Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
High Cost
schimmmi icon

oura-mcp-server

by schimmmi

Sec9

Provides AI assistants with structured, semantic access to Oura Ring health data, offering advanced health intelligence, analytics, predictions, and personalized recommendations.

Setup Requirements

  • ⚠️Requires an Oura Access Token (from Oura Cloud), which may necessitate an Oura Ring and a paid subscription for full data access.
  • ⚠️Requires Python 3.10+ for local installation, or Docker/Docker Compose for containerized deployment.
  • ⚠️Integrating with AI clients like Claude Desktop requires manual editing of a configuration file with absolute paths to the Python executable and the 'main.py' script.
Verified SafeView Analysis
The project demonstrates strong security practices for sensitive data handling, explicitly loading 'OURA_ACCESS_TOKEN' from environment variables rather than hardcoding it. Configuration files are designed for read-only mounts in Docker. The default communication is via standard input/output (stdio), minimizing external network exposure, with future HTTP transport implementations expected to adhere to similar principles. Input validation is supported by Pydantic models for configuration and JSON schemas for tool arguments. Containerization leverages non-root users, resource limits, and health checks, further enhancing operational security. No critical vulnerabilities like 'eval' or obvious malicious patterns were found. Some local-only data processing may occur, which keeps data within the user's environment. The overall architecture is mindful of privacy and secure operation.
Updated: 2026-01-18GitHub
0
0
Medium Cost
avivlyweb icon
Sec7

Searches and analyzes medical research articles from PubMed with AI-powered evidence synthesis and trustworthiness scoring, accessible via a terminal-based Gemini CLI extension.

Setup Requirements

  • ⚠️Requires Google Gemini CLI to be installed globally.
  • ⚠️Requires Node.js 18+ and Python 3.10+ (the installer attempts to manage these, but manual intervention may be needed if system configurations are complex).
  • ⚠️Requires an active internet connection to access the PubMed API.
Verified SafeView Analysis
The installation process involves `curl | bash` which carries a risk if the GitHub source is compromised. The Python MCP server processes JSON-RPC requests via stdio and makes external calls to PubMed E-utilities. While standard library XML parsing (`ElementTree`) generally mitigates common XML exploits (like XXE) by default, it's a theoretical vector if PubMed's API responses were malicious. No obvious hardcoded secrets, `eval`, or direct arbitrary code execution from user input observed. Input validation is implicitly expected from the MCP framework and explicit in the Python logic, though direct string inputs to PubMed search could potentially impact NCBI if not fully sanitized by NCBI's API.
Updated: 2026-01-18GitHub
0
0
Medium Cost
alamedaim-apps icon

authnet-mcp

by alamedaim-apps

Sec9

Provides read-only access to Authorize.net transaction reporting and settlement data for AI assistants.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️Requires an Authorize.net merchant account and API credentials (API Login ID, Transaction Key).
  • ⚠️Needs an MCP-compatible client (e.g., Claude Code, Cline) to interact with the server.
Verified SafeView Analysis
The server explicitly uses environment variables for sensitive Authorize.net API credentials, preventing hardcoding. It is designed as read-only, eliminating risks of accidental charges or payment processing. All API calls are enforced over HTTPS by the underlying Authorize.net SDK. The code is straightforward with no apparent obfuscation or use of dangerous functions like 'eval'. Error handling for API responses is present, though specific error details could potentially be verbose if not carefully handled by the consuming AI. The dependency on the official Authorize.net SDK is a good practice.
Updated: 2025-12-03GitHub
0
0
Medium Cost
wangty6 icon
Sec8

Enables an AI assistant like Claude to read, analyze, and extract content (text and figures) from local PDF files.

Setup Requirements

  • ⚠️Requires Python 3.10 or newer.
  • ⚠️Compatibility explicitly listed only for macOS (darwin) in manifest.json, though Python libraries are often cross-platform.
  • ⚠️PyMuPDF (fitz) is a dependency that includes C-bindings, which might require compilation tools on some systems if pre-built wheels are not available.
Verified SafeView Analysis
The server provides powerful capabilities to read any local PDF file given a file_path argument. While the code itself does not show immediate vulnerabilities like 'eval' or hardcoded secrets, it grants the interacting LLM the ability to read arbitrary files on the system where the server runs. This is an inherent feature, not a flaw, but requires careful consideration regarding the LLM's permissions and potential for misuse if not constrained. File path validity is checked with `os.path.exists`, and requests for absolute paths are made in the docstrings.
Updated: 2026-01-19GitHub
0
0
Medium Cost
nikhilcherry icon

Indian-stock-MCP

by nikhilcherry

Sec9

Accessing real-time and historical financial data for companies listed on the Indian Stock Exchange (BSE and NSE).

Setup Requirements

  • ⚠️Requires a paid API Key from indianapi.in.
  • ⚠️Manual configuration of Claude Desktop's `claude_desktop_config.json` file is necessary.
  • ⚠️Node.js runtime environment must be installed.
Verified SafeView Analysis
The server loads the API key from an environment variable (ISE_API_KEY), which is good practice. No 'eval' or obvious obfuscation detected. The `mcp-config.json` example contains a hardcoded API key, but the instructions clearly state to replace it with the user's key, mitigating this as a severe risk for the application logic itself.
Updated: 2025-11-30GitHub
0
0
Low Cost
Hazarapet icon
Sec7

Provides a Model Context Protocol (MCP) server for runtime agents and enterprise LLMs, offering graph analysis, computation, and detection capabilities on a Neo4j database.

