Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
raulraudry27 icon
Sec5

Serves as a conceptual framework for an MCP Server in IBM Storage Ceph environments, awaiting implementation details.

Review RequiredView Analysis
Source code content was not provided for analysis. Therefore, a security audit for patterns like 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns could not be performed. The score is neutral due to the complete lack of information to assess.
Updated: 2025-11-25GitHub
0
0
Medium Cost
jaidevreddy icon
Sec7

An operational intelligence dashboard (MVP) for tracking and analyzing production issues, providing health scores, thematic insights, and AI-generated recommendations.

Setup Requirements

  • ⚠️Requires a Gemini API Key (Paid) for LLM features.
  • ⚠️Requires `python3` and all Python dependencies to be installed (`pip install -r requirements.txt`) if not using Docker.
  • ⚠️Frontend requires `NEXT_PUBLIC_BACKEND_URL` environment variable set in `.env.local` to connect to the backend.
Verified SafeView Analysis
The server loads `GEMINI_API_KEY` from environment variables, which is good practice. The `subprocess.run` call in `/report/download` is controlled, executing a specific script without direct user input. CORS is restricted to `http://localhost:3000`. However, the `tool_add_ticket` and `tool_add_incident` functions exposed via WebSocket do not perform Pydantic validation on the incoming `ticket` or `incident` dictionaries before appending them to the JSON files. This could allow malformed data to corrupt the underlying data files (`sample_incidents.json`, `sample_tickets.json`) or lead to unexpected behavior in other parts of the system if not handled carefully upstream by the client, posing a medium risk for data integrity and service stability.
Updated: 2026-01-18GitHub
0
0
Low Cost
kelceyp-mcp-servers icon

swic

by kelceyp-mcp-servers

Sec8

Manages development workflow entities like stories, documents, and templates, integrated with AI assistants via Model Context Protocol (MCP) for orchestrating development workflows.

Setup Requirements

  • ⚠️Bun runtime (>=1.0.0) is required to run the server.
Verified SafeView Analysis
The project demonstrates robust path validation and boundary enforcement, significantly reducing path traversal risks. File operations use atomic writes where appropriate. A minor risk exists in CLI commands using `child_process.execSync` with `process.env.EDITOR`, which could be exploited if `EDITOR` is set to a malicious executable. The `swic-mcp` launcher delegates to `bun` via `process.env.BUN_BIN` (or similar), posing a standard risk if the Bun executable path is hijacked. The server primarily communicates via standard I/O (stdio), limiting direct network attack surface.
Updated: 2025-11-23GitHub
0
0
Low Cost
jlruddy icon

okanga-mcp

by jlruddy

Sec9

Provides a token-optimized Model Context Protocol (MCP) server for iOS/Swift development, enabling Claude to inspect code structure, search projects, and diagnose Xcode build issues efficiently without flooding the LLM's context window.

Setup Requirements

  • ⚠️Requires macOS with Xcode and Command Line Tools (`xcode-select --install`) installed.
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires manual configuration in Claude Desktop App's `claude_desktop_config.json` file, using an absolute path to `okanga_server.py`.
Verified SafeView Analysis
The server primarily executes local macOS commands (`xcodebuild`, `grep`, `xcrun simctl`) and reads local files. It does not contain 'eval' statements, explicit obfuscation, or hardcoded secrets. While `subprocess.run` is used extensively, it's for well-defined diagnostic purposes on user-specified project paths. The risk is limited to the system where it's run, typically a developer's local machine, and requires explicit user setup in the Claude desktop app.
Updated: 2025-11-26GitHub
0
0
Medium Cost
Nasdanika-Demos icon

mcp-server

by Nasdanika-Demos

Sec9

Demonstrates building Model Context Protocol (MCP) servers in Java, offering starter code for AI and CLI capabilities.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid) set in an environment variable (OPENAI_API_KEY).
  • ⚠️Relies on local 'test-data' files (e.g., 'test-data/togaf/togaf-10-index.bin', 'test-data/togaf/togaf-10-map.json') for the AsyncTogafChatCapability to function.
  • ⚠️Requires a Java 17+ Runtime Environment.
Verified SafeView Analysis
Uses environment variables for API keys (e.g., OPENAI_API_KEY) which is good practice. External network calls are made to trusted AI providers (OpenAI) and a documentation site. Local data files for RAG are loaded, whose integrity relies on the deployment environment. No obvious malicious patterns like eval or obfuscation found.
Updated: 2025-12-11GitHub
0
0
High Cost
Diags icon
Sec3

