_data` method returns mock data on internal errors, which might obscure underlying issues in a production monitoring context, though it's not a direct security vulnerability.
Updated: 2026-01-13GitHub
0
0
Medium Cost
sealmetrics icon

mcp-server

by sealmetrics

Sec9

Connects AI assistants like Claude to Sealmetrics analytics data, enabling natural language querying of marketing and traffic performance.

Setup Requirements

  • ⚠️Requires an active Sealmetrics account to retrieve data.
  • ⚠️Requires a Sealmetrics API token OR email/password set as environment variables for authentication.
  • ⚠️Requires manual configuration in Claude Desktop's `claude_desktop_config.json` file.
  • ⚠️Requires Python 3.10 or higher.
Verified SafeView Analysis
The server fetches credentials (API token or email/password) exclusively from environment variables, preventing hardcoding. It uses `httpx` for secure asynchronous HTTP requests with comprehensive error handling for API interactions. Basic input validation is present for date ranges. No `eval` or command injection vulnerabilities were found. The primary security consideration outside of this codebase would be the robustness of the Sealmetrics API itself against malicious input, which this server proxies.
Updated: 2025-12-12GitHub
0
0
High Cost
MxBrs icon
Sec3

A server that exposes Volatility3 memory forensic capabilities as an MCP service, designed for integration with LLM agents to perform triage analysis.

Setup Requirements

  • ⚠️Requires Python 3.12+ and `uv` for dependency management (`uv pip install`).
  • ⚠️Requires the Volatility3 binary (`vol.exe` by default on Windows) and its symbol files to be correctly installed and path-configured.
  • ⚠️A memory dump file is mandatory (`--dump <path>`).
  • ⚠️The inherent verbose nature of some Volatility3 plugins can lead to very large outputs, potentially consuming high LLM tokens if the agent's filtering rules are not strictly followed or if a broad query is legitimately made.
Review RequiredView Analysis
The server has a critical command injection vulnerability in the `execute_plugin` function. The `plugin` name and `args` are directly appended to the command executed via `subprocess.run` without sufficient sanitization. An attacker or a malicious LLM could craft these parameters to execute arbitrary commands on the host system where the server is running. Although the default binding is `127.0.0.1`, if the server is configured to listen on an external interface, this becomes a remote code execution vulnerability.
Updated: 2025-11-26GitHub
0
0
Medium Cost
siphesihle1415 icon

typescript-server-mcp

by siphesihle1415

Sec8

Provides a TypeScript Language Server specifically configured for Vue.js projects, designed to be integrated and run by a Language Server Protocol (LSP) client, typically within a VSCode extension.

Setup Requirements

  • ⚠️This code is designed to run as part of a VSCode extension, requiring the VSCode Extension Host environment to function as intended.
  • ⚠️A build step (`npm run build:prod`) is required to generate the server executable (`dist/typescript-server.mjs`) and setup the Vue TypeScript plugin pack before the server can be run.
  • ⚠️Several environment variables (`TS_MCP_LOG_DIR`, `TS_MCP_NPM_LOCATION`, etc.) are read for configuration, which may need to be set based on the deployment environment.
Verified SafeView Analysis
The server leverages the well-established 'typescript-language-server' and standard LSP communication via stdio. Configuration is read from environment variables, which is a standard practice. The explicit disabling of some LSP middleware capabilities (hover, code actions, completions) is noted as a design choice, possibly delegating these features or limiting the server's scope, but doesn't introduce obvious new vulnerabilities in the server's core execution model. No 'eval' or direct malicious patterns are present in the provided truncated code.
Updated: 2025-11-27GitHub
0
0
Low Cost
asahiman icon
Sec8

Agoras MCP Server enables AI agents and scripts to communicate bi-directionally, delegating tasks, monitoring progress, and receiving notifications for LLM-native workflows.

Setup Requirements

  • ⚠️Requires a running Redis instance.
  • ⚠️Recommended setup uses Docker and `docker-compose`.
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️The `MCP_CLIENT_ID` environment variable is crucial for identifying agents and workers.
Verified SafeView Analysis
The server's communication relies on a Redis instance. While the Agoras application itself does not show immediate vulnerabilities like 'eval' or hardcoded secrets, the security of the overall system heavily depends on the Redis configuration. If Redis is exposed publicly without proper authentication (which is not handled by Agoras), it would pose a significant security risk. The internal file communication via `/tmp/cli-task-status.json` is a local risk, but not a network one.
Updated: 2026-01-17GitHub
0
0
Medium Cost
Jescob47 icon
Sec9

Implements a Google Chat Webhook server as an AI assistant, querying a PostgreSQL database via MCP to answer corporate user questions.

Setup Requirements

  • ⚠️Requires an Anthropic API key (paid service) for the LLM configured in fastagent.secrets.yaml.
  • ⚠️Requires an AWS Account with Secrets Manager configured to store Google Service Account credentials.
  • ⚠️Requires an accessible PostgreSQL server, and its connection string must be configured in fastagent.config.yaml.
Verified SafeView Analysis
The server implements strong security measures including Google Chat token verification using Google's ID token library, domain-based access control (ALLOWED_DOMAIN), and AWS Secrets Manager for handling sensitive Google Service Account credentials. Hardcoded placeholders for 'SECRET_NAME', 'ALLOWED_DOMAIN', and 'PROJECT_URL' in 'main.py' require user replacement, which is clearly documented in the README.
Updated: 2025-12-16GitHub
0
0
Low Cost
masaomi icon
Sec3

Submit SUSHI bioinformatics jobs from Cursor/Claude via an MCP server, supporting new datasets and existing ones.

