Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
chandanvars icon

jmeter-mcp-server

by chandanvars

Sec4

Automated generation and execution of JMeter load and performance test scripts with comprehensive analysis and reporting via Docker.

Setup Requirements

  • ⚠️Requires Docker to be installed and running for test execution.
  • ⚠️Requires Node.js version 16.0.0 or higher.
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop, VS Code MCP extension) to interact with the server's tools.
Review RequiredView Analysis
The server uses 'child_process.exec' to run Docker commands, directly embedding user-controlled 'jmxFile' names into shell commands executed within a Docker container. Although 'fileWriter.cleanFilename' is used during JMX creation, it is not explicitly reapplied when 'execute_jmeter_script' receives a JMX file name as input. A malicious JMX file, if executed, could potentially exploit the Docker environment (e.g., via OS Process Samplers or Groovy scripts) to interact with mounted host volumes ('./output', './sample_data', './jmeter-results'), leading to arbitrary code execution or data exfiltration on the host machine. Additionally, the HTTP transport mode uses 'Access-Control-Allow-Origin: *', which is a broad CORS policy that can increase the attack surface if the server is exposed publicly without proper authentication or origin restrictions.
Updated: 2025-11-26GitHub
0
0
Medium Cost
derricksiawor icon

mav-mysql-mcp-server

by derricksiawor

Sec9

Enables Large Language Models (LLMs) to securely interact with MySQL and MariaDB databases through a standardized Model Context Protocol (MCP) interface, supporting both read and optional write operations.

Setup Requirements

  • ⚠️Requires Node.js 18+ and MySQL 5.7+ (or MariaDB 10.2+) to be pre-installed and running.
  • ⚠️A dedicated MySQL user with appropriate permissions (read-only recommended) must be manually created in the database.
  • ⚠️Configuration is strictly via environment variables, and for client integration (e.g., Claude Desktop), an absolute path to the built `index.js` file is required.
Verified SafeView Analysis
The server demonstrates robust security features. It defaults to read-only mode, with write operations requiring explicit environment variable enablement. It implements SQL injection protection through parameterized queries and strict validation/escaping of all table and column identifiers. Access to sensitive system tables (e.g., `mysql.user`, `information_schema`) is explicitly blocked, and dangerous operations like file I/O or permission changes (GRANT/REVOKE) are prohibited even in write mode. The `validateQuery` function performs checks for sensitive patterns in SQL, and critical DDL/DML operations are safeguarded with identifier validation. Rate limiting and query timeouts prevent abuse and resource exhaustion, while comprehensive audit logging ensures traceability. There are no apparent `eval` statements or obfuscation. The dependency tree primarily consists of standard, well-maintained libraries.
Updated: 2025-12-13GitHub
0
0
High Cost
Kye-AI-Kye icon

ironforge-complete

by Kye-AI-Kye

Sec10

An AI-native development platform for intelligent code generation, autonomous testing, smart DevOps, and developer empowerment.

Setup Requirements

  • ⚠️Requires Rust 1.75+, Node.js 20+, Bun 1.0+, Python 3.12+, Docker 24+, and Git 2.40+ installed locally.
  • ⚠️Requires an OpenAI API Key for AI features (this is a paid service).
  • ⚠️Requires the 'just' task runner to execute development commands.
Verified SafeView Analysis
The repository is explicitly in a greenfield/planning stage with no functional code or binaries currently present. Therefore, there are no immediate security vulnerabilities from the source code. The comprehensive development roadmap outlines a strong commitment to security-by-design, including zero-trust architecture, advanced SAST/DAST, robust secrets management (HashiCorp Vault, Doppler), dependency scanning (Dependabot, Trivy), and compliance automation for future implementation.
Updated: 2025-11-19GitHub
0
0
Low Cost
agentversity icon

MCP-server-demo

by agentversity

Sec6

A Model Context Protocol (MCP) server for managing and exposing notes content via Server-Sent Events (SSE) to AI clients, suitable for hosted or demo environments.

