Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
lhstorm icon
Sec7

This project implements a basic Minecraft Protocol (MCP) server that listens for client connections, processes incoming data, and allows for interactive communication, serving as a foundation for a Minecraft administration or testing tool.

Setup Requirements

  • ⚠️Requires Node.js installed
Verified SafeView Analysis
The server listens on the default Minecraft port (25565) and logs all incoming data. While the truncated code doesn't show explicit 'eval' or command injection, the direct forwarding of `stdin` from the client to the server (via `client.js`) and the lack of visible input sanitization/validation on the server-side could lead to vulnerabilities if the full implementation parses and acts upon this data without proper safeguards. No hardcoded secrets or obvious malicious patterns were found in the provided snippet.
Updated: 2026-01-18GitHub
0
0
High Cost
Jevon-Zhong icon

Ai-doctor

by Jevon-Zhong

Sec3

A medical AI chatbot system that provides health consultations, supports knowledge base queries (RAG), and can crawl web pages for medical articles to analyze and respond to user questions using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Alibaba Cloud's Tongyi Qianwen API Key (`QWEN_API_KEY`) for LLM access (paid service).
  • ⚠️Requires Docker to set up Milvus, MongoDB, and Redis databases, which are critical components for the application's functionality.
  • ⚠️Requires Milvus (vector database), MongoDB, and Redis instances to be running and accessible.
  • ⚠️Playwright, used for web crawling, downloads browser binaries (e.g., Chromium) upon installation, which may require significant disk space and specific environment configurations.
Review RequiredView Analysis
Critical security risks identified: The provided demo client (`mcp-client-demo`) has a hardcoded `QWEN_API_KEY`, which is a severe vulnerability for any deployment using that client. The `mcp-server` implements a `crawlWeb` tool that fetches content from a URL dynamically provided by the LLM. This introduces a risk of prompt injection, potentially leading the LLM to crawl malicious sites, exploit browser vulnerabilities in Playwright, or facilitate Server-Side Request Forgery (SSRF) if the Playwright instance is not properly isolated. Additionally, the `ai-doctor-server` uses `app.enableCors({ origin: '*' })` (allowing all origins), which is a security anti-pattern in production, potentially exposing the API to Cross-Site Request Forgery (CSRF) or other cross-origin attacks. While the `JSON.parse` calls are expected to handle LLM-generated tool arguments structured according to Zod schemas, a robust validation layer is crucial to prevent parsing arbitrary or malicious strings if schema bypasses were possible.
Updated: 2025-12-04GitHub
0
0
Medium Cost
AbhilashPoshanagari icon

openAi_MCP_server

by AbhilashPoshanagari

Sec6

This MCP server integrates Retrieval-Augmented Generation (RAG) for deep research document retrieval with interactive UI layout visualization (tables, maps, forms, buttons, Kanban boards) and OAuth 2.0 authentication for secure access.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) for embedding models and chat completion.
  • ⚠️Requires a PostgreSQL database instance and credentials.
  • ⚠️Python 3.8+ and various dependencies (FastAPI, uvicorn, psycopg2, langchain, openai, pydantic, mcp, dotenv, etc.) must be installed.
  • ⚠️Optional ngrok authentication token (`NGROK_AUTHTOKEN`) if deploying in environments like Google Colab.
Verified SafeView Analysis
Potential SQL injection risk in `tools.py::databaseAccess` if LLM-generated queries are not sufficiently validated or if the LLM is susceptible to prompt injection leading to malicious SQL. Broad CORS settings (`allow_methods=['*'], allow_headers=['*', 'Authorization']`). Hardcoded 'demo_client' credentials for OAuth are present, but noted as for demo purposes only.
Updated: 2025-12-16GitHub
0
0
Low Cost
arpitmishra917 icon
Sec8

Provides an API for tracking personal expenses, allowing users to add, list, and summarize their financial outgoings.

