Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
konokenj icon
Sec8

Serves AWS CDK API references and integration test code as static resources via the Model Context Protocol (MCP), enabling offline access for coding agents.

Setup Requirements

  • ⚠️Requires Python 3.8+ to run (Python 3.13+ recommended for development).
  • ⚠️The recommended usage command `uvx` requires the 'uv' tool to be installed.
  • ⚠️The `cdk_api_downloader` (used for populating documentation) performs GitHub API calls; unauthenticated requests might hit rate limits.
Verified SafeView Analysis
The cdk_api_downloader component securely downloads content from a fixed HTTPS GitHub URL (aws/aws-cdk). It includes explicit URL validation for HTTPS. The zip file extraction process, while coming from a trusted source, does not fully sanitize paths against advanced directory traversal attacks, but a basic mitigation is present by stripping the top-level directory. No 'eval', obfuscation, or hardcoded secrets were found in the provided source.
Updated: 2026-01-19GitHub
0
0
Low Cost
PrithiviPM2580 icon

lekhanX

by PrithiviPM2580

Sec8

Backend API for an AI-powered blogging platform with user authentication, role-based permissions, and content management.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for local development setup (backend and MongoDB services).
  • ⚠️Requires a MongoDB instance for data persistence.
  • ⚠️Critical environment variables must be configured (.env.development for dev, production env vars for prod).
Verified SafeView Analysis
The server demonstrates good security practices including password hashing with bcrypt, JWTs for authentication (secrets from environment variables), refresh token management (stored in DB with user agent and IP), HTTP-only and secure cookies, input validation with Zod, rate limiting, and a comprehensive global error handler that specifically catches and processes JWT-related errors. There are no obvious hardcoded secrets or dangerous patterns like 'eval'. The use of `req.ip` for rate limiting and token tracking relies on proper proxy configuration for accurate client IP in production environments.
Updated: 2025-11-20GitHub
0
0
High Cost
HarshavardhanaNaganagoudar icon

Business-Location-Scouter

by HarshavardhanaNaganagoudar

Sec2

Identifies and ranks optimal business locations by integrating real-time search, macroeconomic indicators, cost metrics, and AI-powered insights.

Setup Requirements

  • ⚠️Requires external API keys for LLMs (Claude/OpenAI) and search (Tavily). These are typically paid services.
  • ⚠️The server is remote (Hugging Face space); local deployment details are not provided.
  • ⚠️Client-side setup requires Node.js/npm for `npx mcp-remote`.
Review RequiredView Analysis
A critical security audit of the MCP server's source code is impossible as the provided content *only* includes the README. No server-side implementation details, code patterns, or dependencies were available for review. The instructions show configuring a client (Claude) to connect to a *remote* MCP server hosted on Hugging Face (`hf.space`) via `npx mcp-remote`. While `npx` is a standard tool, connecting to an unverified remote server without inspecting its source code introduces inherent security risks related to data privacy, execution environment integrity, and potential for malicious behavior. Therefore, without the server's actual source code, its security cannot be guaranteed.
Updated: 2025-11-30GitHub
0
0
Medium Cost
PAIshanMadusha icon
Sec9

Provides a Model Context Protocol (MCP) server for AI models, demonstrating task and todo management functionalities, deployable on Cloudflare Workers for remote execution, and also offering local Node.js environments with STDIO transport and either file-based or MongoDB persistence.

Setup Requirements

  • ⚠️Deployment of the `mcp-cloudflare` server requires a Cloudflare account and using the `wrangler` CLI. Cloudflare KV storage, essential for this worker, may necessitate a paid Cloudflare plan.
  • ⚠️The `mcp-mongo` server requires a running MongoDB instance.
  • ⚠️The `mcp-basic` server requires manual copying of a seed file (`product.txt`) into its `build/seed` directory after compilation.
Verified SafeView Analysis
The implementation uses TypeScript with Zod for robust input validation, effectively preventing common injection vulnerabilities. It avoids direct use of `eval` or other dangerous code constructs. External calls to APIs (like GitHub in `mcp-basic`) and database/storage systems (Cloudflare KV, MongoDB) are handled via standard library functions with appropriate error checks. Critical configurations, such as database URIs (`MONGO_URI`) and Cloudflare KV bindings (`MCP_CLOUDFLARE_STORE`), are designed to be environment-variable or binding driven, preventing hardcoded secrets. The `JSON.parse` operations on data retrieved from KV are considered safe within the worker's controlled environment.
Updated: 2025-12-06GitHub
0
0
Low Cost
Sec6

