Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
jasbir125 icon

mcp_server_mysql

by jasbir125

Sec4

Exposes MySQL database operations as tools for AI assistants via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Python 3.12.x
  • ⚠️Requires a MySQL server (local or remote)
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop)
  • ⚠️Requires specific configuration in a client's JSON config file and environment variables.
Review RequiredView Analysis
The `run_query` function directly executes arbitrary SQL passed as a string from the AI assistant. This presents a critical SQL injection vulnerability if the AI's output is not perfectly controlled and sanitized, or if a prompt injection attack occurs. While other functions use parameterized queries, `run_query` lacks any input validation or sanitization, making it highly susceptible to malicious or accidental database modifications and data exfiltration.
Updated: 2025-11-27GitHub
0
0
Low Cost
Akungapaul icon

wp-content-mcp

by Akungapaul

Sec8

Manages WordPress posts and pages, providing tools for content creation, updates, deletion, and advanced operations like scheduling and bulk editing.

Setup Requirements

  • ⚠️Requires an existing WordPress instance with the REST API enabled.
  • ⚠️Requires WordPress Application Passwords to be configured for authentication.
  • ⚠️WP-CLI functionality is optional but requires local WP-CLI installation or SSH access configured via environment variables for remote execution.
Verified SafeView Analysis
The server uses Zod for input validation, which is a good practice to prevent malformed requests. Sensitive credentials (WordPress URL, username, app password, and WP-CLI SSH details) are expected via environment variables, not hardcoded. The implementation relies on `@akungapaul/wp-mcp-shared` for WordPress REST API and WP-CLI interactions. While the `server.js` itself doesn't expose direct command injection vulnerabilities, the security of the WP-CLI integration (especially remote SSH execution) depends heavily on the robustness of the `WPCLIClient` implementation within the shared library. Without access to that library's source, it's an assumption of safe handling of external commands. No 'eval' or obvious obfuscation is present.
Updated: 2025-11-28GitHub
0
0
Low Cost
ShakibaMirbagheri icon

mcp-google-drive

by ShakibaMirbagheri

Sec8

Provides a Machine Control Protocol (MCP) interface to interact with Google Drive files and folders.

Setup Requirements

  • ⚠️Requires manual Google Cloud Console setup to obtain `credentials.json` (OAuth client ID).
  • ⚠️Requires an initial manual OAuth authentication flow to generate `tokens.json`.
  • ⚠️Requires Python 3.11 or higher for local execution.
Verified SafeView Analysis
The server handles Google OAuth2 credentials and API tokens (tokens.json and credentials.json) which are sensitive and must be securely stored by the user. The tokens.json file is loaded using pickle.load, which is generally risky if the source is untrusted, but here it's expected to be generated by the project's own auth_setup.py, mitigating the risk if the file is not externally tampered with. Running the server on 0.0.0.0 exposes it to the network by default; users should ensure proper network isolation or configure a more restrictive host if needed.
Updated: 2025-11-27GitHub
0
0
Medium Cost
baraninja icon

cluster-mcp

by baraninja

Sec9

Provides a unified interface for accessing diverse research, socioeconomic, news, health, environment, and trade data from multiple external providers.

Setup Requirements

  • ⚠️Node.js version 20.0.0 or higher is required for all servers.
  • ⚠️Full functionality for `environment-mcp` requires setting the `OPENAQ_API_KEY` environment variable. The `trade-mcp` and `research-mcp` servers also benefit from `COMTRADE_API_KEY` and `CONTACT_EMAIL` respectively for better rate limits and polite access.
  • ⚠️Some servers (e.g., `environment-mcp`, `health-mcp`, `trade-mcp`) rely on local data files (e.g., country codes, HS catalogs) that must be present in the `dist/data/` directory after the build process.
Verified SafeView Analysis
API keys and sensitive contact emails are correctly managed via environment variables and explicitly declared as sensitive in `manifest.json` files. Input validation uses `zod` schemas. The HTTP client includes retry logic and rate limit extraction to prevent abuse of upstream APIs. The `news-mcp`'s `fetch_article` tool fetches arbitrary URLs but implements `maxChars` limits and an `htmlToPlainText` function to strip potentially malicious HTML/scripts, mitigating XSS risks for the parsed content. No `eval` or obvious malicious patterns were found.
Updated: 2026-01-01GitHub
0
0
Medium Cost
the-artinet-project icon

router

by the-artinet-project

Sec2

A dynamic orchestration library for routing messages between A2A enabled AI agents and marshalling MCP tool servers, enabling complex multi-agent and tool-using AI applications.

