Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
Webstep icon
Sec9

The server provides a set of tools for generating bid documents, checking content compliance against requirements, validating brand consistency, and applying document templates.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) 17+ to run a Spring Boot application.
  • ⚠️By default, document generation is in 'mock mode' and will not create physical files (documents.mock.enabled:true). To enable file generation, this property must be set to 'false'.
  • ⚠️Default CORS allowed origins are 'http://localhost:5173,http://localhost:3000'. If accessing from other origins, 'cors.allowed-origins' must be configured.
Verified SafeView Analysis
The server, by default, operates in 'mock mode' (documents.mock.enabled:true), meaning it does not physically generate PDF/Word files or interact with the file system for output. Document generation methods primarily calculate metadata and store results in an in-memory map. No 'eval' or other dynamic code execution is present. Input parameters are explicitly typed and validated (e.g., asText(), asInt()). CORS is configured to specific origins. The primary risk would arise if 'mockEnabled' were set to 'false' and the underlying (unseen) document generation library had vulnerabilities, or if the 'outputDir' could be manipulated by a sophisticated attack (mitigated by 'sanitizeFileName'). As presented, it's quite safe.
Updated: 2026-01-16GitHub
0
0
Medium Cost
roelven icon
Sec9

Enables AI chat clients to read and update Planka kanban boards via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a self-hosted Planka instance to connect to.
  • ⚠️Manual generation of a Planka API token (JWT) is recommended, or fallback to email/password.
  • ⚠️Requires Python 3.10+.
Verified SafeView Analysis
The server correctly retrieves API credentials from environment variables (`PLANKA_API_TOKEN`, `PLANKA_EMAIL`/`PLANKA_PASSWORD`, `PLANKA_API_KEY`) ensuring sensitive information is not hardcoded. It uses `httpx` for network requests, which is a robust library. Permissions are inherited from the authenticated Planka user, so access is restricted to what the user can see/do in Planka. No obvious malicious patterns, `eval` usage, or obfuscation were found. Users should ensure `PLANKA_BASE_URL` points to a trusted Planka instance, preferably over HTTPS.
Updated: 2025-12-18GitHub
0
0
Low Cost
goncalorosa96 icon

codemode-mcp

by goncalorosa96

Sec1

This repository presents itself as a tutorial for setting up GitHub Pages, but it primarily serves to direct users to repeatedly download an unknown ZIP file.

Setup Requirements

  • ⚠️The primary 'source code' provided is a README.md, not an executable server. The repository's content is a deceptive tutorial.
  • ⚠️All links and suggested filenames/repository names within the README point to a single `.zip` file, indicating an attempt to make users download unknown content.
  • ⚠️Following the instructions could lead to downloading and potentially executing untrusted code from the `.zip` file, which is not part of this analysis.
Review RequiredView Analysis
The provided 'source code' is solely a README.md file, not an MCP server or any executable code. Therefore, there are no traditional server-side vulnerabilities to audit like 'eval' or hardcoded secrets within this file. However, the README itself contains highly suspicious and misleading instructions. All internal and external links, including those for 'learning more', images, and even the suggested repository name for GitHub Pages, point to a single URL: 'https://raw.githubusercontent.com/goncalorosa96/codemode-mcp/master/keratoglossus/codemode-mcp.zip'. This pattern is designed to repeatedly direct users to download an unknown ZIP file. The instructions to rename a repository to a ZIP file URL are incorrect for GitHub Pages setup and indicate a potential attempt to trick users into downloading and potentially executing arbitrary content. The primary security risk lies in the deceptive nature of the repository's instructions, which could lead users to interact with untrusted software.
Updated: 2026-01-19GitHub
0
0
Low Cost
UnitVectorY-Labs icon

mcp-vertex-search-snippets

by UnitVectorY-Labs

Sec9

This MCP server integrates with Google Cloud's Vertex AI Search (Discovery Engine) to provide configurable search snippets and extractive segments from indexed documents.

