Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
GentlemanHu icon

Tabby-MCP

by GentlemanHu

Sec7

Provides a comprehensive Model Context Protocol (MCP) server plugin for Tabby Terminal, allowing AI assistants to control the terminal with various tools.

Setup Requirements

  • ⚠️Requires Tabby Terminal to be installed.
  • ⚠️Requires Node.js 18+ for building from source or using the STDIO bridge.
  • ⚠️The plugin must be enabled and the MCP server started manually from Tabby's settings after installation and restart.
  • ⚠️Requires Tabby to be restarted after plugin installation.
Verified SafeView Analysis
The server exposes powerful terminal control and system interaction capabilities (e.g., `exec_command`, `send_input`, `quick_connect`). A critical security feature is the 'Pair Programming Mode' which, by default, prompts the user for confirmation before executing arbitrary commands via `exec_command`. This significantly mitigates the risk of a rogue AI or malicious input. However, the `send_input` and `quick_connect` tools, which can manipulate interactive terminal sessions or initiate SSH connections, do not appear to have a similar confirmation dialog by default. Running locally on `http://localhost:3001` reduces external network exposure, but local processes can still interact with it. No obvious hardcoded secrets or 'eval' calls found directly within the provided code, but the nature of executing arbitrary commands necessitates careful use and confirmation.
Updated: 2026-01-19GitHub
0
0
Low Cost
rijwanansari icon

MyFirstMCPDemo

by rijwanansari

Sec1

A learning project for demonstrating MCP server and client functionalities with a demo host.

Setup Requirements

  • ⚠️Requires specific MCP environment/dependencies, which are undefined in the provided information.
Review RequiredView Analysis
No executable source code was provided for analysis; only the README.md was available. The project description mentions 'MCP server and Client', implying network communication which inherently carries security risks. Without code, a proper security audit for 'eval', hardcoded secrets, or malicious patterns is impossible, thus safety cannot be guaranteed.
Updated: 2025-11-30GitHub
0
0
Medium Cost
Anashel-RPG icon

mcp-postgres

by Anashel-RPG

Sec9

LLM-powered data analysis and exploration on a PostgreSQL database, utilizing Cloudflare Workers for scalable and secure deployment.

Setup Requirements

  • ⚠️Requires a Cloudflare account with Workers, Hyperdrive, and Durable Objects enabled.
  • ⚠️Requires a PostgreSQL database instance connected via Cloudflare Hyperdrive.
  • ⚠️Requires an OpenAI API Key (or compatible AI endpoint), which is typically a paid service.
  • ⚠️Relies heavily on the `wrangler` CLI for local development and deployment.
Verified SafeView Analysis
The project demonstrates strong security practices. SQL queries use parameterized statements and identifier escaping to prevent injection. API keys are managed via environment variables and validated with `timingSafeEqual`. TOTP-based 2FA with brute-force protection is implemented for `llm-app`. Cross-Origin Resource Sharing (CORS) is explicitly configured. Sensitive data is sanitized from logs and error messages. Durable Objects are used for secure state persistence. Content Security Policy (CSP) and other security headers are enforced for frontend assets. Inputs and LLM outputs are truncated to prevent context window attacks and excessive costs, and markdown content is sanitized for XSS prevention. Default settings prioritize fail-closed security for unauthenticated access. Minor improvements could involve stricter input validation on all API endpoints or more frequent key rotation policies.
Updated: 2026-01-19GitHub
0
0
Medium Cost
bioanywhere icon

pastor

by bioanywhere

Sec9

A client library for programmatic access to the World News API, enabling users to search for news, extract news links, retrieve article details, and access newspaper front pages.