A complete microservices architecture for Model Context Protocol (MCP) with OAuth2 security, built on Spring Boot 3.4.0 and Spring AI 1.0.1.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid service for LLM/Embeddings)
  • ⚠️Requires Java 21+ and Maven 3.9+
  • ⚠️Requires Docker and Docker Compose for recommended setup
  • ⚠️Keycloak setup (realm, client, scopes, users/roles) can be complex, though initialization scripts are provided.
Verified SafeView Analysis
Multiple critical security risks for production environments are present. Hardcoded credentials for Keycloak (admin/admin), MinIO (minioadmin/minioadmin123), PostgreSQL (meta/metapass, vector/vectorpass), and the OAuth2 client secret ('secret') are found in `docker-compose.yml`, `keycloak/realm-config.json`, and initialization scripts. Additionally, SSL certificate verification is explicitly disabled across `mcp-server`, `mcp-client`, and `gateway-server` for development convenience with self-signed certificates. While these are documented as development-only practices, they represent significant vulnerabilities if deployed without modification. CSRF protection is disabled for API services, which is common with JWTs but should be noted. Fine-grained authorization with `@PreAuthorize` is a positive aspect for internal access control.
Updated: 2025-12-02GitHub
0
0
Low Cost
take566 icon

mcp_server

by take566

Sec7

This tool generates TypeScript API wrappers for existing Model Context Protocol (MCP) servers, enabling AI agents to programmatically call tools with enhanced context efficiency, privacy, and state management.

Setup Requirements

  • ⚠️Requires Node.js (npm) to run the generation script.
  • ⚠️Relies on the Claude Desktop configuration file (e.g., `claude_desktop_config.json`) being correctly formatted and accessible.
  • ⚠️Cannot generate wrappers for MCP servers using HTTP/SSE transports or Windows `cmd /c` wrappers, as these are intentionally skipped.
  • ⚠️Configured MCP servers must be executable and able to respond to `listTools` requests for successful code generation.
Verified SafeView Analysis
The tool itself does not exhibit obvious malicious patterns or unsafe use of `eval`. Its primary function is to execute and introspect *other* configured MCP servers as child processes and generate code based on their definitions. Therefore, the overall security of the system relies heavily on the trustworthiness of the external MCP servers provided in the configuration. The `generate.ts` script explicitly filters out `cmd /c` invocations and HTTP/SSE transports during generation, which are good safety measures. Hardcoded secrets were observed in a configuration *example* (`gcp-oauth.keys.json`) within the broader repository, highlighting a general security concern for configurations that would be processed by this tool, though this specific tool merely handles configured paths and environment variables, not their inherent security.
Updated: 2026-01-15GitHub
0
0
Medium Cost
LoganChu icon

duke-dcc-mcp

by LoganChu

Sec8

Facilitates remote management of the Duke Computing Cluster (DCC) via SSH through an MCP-powered application.

Setup Requirements

  • ⚠️Requires SSH key to be registered with the DCC and securely managed by the user.
  • ⚠️The `connect_to_dcc` tool may interactively prompt for username, SSH key path, and passphrase if not provided programmatically.
  • ⚠️Requires a Conda environment setup for dependencies as per `environment.yml`.
  • ⚠️The `AI-gateway.py` script requires the `LITELLM_KEY` environment variable for LiteLLM proxy interactions.
Verified SafeView Analysis
The server allows remote command execution (`execute_command`) which is inherently powerful; secure handling of SSH keys and passphrases by the user is critical. It relies on 'paramiko' for SSH, a standard library. No obvious 'eval' or obfuscation. The global variables for connection state in `duke-dcc-mcp.py` might pose challenges for concurrent sessions if not managed by the MCP framework, but are not direct security flaws. Environment variables for API keys are correctly used where explicitly implemented (`LITELLM_KEY`).
Updated: 2026-01-14GitHub
0
0
Low Cost
datanicaragua icon

nwa-hydro-mcp

by datanicaragua

Sec9

Provides precision water risk analysis and actionable agronomic advice for agriculture using climate data and generative AI.

