Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
rohitsaraff33-bit icon

produckai-mcp-server

by rohitsaraff33-bit

Sec9

The ProduckAI MCP Server is a product feedback analysis integration designed for Claude Desktop, enabling product managers to centralize feedback from various sources (Slack, Google Drive, Zoom, JIRA, CSV uploads), process it using AI for clustering and VOC scoring, generate actionable insights, and automate the creation of Product Requirements Documents (PRDs).

Setup Requirements

  • ⚠️Requires a separate 'ProduckAI Backend' service to be running (default http://localhost:8000), typically via Docker Compose, as this is an MCP (Multi-Cloud Platform) server that acts as a bridge.
  • ⚠️Requires the `ANTHROPIC_API_KEY` environment variable to be set for all AI-powered feedback classification and PRD generation functionalities.
  • ⚠️Integration setups (e.g., Slack, Google Drive, Zoom, JIRA) necessitate creating applications/API tokens on the respective third-party platforms and configuring OAuth flows, which involve a temporary local callback server on port 8765.
  • ⚠️The `keyring` library is used for secure credential storage, which may require specific system dependencies or setup depending on the operating system.
Verified SafeView Analysis
The server employs robust security practices by utilizing `keyring` for secure, system-level storage of sensitive API tokens (Slack, Google Drive, Zoom, JIRA) and relying on environment variables for the Anthropic API key, thereby preventing hardcoding of credentials. OAuth flows for integrations involve a temporary local `aiohttp` web server running on `localhost:8765` for callback handling, which isolates the process to the local machine. File system interactions for logs, database, and temporary CSV/VTT uploads are generally confined to user-owned directories, and user-provided file paths undergo basic validation. No `eval`, `exec`, or other immediately dangerous patterns are observed within the provided source code. However, dependency vulnerabilities or advanced file path manipulation could still pose risks.
Updated: 2025-12-03GitHub
0
0
Medium Cost
SreeyaSrikanth icon

Google-Docs-MCP

by SreeyaSrikanth

Sec8

MCP Server for writing, editing and formatting Google Docs.

Setup Requirements

  • ⚠️Requires Google Cloud Project setup to obtain `client_secret.json`.
  • ⚠️Manual OAuth authorization needed via web browser on first run.
  • ⚠️Requires `REDIRECT_URI` environment variable to be set for non-localhost deployment.
Verified SafeView Analysis
Uses standard OAuth2 flow with `client_secret.json` for credentials, which must be secured by the user. Stores tokens locally in `user_token.json`. Handles credential refresh and unauthorized access. `REDIRECT_URI` defaults to localhost; production deployments require careful configuration of a secure HTTPS URI. No obvious `eval` or command injection vulnerabilities. Error handling for missing parameters and unknown methods is present.
Updated: 2025-11-23GitHub
0
0
Medium Cost
giovany79 icon

mcp-server-pfm

by giovany79

Sec8

An AI agent server for personal financial analysis, allowing queries and management of transaction data from CSV files for intelligent insights.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires a GitHub Personal Access Token for Azure AI / GitHub Models.
  • ⚠️AWS CLI and AWS SAM CLI are required for AWS deployment and management.
Verified SafeView Analysis
The server employs API keys for authentication on the AWS API Gateway endpoints, using environment variables for secrets, which is good practice. Input validation is performed for the 'add_transaction' function. The use of broad CORS headers ('Access-Control-Allow-Origin: *') is generally acceptable for widely integrated APIs but could be restricted if specific client origins are known. The direct read-modify-write operation on the CSV file in S3 for 'add_transaction' carries a minor risk of race conditions or data loss under extremely high concurrent write loads, though this is less likely for a personal finance manager.
Updated: 2026-01-18GitHub
0
0
Medium Cost
consigcody94 icon

ticket-tamer

by consigcody94

Sec8

AI-powered Jira project management to create issues, search with JQL, manage epics, add comments, and transition workflows without leaving your editor.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️Requires an existing Jira instance (Cloud, Server, or Data Center) with appropriate API token or credentials.
  • ⚠️Requires manual configuration within the Claude Desktop application's config file, specifying the absolute path to the server executable.
Verified SafeView Analysis
The server does not store sensitive Jira credentials; they are passed per tool call from the client, shifting the responsibility for credential security to the calling environment (e.g., Claude Desktop). Parameters like JQL queries and issue fields are passed directly to the `jira-client` library, which relies on Jira's own parsing and permission model for security. No direct `eval` or arbitrary code execution vulnerabilities are apparent within the server code. The `create_epic` tool hardcodes 'customfield_10011' for Epic Name, which might be brittle across Jira instances but is not a security flaw.
Updated: 2025-11-25GitHub
0
0
High Cost
ddbrx icon
Sec3

This server acts as a multi-channel platform to search for LinkedIn profiles by scraping data using provided credentials.