Setup Requirements

  • ⚠️Requires Node.js version >=18.9.1.
  • ⚠️Relies on an external Artinet API (api.stage.artinet.io/v1/connect) for core routing decisions, which could be a point of failure or require specific authentication/pricing.
  • ⚠️Requires external MCP tool servers (e.g., @modelcontextprotocol/server-filesystem) to be installed and available for specific functionalities.
  • ⚠️Currently only supports stdio MCP Servers, limiting integration options to processes that communicate via standard I/O streams.
Review RequiredView Analysis
The library utilizes `child_process.execSync` within `src/utils/env-expand.ts` to expand shell variables in arguments for MCP tool servers. This `envArgsCapture` function is called when creating new tools (`src/tools/init.ts`). If the `StdioServerParameters.args` (or `command`) provided to `createTool` can be influenced by untrusted or malicious input, it could lead to arbitrary command execution on the host system. The `README.md` examples show dynamic commands (e.g., `npx @modelcontextprotocol/server-filesystem`), highlighting the potential for this vector. This constitutes a critical security risk.
Updated: 2025-11-23GitHub
0
0
Low Cost
hi-ropon icon

plc-gateway

by hi-ropon

Sec3

This server provides a FastAPI REST API for reading device values from Mitsubishi PLCs using the MC protocol.

Setup Requirements

  • ⚠️Requires a Mitsubishi PLC accessible via network (TCP/UDP).
  • ⚠️No built-in authentication or authorization, requiring external security measures for production deployment.
  • ⚠️Network connectivity between the server and the PLC is essential; firewall rules must permit MC Protocol communication (default port 5511).
Review RequiredView Analysis
The server uses `allow_origins=["*"]` for CORS, which is a significant security risk in production environments as it allows cross-origin requests from any domain. There is no visible built-in authentication or authorization for API access, which is critical for an API interacting with industrial control systems. The `--production` flag binds the API to `0.0.0.0`, making it publicly accessible, which, when combined with the lack of authentication and permissive CORS, creates a major vulnerability. Dynamic PLC IP/port specification in API requests (`plc_host` parameter) increases flexibility but also expands the attack surface if not securely deployed. The `_read_plc` and `_batch_read_plc` functions establish and close a new PLC connection for each API request, which could be an efficiency concern under high load but is not a security flaw.
Updated: 2025-12-18GitHub
0
0
Medium Cost
coval-ai icon

mcp-server

by coval-ai

Sec9

Provides a Model Context Protocol (MCP) server that enables AI assistants to interact with the Coval AI evaluation platform for launching and monitoring evaluation runs, managing AI agents and test sets, and retrieving evaluation metrics.

Setup Requirements

  • ⚠️A Coval API Key is required (COVAL_API_KEY environment variable or X-API-Key header in Lambda). Without it, the server will only enable a basic 'ping' tool.
  • ⚠️Requires Node.js version 20.0.0 or higher, as specified in package.json.
Verified SafeView Analysis
The server correctly retrieves the Coval API key from environment variables or HTTP headers (for Lambda), avoiding hardcoded secrets. All tool inputs are rigorously validated using Zod schemas, significantly reducing the risk of malformed requests and injection vulnerabilities. Network requests are confined to the defined Coval API, and comprehensive error handling ensures that internal errors are not leaked directly to the client. There is no direct usage of 'eval' or other inherently dangerous functions that would allow arbitrary code execution.
Updated: 2026-01-16GitHub
0
0
Low Cost
rncz icon
Sec9

Allows a Large Language Model (LLM) to fetch accurate current time, offset, delay, and stratum from NTP servers for various timezones.

Setup Requirements

  • ⚠️Requires 'uv' for dependency management and running the server, which might be unfamiliar to users accustomed to 'pip'.
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires an LLM software with tool calling capabilities configured to integrate the MCP server.
Verified SafeView Analysis
The server connects to public NTP servers (pool.ntp.org) which is a standard and generally safe operation for time synchronization. No 'eval', 'exec', or other dynamic code execution methods are used. No hardcoded sensitive credentials were found. Input validation for 'server_index' ensures it stays within bounds of the predefined NTP server list. Timezone input is handled by 'pytz.timezone' with error trapping for invalid inputs. Overall, the code appears robust and secure for its intended purpose.
Updated: 2025-12-13GitHub
0
0
Medium Cost
jasonzhangshuo icon

memory-mcp-server

by jasonzhangshuo

Sec8

A personal memory management system that allows an AI agent to store, search, update, and summarize personal memories, goals, and decisions, with robust integration and synchronization capabilities with the Feishu (Lark) platform for data visualization and backup.