Setup Requirements

  • ⚠️Requires an API key for the World News API, likely involving a paid subscription for significant usage.
  • ⚠️Python client requires Python 3.7+.
  • ⚠️C++ client requires CMake 3.2+, Qt, and a C++ compiler.
Verified SafeView Analysis
The code is a generated client library using OpenAPI Generator, which generally produces robust and standard API interaction logic. API keys are designed to be provided programmatically by the user, not hardcoded in the library, which is good practice. The primary security considerations would be the user's own handling of these API keys (e.g., secure storage) and the inherent security of the remote World News API service, which is outside the scope of this client library's code.
Updated: 2025-12-13GitHub
0
0
Low Cost
itoyuya1005 icon
Sec8

Provides a Model Context Protocol (MCP) server on Cloudflare Workers, exposing simple calculator-like tools and user identity, secured via Google OAuth.

Setup Requirements

  • ⚠️Requires setting up a Google OAuth 2.0 client ID and secret, including configuring redirect URIs.
  • ⚠️Requires configuring KV Namespace (OAUTH_KV) and Durable Object Namespace (MCP_OBJECT) bindings in the Cloudflare Worker.
  • ⚠️The server implements Google OAuth for user authentication, which is a critical setup step and contradicts the 'authless' description in the repository name and README title.
Verified SafeView Analysis
The server uses `zod` for schema validation in its tool definitions, which is good for input sanitization. Google OAuth is implemented using `@cloudflare/workers-oauth-provider` and `Hono`. The OAuth flow includes CSRF protection via state stored in KV, secure token exchange with Google, and optional domain validation. No explicit `eval` or similar dangerous functions are used with untrusted input. The reliance on Cloudflare's platform and SDKs suggests a reasonable security posture for the core infrastructure. The main discrepancy is the README's 'authless' claim versus the code's full OAuth implementation, which could lead to user misconfiguration if not careful.
Updated: 2025-12-03GitHub
0
0
Low Cost
malekmaciej icon

mcp-server

by malekmaciej

Sec3

Provides a simple HTTP server implementing a protocol likely related to MCP (e.g., Minecraft Classic Protocol).

Review RequiredView Analysis
A comprehensive security audit is not possible as the 'SOURCE CODE' provided only contained the project's README.md file. No actual executable source code (e.g., JavaScript, Python files) was available for analysis. Without access to the implementation details, it's impossible to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns. The score is low due to this complete lack of visibility and verifiability.
Updated: 2025-11-30GitHub
0
0
Medium Cost
Epawse icon

mcp-geo-tools

by Epawse

Sec7

Provides geographic spatial tools for 3D globe visualization, enabling AI agents to control map navigation, markers, weather effects, and time settings.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️For 'execute' mode functionality, an external 'GeoCommander' instance must be running, which entails additional setup (e.g., `git clone geocommander`, `npm run dev`).
  • ⚠️Full interactive experience requires an MCP-compatible client like Claude Desktop/Code.
Verified SafeView Analysis
The server primarily acts as an MCP interface, either returning JSON instructions or forwarding commands to a GeoCommander instance via HTTP. It does not appear to contain 'eval', arbitrary file operations, or hardcoded secrets. The main security consideration is in 'execute' mode where it sends commands to an endpoint defined by `GEOCOMMANDER_URL`. If this environment variable is configured to an untrusted or malicious server, it could lead to unintended command execution on that remote server. However, by default, it points to 'localhost', and its intended use is within a trusted GeoCommander ecosystem.
Updated: 2025-11-27GitHub
0
0
Low Cost

OpenMeteoMCPServer

by dstamand-msft

Sec9

Provides comprehensive weather and geolocation data as callable tools via Model Context Protocol (MCP) for integration with AI assistants and other MCP-compatible clients.

Setup Requirements

  • ⚠️Requires an active Azure Subscription with permissions to deploy Azure Functions, storage accounts, and Application Insights, incurring cloud resource costs.
  • ⚠️Requires .NET 10.0 SDK and Azure Functions Core Tools v4 for local development and deployment.
  • ⚠️To integrate with AI assistants, a separate Azure AI Project (or compatible LLM deployment) is necessary, which will incur LLM token costs when tools provided by this server are invoked.
Verified SafeView Analysis
The server's 'webhookAuthorizationLevel' is set to 'Anonymous', but the README provides robust guidance on securing the endpoint via Azure AD (Microsoft Entra) app registration and authentication, making it safe when configured as advised. No 'eval', code obfuscation, or hardcoded secrets are identified. All sensitive configurations are managed through environment variables or app settings.
Updated: 2025-11-27GitHub
0
0
High Cost
RobertBergman icon