Setup Requirements

  • ⚠️Requires LINKEDIN_EMAIL and LINKEDIN_PASSWORD environment variables.
  • ⚠️Requires Node.js and npm/yarn.
  • ⚠️May require significant CPU and memory resources due to headless browser automation with Puppeteer.
Review RequiredView Analysis
The server exposes a `/search` endpoint that uses `LINKEDIN_EMAIL` and `LINKEDIN_PASSWORD` from environment variables without any authentication or authorization. This is a critical security flaw, making the server highly vulnerable if exposed, as anyone can trigger profile searches using the configured LinkedIn account. Additionally, the act of scraping LinkedIn violates its Terms of Service and may lead to account suspension. No direct 'eval' or hardcoded secrets were found, and it uses Puppeteer for headless browser automation.
Updated: 2025-12-15GitHub
0
0
Medium Cost
horison-ai icon

gmail-mcp

by horison-ai

Sec9

Provides programmatic access and control over Gmail functionality via a Multi-Connector Protocol (MCP) server, enabling agents to manage emails.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Depends on an external 'connectivity service' for fetching user credentials, specified by `CONNECTIVITY_SERVICE_URL` and secured by `INTERNAL_API_KEY`. This service must be running and accessible.
  • ⚠️Requires `GOOGLE_OAUTH_CLIENT_ID` and `GOOGLE_OAUTH_CLIENT_SECRET` to be set as environment variables for initializing the Google API client.
Verified SafeView Analysis
The server appears to follow good security practices for credential handling, sourcing sensitive information (Google OAuth client details, connectivity service URL/API key) from environment variables. Credentials are fetched from a separate 'connectivity service' using a shared cache, preventing hardcoded secrets. No 'eval' or similarly dangerous patterns are observed. The security relies heavily on the proper configuration and security of the 'connectivity service' it depends on.
Updated: 2025-11-22GitHub
0
0
Medium Cost
tamdogood icon

bird

by tamdogood

Sec8

The Bird MCP Server acts as a personal assistant by integrating Todoist, Anki, Obsidian, and Google Calendar to manage tasks, flashcards, notes, and events.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Todoist API Token (paid Todoist plan not required, but an active account is) is mandatory and must be configured via environment variables.
  • ⚠️AnkiConnect add-on must be installed and Anki application running for Anki features to work.
  • ⚠️Google Calendar requires a multi-step OAuth2 setup (Google Cloud Project, `credentials.json`, initial browser authentication).
  • ⚠️Obsidian integration requires `OBSIDIAN_VAULT_PATH` to be set to an absolute path to your Obsidian vault, and Docker deployments require volume mounting for this.
Verified SafeView Analysis
The project correctly uses environment variables for API tokens, avoiding hardcoded secrets. `httpx` and `asyncio.to_thread` are used for safe asynchronous network and API calls. Basic input sanitization for Obsidian filenames is present. The use of `pickle` for Google Calendar OAuth tokens is a standard pattern for Google API client libraries but can pose a deserialization risk if the token file itself is untrusted or tampered with. AnkiConnect communicates over unencrypted HTTP, but it's typically a local connection. Overall, for a personal assistant tool, the security practices are generally robust, but users must ensure their `.env` file and token files are securely protected.
Updated: 2025-12-11GitHub
0
0
Low Cost
tienanh109 icon
Sec9

Creates a fake Minecraft Pocket Edition (MCPE) server endpoint that responds to discovery pings but does not allow players to join, primarily for testing or spoofing server lists.

Verified SafeView Analysis
The code appears to be very safe. It does not use `eval`, `exec`, or other dangerous functions. Input from clients (UDP packets) is handled directly for packet ID and timestamp extraction without parsing complex or untrusted data structures that could lead to injection or buffer overflows within the Python context. The server status string is constructed from internal, hardcoded variables, preventing external control over its content. No hardcoded secrets or sensitive credentials are present.
Updated: 2025-11-28GitHub
0
0
Low Cost
AbhinavKumar0000 icon

MCP-servers

by AbhinavKumar0000

Sec5

Transforms the Claude Desktop App into an autonomous system administrator, enabling an LLM to perform local hardware diagnostics, maintenance, and automation tasks.