Setup Requirements

  • ⚠️Requires two distinct Conda environments (`mcp_server_py3.10` for the server, `gi_py3.12.8` for `sushi_fabric`) with specific package installations.
  • ⚠️Requires a fully functional SUSHI (Rails/Ruby) installation, including `bundle exec sushi_fabric`, at the configured `SUSHI_ROOT` path.
  • ⚠️The `SUSHI_ROOT` environment variable must be correctly configured in `~/.cursor/mcp_settings.json` and point to the SUSHI master directory.
Review RequiredView Analysis
The server constructs a shell command string using user-provided inputs like 'dataset_name' and 'next_dataset_name' and then executes it via `bash -c`. This pattern is highly vulnerable to shell injection if an attacker (or a compromised LLM) provides malicious input (e.g., `dataset_name='my_data; rm -rf /'`), allowing arbitrary commands to be executed on the host system. Input validation on `app_class`, `project`, and `dataset_id` helps, but string-based inputs are not sufficiently sanitized. Authentication is explicitly omitted for PoC purposes, further increasing risk in a non-PoC scenario.
Updated: 2025-11-25GitHub
0
0
Medium Cost
CyrilDecostanzi icon

laravel-mcp-server

by CyrilDecostanzi

Sec8

A Laravel-based Model Context Protocol (MCP) server that acts as an e-commerce demo, bridging AI assistants with enterprise business systems for business intelligence and data access.

Setup Requirements

  • ⚠️Requires Docker Desktop for local development and setup.
  • ⚠️Requires Composer for PHP dependency management.
  • ⚠️Requires an MCP-Compatible AI Client (e.g., Claude Desktop) for interaction, which involves specific client-side configuration to connect to the Docker container via `docker exec`.
Verified SafeView Analysis
The project adheres to Laravel's standard security practices, utilizing built-in request validation and Eloquent ORM for database interactions, which mitigates common vulnerabilities like SQL injection. The architecture promotes separation of concerns, keeping business logic free from HTTP/MCP specifics, enhancing maintainability. The deployment checklist demonstrates awareness of critical production security concerns (authentication, authorization, rate limiting, database security, HTTPS, audit logging, environment security). No 'eval' or obvious hardcoded secrets were found in the provided source code snippets, and configuration relies on environment variables. Some tools directly query/manipulate data based on validated inputs, necessitating careful implementation of authorization policies in a production environment.
Updated: 2025-11-23GitHub
0
0
High Cost
Prakashbishal icon

mcp-local-assistant

by Prakashbishal

Sec9

Automate the extraction of multiple-choice questions from university exam PDFs/PPTX files and generate answers using a local Ollama LLM.

Setup Requirements

  • ⚠️Requires Ollama to be installed and running locally.
  • ⚠️Requires an Ollama model (e.g., 'llama3.1:8b') to be pulled and available.
Verified SafeView Analysis
All file operations use strict path sanitization to prevent directory traversal. The server interacts with a local Ollama instance for LLM inference, which is a controlled local network dependency. No arbitrary code execution functions (like 'eval' or 'exec') were found in the core 'mcq_answer_mcp.py' implementation. Reliance on standard document parsing libraries (pypdf, python-pptx) is typical and assumed to be secure within reasonable bounds.
Updated: 2025-12-11GitHub
0
0
Low Cost
qontinui icon
Sec3

This server enables AI agents to discover, generate, validate, and execute GUI automation workflows using the Qontinui Python executor.

Setup Requirements

  • ⚠️Requires Python 3.12+ and Poetry for setup.
  • ⚠️Requires the `qontinui-runner` Python executor, which is an external dependency and not installed by this project's `poetry install`.
  • ⚠️The `ExecutorBridge` might require setting the `QONTINUI_PYTHON_BRIDGE_PATH` environment variable if the `qontinui-runner` directory structure is not standard or cannot be auto-detected.
Review RequiredView Analysis
The `evaluate_success_criteria` function uses `eval()` for custom workflow conditions. While it attempts to restrict `__builtins__`, `eval()` with arbitrary input from workflow definitions (which can be generated by AI or created via API) poses a significant risk of arbitrary code execution if a malicious workflow is processed. The `subprocess.Popen` calls are part of core functionality for spawning the executor and appear controlled, but the `eval` vulnerability is critical. No hardcoded secrets were found.
Updated: 2025-12-05GitHub
0
0
Medium Cost
Rayan002 icon

project-atlas

by Rayan002

Sec8

A modular, multi-server AI system for planning end-to-end travel itineraries by orchestrating distinct micro-agents.

Setup Requirements

  • ⚠️Requires Python 3.13+
  • ⚠️Requires UV package manager
  • ⚠️Requires Node.js for MCP Inspector and potentially other MCP servers
  • ⚠️Requires multiple API keys for various services (e.g., HERE_API_KEY, and keys for web search, flight data, accommodation, currency, and AI models for the Memory Server)
Verified SafeView Analysis
API keys are correctly managed via environment variables (e.g., HERE_API_KEY). The project relies on external Node.js packages via 'npx' (e.g., @openbnb/mcp-server-airbnb, @modelcontextprotocol/inspector) which introduces a standard supply chain risk, but these are specific packages rather than arbitrary command execution. No direct 'eval' or obfuscation found in the provided Python code snippets. Network calls to external APIs are inherent to the project's functionality.
Updated: 2025-11-23GitHub
PreviousPage 669 of 713Next