Setup Requirements

  • ⚠️Requires a Google AI Studio API Key (`GOOGLE_API_KEY`). A free tier is sufficient, but account creation is necessary.
  • ⚠️Requires `google-generativeai` SDK version `0.8.5,<1.0.0` and Gradio version `6.0.1,<7.0.0`. Specific workarounds for Gradio's `theme` parameter are noted in documentation (`NT_002`).
  • ⚠️For local development, the `PYTHONPATH` environment variable needs to be set correctly to `src` for the server to find its modules.
Verified SafeView Analysis
The project uses `os.getenv()` and `.env` files for API key management, which is a good practice. External network calls are made to trusted APIs (Open-Meteo, Google Gemini). Input validation for geographical coordinates and dates is in place. Pydantic schemas enforce data contracts, reducing malformed data risks. While Gemini's safety settings are set to `BLOCK_NONE` for agronomic advice, the system prompt and JSON schema enforcement provide strong guardrails against arbitrary output.
Updated: 2025-11-30GitHub
0
0
High Cost
eduard256 icon

wb-mcp-server

by eduard256

Sec8

Allows AI assistants to interact with the Wildberries marketplace for product search, details, delivery, and filter discovery.

Setup Requirements

  • ⚠️Requires Playwright browsers (Chromium) to be installed if not using Docker (`npx playwright install chromium`).
  • ⚠️Resource intensive due to running a headless browser for each operation.
Verified SafeView Analysis
The server utilizes Playwright for web scraping, which launches a headless Chromium browser. While `page.evaluate` allows arbitrary JavaScript execution within the browser context, the code appears to control the injected scripts and only makes API requests to Wildberries domains. Input sanitization is applied via `encodeURIComponent` for user-provided query and address parameters when constructing URLs. The use of `--no-sandbox` for Playwright in the Docker setup is common for containerized environments but is inherently less secure than a sandboxed browser on a host. CORS is broadly enabled for all origins, which is acceptable for a public API but could be a minor consideration depending on deployment context. No obvious hardcoded sensitive secrets or direct `eval` usage were found beyond controlled `page.evaluate` calls.
Updated: 2026-01-19GitHub
0
0
Medium Cost
gauravvats1208 icon

Playwright-Project-MCP

by gauravvats1208

Sec8

End-to-end testing of an e-commerce application (SauceDemo) using Playwright and Cucumber, enhanced with AI for dynamic test data, scenario generation, failure analysis, and element finding.

Setup Requirements

  • ⚠️Requires AI_AGENT_API_KEY environment variable (likely for a paid AI service).
  • ⚠️Requires AI_USER_ID environment variable.
  • ⚠️The AI Agent is hardcoded to a specific AWS Lambda URL (a custom endpoint), implying a dependency on that particular AI service and its configuration rather than a generic AI API.
Verified SafeView Analysis
The project uses environment variables for AI API keys, which is good practice. AI agent communication with an external AWS Lambda URL (https://frwxt5uwb5da2wbtyx4p3wk4qm0sydut.lambda-url.us-east-1.on.aws) involves sending authentication details, relying on the security of that third-party endpoint. The AI-generated steps for 'executeTestStep' are parsed by a controlled switch statement that calls predefined methods, limiting direct code injection risks. The `JSON.parse` operations are generally safe. A minor concern is the placeholder 'your_api_key_here' in `AIAgent.js` if not properly configured by the user, although documentation guides towards setting environment variables.
Updated: 2026-01-19GitHub
0
0
Low Cost
pmkhairnarr icon

jpnv-sports-website

by pmkhairnarr

Sec9

Manages and displays sports data, schedules, results, and player profiles for the JPNV Sports 2025-26 season on a static website.

Setup Requirements

  • ⚠️Requires an unspecified build process or static site generator to transform raw data files (.xlsx, .csv, Google Sheets) into the static HTML content that the client-side JavaScript operates on.
  • ⚠️Relies on pre-existing HTML table structures for sorting and search functionality, which must be generated from the data sources.
Verified SafeView Analysis
The provided code is client-side JavaScript for a static website, primarily handling table sorting and search functionality. It uses `textContent` for DOM updates, minimizing XSS risks. No server-side code, direct network requests, 'eval' usage, or hardcoded secrets were found in the truncated source. The auto-deployment mentioned in the README implies a build process not visible, which would be the next area to audit for security.
Updated: 2026-01-19GitHub
PreviousPage 710 of 713Next