Provides an unauthenticated remote Model Context Protocol (MCP) server for integrating custom tools with AI models on Cloudflare Workers.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment.
  • ⚠️Authentication is intentionally disabled, meaning the server is publicly accessible (suitable for demo, but a security consideration).
  • ⚠️Local MCP clients (e.g., Claude Desktop) require the `mcp-remote` proxy to connect to the deployed server.
Verified SafeView Analysis
The server is intentionally unauthenticated ('authless'), making it publicly accessible to anyone with the URL. This is suitable for a demo but insecure for production environments without additional authentication/authorization layers.
Updated: 2025-11-20GitHub
0
0
Low Cost
KlausWeigele icon

mcp_lernen

by KlausWeigele

Sec9

This MCP server manages in-memory notes, allowing an AI agent to list, create, and delete notes via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires Node.js runtime and is configured to use ES Modules, meaning '"type": "module"' must be present in package.json.
  • ⚠️The TypeScript compiler options (e.g., '"module": "Node16"', '"moduleResolution": "Node16"') in tsconfig.json are critical for correct compilation and module resolution.
  • ⚠️Integration with Claude Desktop or similar hosts requires manual configuration (e.g., 'claude_desktop_config.json') specifying an absolute path to the compiled 'build/index.js' and a full host restart.
Verified SafeView Analysis
The server operates an in-memory notes store, limiting the impact of data breaches to the current session. Input validation is performed using Zod, a good security practice. Destructive operations like 'delete_note' are present, and while they operate on non-persistent data in this project, in a real-world scenario, such actions would ideally require user elicitation for confirmation (as highlighted in the MCP documentation) to prevent unintended data loss. No hardcoded secrets or 'eval' calls were found. Communication uses Stdio, which is safer for local processes.
Updated: 2026-01-19GitHub
0
0
Medium Cost
bugzy-ai icon
Sec9

This server integrates Azure DevOps Work Item Tracking with AI assistants like Claude, enabling them to search, create, update, and manage work items.

Setup Requirements

  • ⚠️Requires Azure DevOps organization URL (`AZURE_DEVOPS_ORG_URL`) to be set as an environment variable.
  • ⚠️Requires an Azure DevOps Personal Access Token (`AZURE_DEVOPS_PAT`) with `vso.work` and `vso.work_write` scopes to be set as an environment variable.
  • ⚠️Requires Node.js version 20.0.0 or higher.
Verified SafeView Analysis
Configuration relies on `AZURE_DEVOPS_PAT` environment variable, which is a sensitive credential. The `AzureDevOpsClient` includes `sanitizeForLog` to redact sensitive information (like PATs) from debug logs, which is a good security practice. The implementation includes retry logic and timeout handling for network requests. No 'eval' or obvious obfuscation detected. Network requests are made to the configured Azure DevOps URL.
Updated: 2026-01-19GitHub
0
0
Medium Cost
masa061580 icon
Sec8

Integrates PubMed and CiNii Research APIs to provide a unified search and retrieval service for academic literature (English and Japanese) via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires NCBI API Key (optional but recommended for higher rate limits).
  • ⚠️Requires CiNii APP ID for Japanese literature search functionality (usage limited to academic research purposes).
  • ⚠️Standard Python 3 environment and pip dependencies are needed.
Verified SafeView Analysis
API keys are loaded from environment variables, which is a good practice. Rate limiting is implemented for external API calls. XML parsing is used but from trusted external sources (NCBI). The `download_pdfs` tool allows specifying an `output_dir`, which could be a minor risk in a highly untrusted multi-user environment if the LLM were to hallucinate a malicious path, but for typical LLM integration, it's generally considered acceptable.
Updated: 2025-11-26GitHub
0
0
High Cost

hakan-personal-mcp

by sudohakan

Sec3

A self-healing and self-improving multi-agent AI system designed to manage GitBook documentation, Postman collections, perform database and system operations, cross-instance monitoring, and automatic GitHub backups.