Setup Requirements

  • ⚠️Requires a Google Cloud project with Vertex AI Search (Discovery Engine) configured.
  • ⚠️Requires a 'vertex.yaml' configuration file (containing 'project_id', 'location', 'app_id').
  • ⚠️Requires Google Cloud Application Default Credentials to be set up in the environment where the server runs.
Verified SafeView Analysis
The server handles Google Cloud authentication securely via Application Default Credentials or an Authorization header passed to the HTTP endpoint. Inputs are structured and passed to the Vertex AI Search API without direct code execution. No hardcoded secrets or 'eval'-like dangerous patterns were found. Debug logging to stderr could expose request/response details if enabled in a sensitive environment, but this is a configurable debug feature.
Updated: 2026-01-17GitHub
0
0
Low Cost
Traia-IO icon
Sec8

Provides an MCP server to enable AI agents and LLMs to interact with the Nikola Test API through standardized tools.

Setup Requirements

  • ⚠️Requires Docker for recommended installation methods.
  • ⚠️Requires Python 3.12+ for manual installation.
  • ⚠️Requires configuration of D402 payment protocol environment variables (`SERVER_ADDRESS`, `MCP_OPERATOR_PRIVATE_KEY`, `D402_FACILITATOR_URL`) for non-testing modes.
  • ⚠️Currently provides placeholder `example_tool` and `get_api_info` (which is likely server info), requiring further implementation for full Nikola Test API access.
Verified SafeView Analysis
The server uses `os.getenv` for sensitive configurations, improving security over hardcoded values. CORS is set to `allow_origins='*'` which is a common practice for development but should be restricted in production deployments to prevent unauthorized access. For local development, `run_local_docker.sh` dynamically generates Ethereum keys and updates the `.env` file, which is a convenience but relies on the integrity of the script and local environment.
Updated: 2025-12-12GitHub
0
0
Medium Cost
bsuraj23 icon
Sec7

A RAG chatbot API that allows users to upload a single PDF document and ask questions based on its content, leveraging Langchain, Pinecone, and OpenAI for intelligent retrieval and question answering.

Setup Requirements

  • ⚠️Requires a Pinecone API Key and an active Pinecone index (Pinecone is a paid service, though a free tier is available).
  • ⚠️Requires an OpenAI API Key (OpenAI is a paid service).
  • ⚠️The HuggingFace embedding model ('sentence-transformers/all-MiniLM-L6-v2') will be downloaded locally on first run, requiring internet access and local disk space.
Verified SafeView Analysis
The application uses environment variables for sensitive API keys (Pinecone, OpenAI), which is good practice. However, the CORS middleware is configured to allow all origins ('*'), which is generally not recommended for production environments as it can be an information disclosure risk. PDF files are saved to a temporary 'uploads' directory without an explicit cleanup mechanism, which could lead to disk space exhaustion over time. File type and size validation are implemented for uploaded PDFs. No 'eval' or obvious malicious patterns were detected in the provided source code.
Updated: 2025-12-13GitHub
0
0
Low Cost
rajanpatel126 icon

mcp-server

by rajanpatel126

Sec8

A personal expense tracker with tools to add, list, delete, and summarize expenses, providing an API for financial management.

Setup Requirements

  • ⚠️Database persistence: The `server.py` implementation stores the SQLite database in a temporary directory, meaning all expense data will be lost on server restart or system reboot.
  • ⚠️Requires Python >= 3.11.
  • ⚠️Relies on specific `fastmcp` and `aiosqlite` library versions as per `pyproject.toml`.
Verified SafeView Analysis
The server uses parameterized SQL queries ('?') which effectively prevents SQL injection. No 'eval' or similar dangerous functions are used. There are no hardcoded sensitive credentials. The `DB_PATH` in `server.py` uses a temporary directory, which is a functional issue regarding data persistence rather than a direct security vulnerability, though permissions on temporary directories should always be appropriately managed by the OS.
Updated: 2025-11-23GitHub
0
0
Medium Cost
choco-bain icon

mcp-server

by choco-bain

Sec9

Provides weather alerts and forecasts via integration with the National Weather Service (NWS) API.

Setup Requirements

  • ⚠️Python 3.12+ required.
Verified SafeView Analysis
No 'eval' or malicious patterns found. Uses 'httpx' for external API calls to the public NWS API, with proper error handling for network requests. No hardcoded secrets.
Updated: 2025-11-24GitHub
0
0
Medium Cost
riolaf05 icon

aws-agentcore

by riolaf05

Sec3

An AI Assistant suite designed for personal and professional organization, featuring multi-agent orchestration for task management, daily briefings, web research, contact management, event planning, and candidate-job matching, integrated with AWS Bedrock AgentCore and various external APIs.