Setup Requirements

  • ⚠️Requires Python 3.13 or newer
  • ⚠️Requires a writable temporary directory for SQLite database (typically available by default)
Verified SafeView Analysis
SQL injection prevention via parameterized queries in database operations. No 'eval' or hardcoded secrets found. The server binds to '0.0.0.0' (all network interfaces), which should be considered in deployment for external access and proper firewalling.
Updated: 2025-12-09GitHub
0
0
Medium Cost
sathakhussam icon

mcp-server-internship

by sathakhussam

Sec9

A Python-based desktop application leveraging Gemini to answer business questions by ingesting and querying website data and WhatsApp messages.

Setup Requirements

  • ⚠️Requires Gemini API Key (Potentially Paid)
  • ⚠️Requires Python 3.10+
Verified SafeView Analysis
The application handles API keys via environment variables, avoiding hardcoding. Data ingestion involves scraping external websites and processing user-selected local files; while general web scraping has inherent risks (e.g., malformed HTML), the use of BeautifulSoup and file dialogs mitigates common injection vectors. No direct 'eval' or 'exec' calls, or unauthorized shell commands were identified. Overall, good security practices for its stated functionality.
Updated: 2025-11-29GitHub
0
0
Medium Cost
VaishnaviSh14 icon

MCP-AGENT

by VaishnaviSh14

Sec8

Develop, automate, and integrate AI agents by connecting them to external tools and Model Context Protocol (MCP) servers for multi-step workflows and task completion.

Setup Requirements

  • ⚠️Requires a GROQ_API_KEY, which is a paid service.
  • ⚠️Python 3.13+ is required based on `pyproject.toml`, contradicting the `README.md`'s 3.8+.
  • ⚠️The `weather.json` configuration for the server contains non-portable, Windows-specific absolute paths (e.g., `c:\users\vaishnavi sharma\...`), which will need adjustment for other environments.
Verified SafeView Analysis
The project uses `os.getenv` for API keys, which is good practice. External API calls to `api.weather.gov` via `httpx` include timeouts and explicit user agents. No `eval` or direct `os.system` calls from user input were found. The `weather.json` configuration contains hardcoded absolute paths to an executable, which is a portability concern and could be a security risk if the executable's integrity or source path were compromised, but is not an immediate vulnerability within the Python code itself.
Updated: 2025-11-25GitHub
0
0
Low Cost
dbbaskette icon

gdrive-mcp-server

by dbbaskette

Sec9

Allows AI agents to access and search Google Drive files via the Model Context Protocol using Streamable HTTP (SSE).

Setup Requirements

  • ⚠️Requires a valid Google OAuth Access Token in the Authorization header for authenticated features (searching, reading files).
  • ⚠️Requires Node.js and npm installed for local execution and build.
Verified SafeView Analysis
The server uses standard Node.js/Express practices. It does not store Google credentials, expecting a per-session access token in the Authorization header. Input for Google Drive queries is sanitized to prevent injection. CORS is configured, which is good practice but should be tightened for production if not 'localhost'. No obvious hardcoded secrets or malicious patterns (like 'eval') were found. The primary security model relies on the client providing a valid, scoped Google OAuth token.
Updated: 2025-12-06GitHub
0
0
Low Cost
saurabh111222 icon

demo-mcp-server

by saurabh111222

Sec9

A simple Model Context Protocol (MCP) server that provides a dice rolling tool over HTTP.

Setup Requirements

  • ⚠️Python 3.12+ only
  • ⚠️Requires fastmcp package
Verified SafeView Analysis
The server's source code is minimal, well-defined, and primarily uses standard Python libraries. It exposes a single tool ('roll_dice') with integer input, limiting the attack surface. No 'eval', obfuscation, hardcoded secrets, or overtly malicious patterns were identified. Binding to '0.0.0.0' makes it externally accessible, which is a standard server configuration but requires proper network isolation in production.
Updated: 2025-11-22GitHub
0
0
Medium Cost
Linyxus icon

dotty-mcp

by Linyxus

Sec1

A Model Context Protocol (MCP) server for interacting with and developing the Scala 3 compiler via SBT.