Setup Requirements

  • ⚠️Notes are stored in-memory and will be lost upon server restart; no data persistence is provided by default.
  • ⚠️Requires additional security measures (HTTPS, authentication, rate limiting) for production deployment beyond local or controlled demo environments.
  • ⚠️Python dependencies must be installed via `pip install -r requirements.txt` before running.
Verified SafeView Analysis
The server binds to `0.0.0.0` and serves over unencrypted HTTP (no TLS/SSL), making it vulnerable to eavesdropping and unauthorized access if exposed publicly. It lacks built-in authentication, authorization, and rate limiting. The `README.md` explicitly warns about these deficiencies for production deployment. No `eval` or similar dangerous patterns or obfuscation methods were identified in the provided source code.
Updated: 2025-11-20GitHub
0
0
Low Cost
paylinkmcp icon
Sec8

A monetized MCP (Model Context Protocol) server that provides tools to AI agents and charges for their usage via PayLink.

Setup Requirements

  • ⚠️Requires Python 3.13+
  • ⚠️Requires 'uv' package manager
  • ⚠️Requires a PayLink account and MCP_WALLET_CONNECTION_STRING configured (for server's wallet)
Verified SafeView Analysis
The server uses standard libraries (Starlette, uvicorn) and relies on the `paylink` library for payment processing, which is assumed to be secure. No 'eval' or similar dangerous patterns are present. Wallet credentials are expected to be passed via request headers and extracted, making HTTPS crucial for production deployments to prevent credential interception, although the example itself doesn't enforce it.
Updated: 2025-11-30GitHub
0
0
Medium Cost
Mircheaaa icon
Sec3

Provides AI-assisted weather forecasts for Korea using Spring AI and the Groq API, serving as a backend for a Korea Travel Guide service.

Setup Requirements

  • ⚠️Requires `OPENROUTER_API_KEY` for AI model interaction (e.g., Groq API).
  • ⚠️Requires `WEATHER_API_KEY` for the Korea Meteorological Administration API.
  • ⚠️Redis is recommended and configured for caching and session management; while `session.store-type: none` is set for dev, full functionality and performance rely on a running Redis instance (e.g., via Docker).
Verified SafeView Analysis
The application's `SecurityConfig.kt` explicitly permits all HTTP requests (`anyRequest().permitAll()`) and disables CSRF protection (`csrf().disable()`). While noted as 'development-only' settings in comments, this makes the default configuration highly insecure for production environments. The H2 database console is also enabled (`h2-console`) and accessible to others (`web-allow-others: true`), which is a significant risk if exposed publicly. Hardcoded secrets are avoided by using environment variables.
Updated: 2026-01-19GitHub
0
0
Medium Cost
Marshal1l icon

mcp-notion-server

by Marshal1l

Sec9

A Python-based MCP server for Notion API integration, enabling MCP tools to interact with Notion databases, pages, blocks, users, and comments.

Setup Requirements

  • ⚠️Requires Notion API Token, configured as an environment variable.
  • ⚠️Notion Enterprise plan and Organization API key are required for full user management functionality (list_all_users, retrieve_user).
Verified SafeView Analysis
Notion API token is securely handled via environment variables, not hardcoded. No 'eval' or direct command injection vectors are found in the provided code. The `to_markdown` function is a placeholder; a real Markdown conversion implementation would need a separate security review for potential content transformation vulnerabilities.
Updated: 2025-11-23GitHub
0
0
Medium Cost
Chat-Ads icon
Sec10

Acts as a Model Context Protocol (MCP) wrapper to expose the ChatAds Affiliate API, enabling AI assistants like Claude to automatically detect product mentions and insert affiliate links for monetization.

Setup Requirements

  • ⚠️Requires a ChatAds API Key, which may be part of a paid service or have usage limits.
  • ⚠️Requires Python 3.10 or newer.
  • ⚠️While it functions standalone, it is primarily designed for integration with MCP-aware clients like Claude Desktop.
Verified SafeView Analysis
The project demonstrates exceptional security practices. It includes a comprehensive `SECURITY.md` detailing supported versions, a responsible vulnerability disclosure process, and best practices for API key management (environment variables, rotation, no logging), network security (HTTPS-only, TLS validation), input validation, rate limiting (circuit breaker, exponential backoff), and secure error handling (API key sanitization, no stack traces to users). The code explicitly sanitizes API keys from logs and error messages, preventing sensitive data leakage. There's no use of 'eval' or similar dangerous patterns. Overall, security is a core consideration with strong implementations and transparent documentation.
Updated: 2026-01-11GitHub
0
0
Low Cost
asingh388 icon