Setup Requirements

  • ⚠️Extensive AWS infrastructure setup is required, involving many services (Lambda, DynamoDB, Bedrock AgentCore, Cognito, IAM, Secrets Manager, EventBridge, CloudWatch).
  • ⚠️Hardcoded OAuth2 client ID and secret in multiple agent files (`agents/*/agent.py`) must be manually updated in code and then re-deployed for secure production use. These should ideally be loaded from environment variables or AWS Secrets Manager.
  • ⚠️Requires a Telegram Bot Token, a Telegram Chat ID, and potentially an Azure App Registration (with specific scopes) for Outlook integration.
Review RequiredView Analysis
Critical security risks identified: Multiple agent files (`agents/*/agent.py`) contain hardcoded OAuth2 client IDs and secrets (`CLIENT_ID`, `CLIENT_SECRET`, `TOKEN_URL`, `GATEWAY_URL`). These credentials are used to authenticate with an AWS AgentCore Gateway, granting potentially wide access if compromised. This directly contradicts best practices for sensitive data handling, which are mentioned in the main README (`GATEWAY_CLIENT_SECRET` via .env) but not implemented in the individual agent's source code. While input sanitization (`sanitize_input` in `shared/utils/helpers.py`) exists, its consistent application across all data interactions (especially for MongoDB search in `Needs API`) needs further verification. The main `mcp-server/server.py` correctly loads secrets from environment variables or AWS Secrets Manager.
Updated: 2026-01-19GitHub
0
0
Medium Cost
CEDARScript icon
Sec9

Enable AI agents to perform intelligent, semantic-aware code transformations via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Python 3.11+.
  • ⚠️Dependencies `cedarscript-editor` and `mcp` must be installed (handled by pip install).
  • ⚠️A project root directory must be specified via `--root` argument or `CEDARSCRIPT_ROOT` environment variable for operation.
Verified SafeView Analysis
The server features robust security measures including explicit path validation to prevent traversal attacks, a configurable denylist for sensitive files/directories (e.g., .git, .env, credentials), a mandatory read-only mode option, and file size limits. It communicates via STDIO (inter-process) rather than open network ports, reducing external attack surface. No direct 'eval' or 'exec' of untrusted code is observed, relying on the `cedarscript-editor` for command parsing, which is a domain-specific language parser. Overall, the design prioritizes security.
Updated: 2025-11-22GitHub
0
0
Medium Cost
Wuubzi icon
Sec8

A backend service for managing medical appointments, doctors, patient profiles, and specialties, enhanced with AI tooling for conversational interaction.

Setup Requirements

  • ⚠️Requires a relational database (e.g., PostgreSQL, MySQL) configured in `application.properties` or `application.yml`.
  • ⚠️Requires Java Development Kit (JDK) 17 or higher.
  • ⚠️Requires SMTP server configuration (host, port, username, password) for email notifications via `GmailService`.
  • ⚠️Requires an AI provider API key (e.g., OpenAI, Google Gemini) to fully leverage `@Tool` annotations and Spring AI capabilities.
Verified SafeView Analysis
The application uses Spring Data JPA with parameterized queries via `@Param` for native queries, which helps prevent common SQL injection vulnerabilities. Sensitive configurations, such as email credentials, are externalized using `@Value`, a good practice. No direct use of `eval` or similar high-risk functions was observed.
Updated: 2025-11-19GitHub
0
0
Low Cost
horison-ai icon

mcp-shared

by horison-ai

Sec9

Provides a thread-safe, TTL-based, and auto-refreshing cache for OAuth credentials for MCP servers to reduce redundant authentication calls.

Setup Requirements

  • ⚠️Requires `INTERNAL_API_KEY` environment variable for secure communication.
  • ⚠️Relies on an external `connectivity-service` running and accessible at `CONNECTIVITY_SERVICE_URL`.
  • ⚠️Must be used within an asynchronous (asyncio) Python environment.
Verified SafeView Analysis
No hardcoded secrets or malicious patterns detected. Relies on `INTERNAL_API_KEY` provided via environment variables for secure communication with the external `connectivity-service`. Proper handling and protection of this API key are paramount. The cache stores sensitive OAuth tokens, requiring secure deployment of the consuming server.
Updated: 2025-11-22GitHub
PreviousPage 686 of 713Next