Setup Requirements

  • ⚠️Requires extensive Feishu API configuration, including setting up an application, obtaining an App ID, App Secret, App Token (for Base/Bitable), Table ID, and specific Feishu app permissions (e.g., `bitable:app`, `drive:drive`, `im:message`, `wiki:wiki.readonly`).
  • ⚠️Python dependencies, including the potentially heavy `sklearn` for similarity calculations, must be installed (`pip install -r requirements.txt`).
  • ⚠️For user-specific Feishu access (e.g., listing personal cloud documents), an OAuth 2.0 flow is required, involving manual browser interaction to get an authorization `code` and then exchanging it for `user_access_token` and `refresh_token`.
  • ⚠️Specific operating system-level configurations are necessary, such as configuring the MCP Server within an IDE like Cursor (editing `cline_mcp_settings.json`) or setting up a macOS LaunchAgent/crontab for automatic Feishu synchronization.
Verified SafeView Analysis
The server uses parameterized queries (`aiosqlite`) to prevent SQL injection. Sensitive credentials are read from environment variables, avoiding hardcoding. Pydantic models are used for input validation, mitigating common injection risks. The Feishu event webhook has basic token validation, and explicitly notes that encryption is not implemented, meaning it won't attempt to process encrypted payloads without the `ENCRYPT_KEY` being set, which is a safe default. File system operations are primarily on internally managed paths (`entries/`). External API calls are handled by `httpx`, a standard and secure library. No obvious `eval` or `exec` vulnerabilities in user-controlled paths were found. The primary risk would stem from misconfiguration of Feishu API permissions or the webhook exposing itself publicly without robust access controls.
Updated: 2026-01-19GitHub
0
0
Low Cost
ThoreKoritzius icon

graphql-mcp-server

by ThoreKoritzius

Sec7

A Python MCP server for LLMs that indexes a GraphQL schema, stores embeddings for type-field signatures, and enables fast semantic lookup and query execution against a GraphQL endpoint.

Setup Requirements

  • ⚠️Requires an OpenAI API Key (or compatible embedding service) for generating embeddings, which typically involves paid usage.
  • ⚠️Requires either a local GraphQL Schema Definition Language (SDL) file (default: src/schema.graphql) or access to a live GraphQL endpoint with introspection enabled.
  • ⚠️Requires a Python 3 environment and package installation via pip.
Verified SafeView Analysis
The server makes network requests to user-configured embedding endpoints (via `GRAPHQL_EMBEDDINGS_URL`) and GraphQL API endpoints (via `GRAPHQL_ENDPOINT_URL`). While essential for its function, configuring with untrusted URLs could expose internal networks to Server-Side Request Forgery (SSRF) vulnerabilities if the server is publicly exposed. No 'eval' or obvious malicious code patterns were found. API keys and sensitive configuration are loaded from environment variables, promoting secure practice. `json.loads` is used for parsing environment variables like `GRAPHQL_EMBED_HEADERS` and `GRAPHQL_ENDPOINT_HEADERS`, which are configuration and not arbitrary runtime user input.
Updated: 2026-01-19GitHub
0
0
Low Cost
Cloudscockpit icon

actionboard-mcp

by Cloudscockpit

Sec5

Provides a custom server for integration with Actionboard.ai services.

Review RequiredView Analysis
Insufficient source code provided for a comprehensive security audit. No 'eval', obfuscation, hardcoded secrets, or malicious patterns could be identified as only the README was available. A full code review is required.
Updated: 2025-11-27GitHub
0
0
Low Cost
HananiahKao icon

bible-MCP-server

by HananiahKao

Sec9

Provides access to Bible verses and footnotes from a SQLite database via Model Context Protocol.

Setup Requirements

  • ⚠️Requires the 'Bible20240820.sqlite' database file, which is not included in the repository and must be acquired separately.
  • ⚠️The path to the SQLite database is hardcoded as '/Users/hananiah/Developer/bible-MCP-server/Bible20240820.sqlite' in 'src/index.ts' and will require manual modification or recreating the exact directory structure for the server to function correctly outside of the original developer's environment.
  • ⚠️The 'sqlite3' dependency is a native Node.js module and may require appropriate build tools (e.g., Python, C/C++ compiler) on the host system during 'npm install' if pre-built binaries are not available for your specific platform.
Verified SafeView Analysis
The server uses parameterized SQL queries to prevent injection and opens the SQLite database in read-only mode, significantly enhancing security. No 'eval' or external network calls detected. The main deployment friction is a hardcoded database path, not a direct security vulnerability.
Updated: 2025-11-29GitHub
PreviousPage 670 of 713Next