Setup Requirements

  • ⚠️Requires a local Ollama instance running or external OpenAI/Anthropic API keys.
  • ⚠️System Optimization tools require Windows with Administrator privileges and specific local PowerShell scripts.
  • ⚠️Database tools require corresponding database servers (PostgreSQL, MySQL, MSSQL, SQLite) to be accessible.
Review RequiredView Analysis
The server features extensive use of `execAsync` and `spawn` for executing shell commands and external processes, including database backups/restores (`pg_dump`, `mysqldump`), system commands (`robocopy`, `npm build`, `git`), and even arbitrary process spawning for inter-MCP communication (`mcp_connect`). Many of these commands directly interpolate AI-generated or user-provided input, creating a significant risk for command injection if input is not perfectly sanitized. The `systemOptimizationTools` explicitly elevate privileges (`runAsAdmin`) to perform powerful system modifications, which is a high risk if compromised. While self-improvement has `restrictedPaths` and an 'approval workflow' as mitigations, the overall design grants high operational power, making it critically important to run in an isolated environment with trusted inputs.
Updated: 2025-11-28GitHub
0
0
Low Cost
haman211fsdfsd icon
Sec8

Deploying a remote Model Context Protocol (MCP) server on Cloudflare Workers, providing calculator tools without requiring authentication, primarily for demonstration and integration with clients like Cloudflare AI Playground or Claude Desktop.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment to Cloudflare Workers.
  • ⚠️Requires the Cloudflare Wrangler CLI (`wrangler`) to be installed and configured for deployment or local development.
  • ⚠️For connecting local MCP clients (e.g., Claude Desktop), the `mcp-remote` npm package needs to be installed and used as a proxy.
Verified SafeView Analysis
The provided source code for the calculator tools is simple and does not contain obvious code-level malicious patterns, obfuscation, or direct `eval` usage. Input validation for tool arguments is handled using Zod schemas. However, the server is explicitly designed to be 'authless' as indicated by its name and README, meaning it lacks any authentication or authorization mechanisms. Deploying this server in a production environment or with sensitive tools without implementing proper authentication would expose its functionalities to the public Internet, posing a significant security risk.
Updated: 2025-12-14GitHub
0
0
High Cost
AsamiShingo icon

mcp-server-test

by AsamiShingo

Sec3

Facilitate natural language querying and analysis of internal company organizational structures, employee data, and performance evaluation records via a Large Language Model (LLM).

Setup Requirements

  • ⚠️Requires Docker Compose.
  • ⚠️Requires an NVIDIA GPU with drivers for Ollama (`runtime: nvidia`).
  • ⚠️Demands manual creation of `logininfo.json` (containing plain text credentials), `url.json` (containing system URLs), and `intermediate.crt` (an SSL certificate) on the local filesystem, which is a significant security risk.
  • ⚠️Requires access to an external 'target site' (implied 'NeWarp' system) for data retrieval, with specified intermediate certificates.
Review RequiredView Analysis
CRITICAL: The setup explicitly requires storing sensitive login credentials (username, password) and specific URLs for an external 'NeWarp' system in plain text JSON files (`logininfo.json`, `url.json`) on the filesystem. An intermediate certificate (`intermediate.crt`) is also stored locally. This method of credential management poses a severe security risk, as any entity with filesystem access to the mounted volumes can read these sensitive details. There is no indication of secure secret management practices (e.g., environment variables, secret managers). No `eval` or similar dangerous patterns were found in the provided Python code snippets.
Updated: 2026-01-18GitHub
0
0
Medium Cost
agiprolabs icon

devpattern

by agiprolabs

Sec7

An MCP server enabling AI clients to perform structured problem-solving, maintain context, manage tasks, and generate documentation across thinking sessions.

Setup Requirements

  • ⚠️Requires Node.js runtime (version >=20) or Docker for execution.
  • ⚠️Relies on a persistent `DATA_PATH` for session, thought, and task storage; without proper configuration, data may be ephemeral.
  • ⚠️Designed to be used by an MCP-compatible client (e.g., Claude Desktop, Cline) or via direct HTTP calls, not as a standalone user-facing application.
Verified SafeView Analysis
The server primarily uses file-based persistence, which inherently carries risks if the `DATA_PATH` environment variable is misconfigured to a sensitive system directory. However, the code itself properly uses `path.join` and does not expose direct 'eval' or command injection vulnerabilities. Input validation for tools is handled by Zod. In a containerized setup (Docker), specifying a dedicated volume for `/data` mitigates this risk by sandboxing file operations.
Updated: 2025-12-03GitHub
PreviousPage 691 of 713Next