mcp-dnac

by RobertBergman

Sec7

Provides intelligent wireless client management and infrastructure monitoring for Cisco DNA Center via the Model Context Protocol (MCP) for AI assistants.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires access to a Cisco DNA Center instance with API credentials.
  • ⚠️Requires Claude Desktop or another MCP client to interact with the server.
  • ⚠️SSL certificate verification is disabled by default, which may be a concern in untrusted network environments.
Verified SafeView Analysis
The server explicitly disables SSL certificate verification (`verify=False`) for HTTPX client and suppresses warnings. While justified by the project for self-signed certificates in DNAC deployments, it introduces a potential Man-in-the-Middle (MITM) risk if the network environment between the server and DNAC is not fully trusted. Credentials are loaded from environment variables, which is good practice. No 'eval' or other arbitrary code execution patterns from user input were found.
Updated: 2025-11-18GitHub
0
0
Low Cost
steven-whitehead-webscale icon

ZendeskMcpServer

by steven-whitehead-webscale

Sec8

Provides Zendesk Help Center articles as context for Cursor AI via Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Zendesk API Token and valid Zendesk credentials (subdomain, email).
  • ⚠️Requires .NET 8.0 SDK to build and run.
  • ⚠️For HTTP mode, the server needs to be network accessible from where Cursor is running.
Verified SafeView Analysis
The server uses environment variables or appsettings.json for credentials, which is good practice. The README explicitly warns against committing API tokens. However, the default HTTP server listens on `0.0.0.0:8080`, making it accessible on all network interfaces, which requires proper firewalling in production environments. Example configurations in the README show credentials directly in JSON, which could mislead users to hardcode secrets if they don't follow the best practices outlined.
Updated: 2025-11-27GitHub
0
0
Medium Cost
alysson-souza icon

freshrss-mcp

by alysson-souza

Sec9

Manage and interact with a FreshRSS instance, including articles, feeds, folders, labels, and statistics.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️Requires an existing FreshRSS instance with the Google Reader API enabled.
  • ⚠️FreshRSS API password must be obtained from 'Settings → Profile → API Management' in your FreshRSS instance.
  • ⚠️The following environment variables are strictly required: FRESHRSS_URL, FRESHRSS_USERNAME, FRESHRSS_API_PASSWORD.
Verified SafeView Analysis
The server uses environment variables for sensitive FreshRSS credentials, which is good practice. It handles API communication securely over HTTP/S with retry logic and input validation via Zod. The Fever API key is derived using MD5 hashing of username and API password, adhering to the Fever API specification. No direct arbitrary code execution ('eval') or significant network vulnerabilities were identified in the core logic. Security relies heavily on the user's FreshRSS instance being securely configured and accessed over HTTPS.
Updated: 2025-12-13GitHub
0
0
Low Cost
matthewhanson icon

athenaeum

by matthewhanson

Sec8

A specialized RAG (Retrieval-Augmented Generation) system designed for RPG world knowledge bases, providing semantic search, timeline queries, and multi-persona chat capabilities for game masters and world-builders.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for chat and answer generation features.
  • ⚠️Docker is required to build and deploy container images to AWS Lambda.
  • ⚠️Requires Python 3.12 or higher.
  • ⚠️AWS CDK is required for cloud deployment (install via npm).
Verified SafeView Analysis
The default CORS configuration `allow_origins=["*"]` is too permissive for production and should be restricted by the user. `subprocess.Popen` is used in the CLI to launch the uvicorn server, but the command arguments are controlled and not vulnerable to arbitrary command injection. OpenAI API keys are correctly sourced from environment variables. No 'eval' or code obfuscation patterns were found.
Updated: 2025-12-25GitHub
PreviousPage 685 of 713Next