chess-mcp-server

by asingh388

Sec9

Provides tools to fetch chess player profiles and statistics from chess.com.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires 'uv' (or 'uvx' command) to be installed for easy setup as described in the README.
Verified SafeView Analysis
The server primarily acts as a wrapper around the public chess.com API. It uses the `requests` library for network calls with hardcoded URLs and sets a User-Agent header. No 'eval', obfuscation, or hardcoded secrets were found. Input (username) is directly passed to the API URL, which is safe as it is expected by the target API.
Updated: 2025-11-27GitHub
0
0
Medium Cost
trondhindenes icon

code-index-mcp

by trondhindenes

Sec10

Provides fast local source code searching using Zoekt's trigram-based indexing.

Setup Requirements

  • ⚠️Requires Go runtime/toolchain for manual installation or building from source.
  • ⚠️Requires manual configuration (e.g., specifying binary path) in some MCP clients like Claude Desktop if not using the .mcpb bundle.
Verified SafeView Analysis
The server primarily interacts with the local file system for indexing and searching, which is its core functionality. It resolves paths to absolute paths, and includes filtering for common binary and ignored files/directories. The optional web server runs on `127.0.0.1` (localhost), limiting network exposure. There are no indications of 'eval', obfuscation, hardcoded secrets, or malicious patterns. Assuming the user trusts and controls the environment where this binary is run, it appears safe.
Updated: 2025-11-30GitHub
0
0
Medium Cost
Angelxd0714 icon

mcp-catalog-server

by Angelxd0714

Sec2

Provides a product catalog API, allowing AI agents to interact with product data (search, retrieve, create, update, delete) via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a running MongoDB instance.
  • ⚠️Hardcoded MongoDB credentials and connection string: The server attempts to connect to `mongodb://mongo:mongo@localhost:27018/mcp_catalog?authSource=admin` due to hardcoded values in `src/config/db.ts`, ignoring the `MONGO_URI` environment variable specified in `docker-compose.yml`. This requires manual adjustment of the code or ensuring a MongoDB instance is available at `localhost:27018` with these specific credentials.
  • ⚠️Docker-compose MongoDB config mismatch: The `docker-compose.yml` specifies the MongoDB service with port `27017` and hostname `db`, while the application hardcodes `localhost:27018`, leading to connection failure in the provided Docker setup.
Review RequiredView Analysis
The server hardcodes MongoDB credentials ("mongo:mongo") and connection details ("localhost:27018") in `src/config/db.ts`. Crucially, it does not use environment variables (e.g., `process.env.MONGO_URI`) for database connection, even though `docker-compose.yml` attempts to set `MONGO_URI`. This means the application, as written, will always try to connect with the hardcoded, weak credentials and specific host/port, regardless of environment variables, posing a severe vulnerability for any non-local deployment. The `docker-compose.yml` also has a mismatch in MongoDB port (`27017` in compose, `27018` hardcoded in code) and host (`db` in compose, `localhost` hardcoded in code), which would prevent the server from connecting to the database in the provided Docker setup without code modification.
Updated: 2025-11-23GitHub
0
0
Medium Cost
mimiya525-cloud icon

icon-mcp-server

by mimiya525-cloud

Sec8

Provides developers with fuzzy search for icons from popular libraries (Element Plus, Ant Design) and AI-powered SVG icon generation through a RESTful API and Model Context Protocol (MCP) tools.

Setup Requirements

  • ⚠️Requires at least one AI API Key (e.g., DASHSCOPE_API_KEY, OPENAI_API_KEY) configured in environment variables for AI-powered icon generation. Without suitable keys, AI generation will fail or revert to a very basic fallback.
  • ⚠️Potential Node.js version conflict: 'package.json' specifies '>=14.0.0', but a core dependency ('@modelcontextprotocol/sdk') requires '>=18'. Users might encounter issues if running Node.js versions between 14 and 18.
Verified SafeView Analysis
API keys are loaded from environment variables, which is a good security practice. The server uses standard Express.js and CORS middleware (defaulting to open access). Custom JSON serialization for SVG content and direct embedding of raw SVG into Markdown tables (for MCP responses) means downstream consumers should implement proper sanitization to prevent potential XSS vulnerabilities, although the server itself does not execute user-provided code. No 'eval' or obvious malicious patterns found.
Updated: 2026-01-13GitHub
PreviousPage 698 of 713Next