Setup Requirements

  • ⚠️Requires the Claude Desktop App to function as the AI interface.
  • ⚠️Requires manual configuration by adding server details (command path and arguments) to Claude Desktop's `claude_desktop_config.json` file.
  • ⚠️Dependencies like `pyautogui` and `speedtest-cli` might require additional system libraries or specific firewall permissions on some operating systems.
Verified SafeView Analysis
The server provides powerful system administration capabilities to an LLM, including process termination, file organization/deletion, and screenshot capture. While the code itself uses standard libraries and includes some basic safety checks (e.g., preventing root directory scans in 'find_large_files', handling access denied for 'kill_process'), granting an AI this level of control inherently carries significant operational risks. A misinterpretation by the LLM or a compromised agent could lead to data loss, system instability, or privacy breaches (via screenshots). No 'eval' or malicious patterns were found, but the nature of the capabilities themselves demands careful supervision by the user.
Updated: 2025-12-01GitHub
0
0
Medium Cost
bhakti259 icon
Sec8

Enables LLMs to interact with external tools from MCP servers through a LangChain-integrated client, offering both CLI and Streamlit web interfaces.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️Requires an OpenAI API Key (paid service)
  • ⚠️Requires UV package manager for dependency management and running local MCP servers
  • ⚠️Requires manual update of `SERVERS` configuration in `client1.py` and `client2_with_streamlit.py` with correct local paths for UV executable and MCP server scripts, and potentially trusted URLs for HTTP servers.
Verified SafeView Analysis
The client uses standard practices for API key management (via .env file). It relies on the user to configure trusted MCP servers, especially for `stdio` transport which executes local commands. No obvious direct `eval` or dynamic command execution from untrusted user input within the client's code, but the security of the configured MCP servers and the potential for prompt injection leading to unintended tool calls are external considerations.
Updated: 2025-11-28GitHub
0
0
High Cost
prabalk-nepa icon

Test_Remote_MCP_Server

by prabalk-nepa

Sec5

A natural language expense tracking application with a FastMCP server and a React frontend, allowing users to manage expenses via chat.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for the natural language interface.
  • ⚠️Requires Python 3.11+ and Node.js 18+.
  • ⚠️Client-server communication mismatch: The documentation (`README.md`, `QUICK_START.md`) instructs to run `uv run python -m src.server` (a FastMCP server), but the client (`expense-tracker-client/src/lib/mcp-client.ts`) is hardcoded to make HTTP POST requests to a `/call_tool` endpoint, which is only implemented in `src/http_server.py` (a FastAPI server). Running only `src/server.py` will likely lead to client-side communication errors. The intended server for the client is `src/http_server.py`.
Verified SafeView Analysis
The client-side code (`mcp-client.ts`) is designed to communicate with a `/call_tool` endpoint via HTTP POST. This endpoint is implemented in `src/http_server.py` (a FastAPI server). This FastAPI server is configured with `CORSMiddleware(allow_origins=['*'])`, which is a significant security vulnerability in a production environment as it allows any domain to make cross-origin requests, potentially enabling XSS or other attacks. While the database interactions utilize parameterized SQL queries (`sqlite_client.py`), preventing SQL injection, the broad CORS configuration is a critical exposure. There is also a structural inconsistency: the official `README.md` instructs to run `src/server.py` (a FastMCP server), not `src/http_server.py` (the FastAPI server the client is configured for). If `src/server.py` is run, the client's `callTool` requests to `/call_tool` will likely fail as `src/server.py` does not provide this endpoint directly.
Updated: 2026-01-19GitHub
0
0
Low Cost
Ojansen icon
Sec9

A turn-based blackjack game where a human plays as the dealer against an LLM player, leveraging the Model Context Protocol (MCP) for game actions.

Setup Requirements

  • ⚠️Requires Ollama installation and a specific LLM model (e.g., llama3.2) pulled via Ollama.
  • ⚠️Requires Python 3.10+ or Docker with Docker Compose.
  • ⚠️Configuration (config.yaml) needs to be updated with the correct Ollama base_url if not running locally.
Verified SafeView Analysis
The project uses `yaml.safe_load` for configuration, which is good practice. No direct `eval`, `exec`, or malicious shell commands were found. The LLM interaction is through a controlled API (Ollama) and the MCP tools are designed to restrict actions to game-specific functions. Network risks are inherent to connecting to an external (or local) LLM server, but the project does not expose unexpected services or vulnerabilities beyond its intended function.
Updated: 2025-11-19GitHub
PreviousPage 687 of 713Next