Setup Requirements

  • ⚠️Requires SBT (Scala Build Tool) to be installed and in system PATH.
  • ⚠️Must be run within a valid Scala 3 (Dotty) project directory containing a `build.sbt` file, or `--root` argument must point to one.
  • ⚠️Python 3.10 or higher required.
Review RequiredView Analysis
CRITICAL: The server is vulnerable to command injection. The `scalac` and `testCompilation` tools construct SBT commands using user-provided arguments (`file`, `options`, `pattern`) and directly send them to an underlying `sbt` shell process via `pexpect.sendline()`. An attacker capable of controlling these arguments can inject and execute arbitrary shell commands on the host system where `dotty-mcp` is running (e.g., `scalac("; rm -rf /;", [])`). This represents a severe remote code execution vulnerability.
Updated: 2025-11-24GitHub
0
0
Low Cost
dnvriend icon
Sec9

A CLI tool for programmatic searching, reading, and discovering AWS documentation from the AWS Knowledge MCP Server.

Setup Requirements

  • ⚠️Requires Python 3.14+.
  • ⚠️Requires the `uv` package manager for installation.
  • ⚠️Documentation explicitly states the tool will not connect to the AWS Knowledge MCP Server due to an unimplemented HTTP transport, but the source code for `mcp_client.py` appears to use `requests` for direct HTTP communication, creating a critical contradiction for users.
Verified SafeView Analysis
The project uses standard Python libraries like `requests` for network communication to a known public AWS API endpoint. No hardcoded secrets or API keys are present in the provided code, only the public server URL. The `Makefile` includes explicit security scanning steps (`bandit`, `pip-audit`, `gitleaks`), indicating a focus on security in the development workflow. The recommended shell completion installation uses `eval`, which is a common pattern for this feature but inherently carries a minor risk if the source of the completion script were untrusted; however, in this context, it executes output from the tool itself.
Updated: 2025-12-05GitHub
0
0
Low Cost
vinay4appsentinels icon

as-mcp-cli

by vinay4appsentinels

Sec8

A command-line interface (CLI) for interacting with Model Context Protocol (MCP) servers, handling OAuth authentication and command execution via Server-Sent Events (SSE).

Setup Requirements

  • ⚠️Requires an existing MCP server to connect to.
  • ⚠️Requires a browser environment for the initial OAuth authentication flow to complete.
  • ⚠️Uses a local HTTP server on port 8585 for OAuth callback, which might be an issue in restricted network environments or systems without a GUI.
Verified SafeView Analysis
The CLI implements a standard OAuth 2.0 PKCE flow, opening a browser for user authentication and running a local HTTP server on `localhost:8585` for the callback. Credentials are stored in `~/.claude/.credentials.json`. No `eval` or obvious malicious patterns were found. The CLI acts as a pass-through for commands to a remote MCP server, meaning the security of the overall system heavily relies on the trustworthiness of the configured MCP server itself. The client-side implementation appears robust for its intended purpose.
Updated: 2025-12-11GitHub
0
0
Medium Cost
0xgordian icon

mcp-github-client

by 0xgordian

Sec9

This server integrates the GitHub REST API as a Model Context Protocol (MCP) tool, enabling interactive access to GitHub repositories, issues, and code search for AI models.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️A GitHub Personal Access Token (GITHUB_TOKEN) is highly recommended to avoid severe rate limiting (60 requests/hour without, 5000 requests/hour with token).
  • ⚠️Requires `npm install` to set up dependencies.
Verified SafeView Analysis
The server primarily reads environment variables for sensitive data (GITHUB_TOKEN) rather than hardcoding. It uses `path.join` and SHA256 hashing for cache file paths, mitigating directory traversal risks. No `eval` or obvious dynamic code execution from untrusted input is present. The `undici` library is used for network requests, which is a modern, secure HTTP/1.1 and HTTP/2 client. Input arguments for tools are used to construct GitHub API queries; while GitHub itself is expected to sanitize queries, the client code does not add explicit sanitization beyond what the GitHub API expects for its query parameters. This is generally acceptable for a tool client.
Updated: 2025-11-29GitHub
PreviousPage 697 of 713Next