Setup Requirements

  • ⚠️Requires a running Neo4j database instance.
  • ⚠️Requires an OpenAI API Key (Paid service) for embedding generation.
Verified SafeView Analysis
The server binds to '0.0.0.0:8000', making it accessible from all interfaces. While this is common for cloud deployments, it requires proper external network security (e.g., firewalls, VPCs) to restrict access. All Neo4j queries use parameterized statements, effectively preventing Cypher injection vulnerabilities. Configuration is managed via environment variables (or .env file), avoiding hardcoded secrets in the source code.
Updated: 2025-12-19GitHub
0
0
Medium Cost
writechoiceorg icon

mcp-writechoice-server

by writechoiceorg

Sec7

This server provides a Model Context Protocol (MCP) interface for Vale, enabling AI assistants to perform text quality, style, and grammar checks.

Setup Requirements

  • ⚠️Requires the Vale linter binary to be installed separately and accessible in PATH.
  • ⚠️Requires Node.js version 22 or below (explicitly stated that it does not work with Node.js 25).
Verified SafeView Analysis
The server uses `child_process.exec` to run the external `vale` binary. While user-provided `fileName` arguments are enclosed in double quotes (mitigating simple shell injection), the overall security relies heavily on the `vale` binary itself being secure and robust against specially crafted input texts or configuration files. The `start-servers.js` and `start-servers.sh` scripts use aggressive `kill -9` commands to free ports, which is not a direct API vulnerability but could be a security concern in environments with elevated privileges if used carelessly.
Updated: 2025-11-21GitHub
0
0
Medium Cost
xtr-dev icon
Sec4

Automated web browser control and interaction through a Model Context Protocol (MCP) server, accessible via a web browser (noVNC) or programmatically via SSE/stdio.

Setup Requirements

  • ⚠️Docker and Docker Compose are required to run the server.
  • ⚠️Running the browser with `--no-sandbox` may expose security risks, especially if the service is publicly accessible or processes untrusted content.
Review RequiredView Analysis
The Playwright Chromium browser runs with `--no-sandbox` inside the Docker container. This is a significant security risk as it disables a crucial security layer, making the container vulnerable to root privilege escalation if an exploit escapes the browser sandbox. The `--allowed-hosts "*"` for the MCP server also broadens the potential attack surface, although it's typically contained within the Docker network. It is not recommended to expose this server directly to untrusted networks.
Updated: 2025-12-04GitHub
0
0
Medium Cost
RobGonWin icon

deving-gene

by RobGonWin

Sec9

A productivity and focus toolkit for developers, leveraging Alexa, a PC client, and VS Code to provide cognitive scaffolding and automation.

Setup Requirements

  • ⚠️Requires local-host tunneling for Alexa Skill to PC Client communication (current configuration).
  • ⚠️Requires Trello API credentials for Trello functionality.
  • ⚠️Requires NextDNS API for site blocking features.
  • ⚠️Platform specific: Windows 10/11.
Verified SafeView Analysis
The project emphasizes local-first, least-privilege design, and explicit denial of reading sensitive user data (keystrokes, files). Data is local by default. Planned configuration uses environment variables with OS keychain support for secrets. An optional localhost webhook is exposed, with tunneling being controllable. As actual source code is not yet available, this assessment is based on the strong stated design principles from the README.
Updated: 2025-11-19GitHub
0
0
Medium Cost
patelajay005 icon

MCP-Server

by patelajay005

Sec8

Sets up an AI agent (like Claude Desktop) to interact with GitHub repositories via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a GitHub Personal Access Token (PAT) with specific scopes (repo, workflow, read:org) to be manually created.
  • ⚠️Administrator (Windows) or sudo (macOS/Linux) access may be required for installation to system directories.
  • ⚠️The automated setup scripts are specifically configured for Claude Desktop. Manual configuration is required for other MCP-compatible clients.
Verified SafeView Analysis
The setup script downloads official GitHub binaries and configures a Personal Access Token (PAT). The PAT is stored in plain text within the Claude Desktop configuration file (`claude_desktop_config.json`), which is a common practice for local client-side configs but carries a risk if the user's machine is compromised. The project emphasizes strong security best practices for PAT management (never commit, rotate regularly, minimal scopes). No 'eval' or malicious patterns were found in the provided code.
Updated: 2025-11-24GitHub
0
0
Low Cost
anshu57 icon
Sec9

An MCP server for tracking and summarizing personal expenses.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Expense data stored in /tmp/expenses.db is ephemeral and will not persist across system reboots or server restarts if the original expenses.db is not maintained externally.
Verified SafeView Analysis
The application uses parameterized SQL queries, mitigating SQL injection risks. There are no 'eval' statements, obvious hardcoded secrets, or obfuscation. The database is copied to an ephemeral /tmp directory, which means data is not persistent across system reboots for the writable database, but this is a design choice rather than a security flaw. The server listens on 0.0.0.0, which means it will be accessible from any network interface; appropriate firewall rules are recommended in production environments.
Updated: 2025-11-24GitHub
0
0
Medium Cost
yuu-git icon
Sec7

Serves as a Model Context Protocol (MCP) server for Claude Desktop, enabling access to GitHub-based technical knowledge bases and local file-based note management.

Setup Requirements

  • ⚠️Requires .NET 10.0 SDK.
  • ⚠️Requires Claude Desktop (latest version) and manual configuration of its `claude_desktop_config.json`, specifying the full executable path.
  • ⚠️Manual editing of `appsettings.json` is required to configure GitHub repositories and local note paths.
  • ⚠️Local file writing (Phase 3) does not implement concurrent write protection, which could lead to data loss or corruption in high-concurrency scenarios.
Verified SafeView Analysis
The server can be configured to use a GitHub Personal Access Token (PAT) which, if hardcoded directly in `appsettings.json`, could pose a security risk. The `README` explicitly recommends using environment variables for PATs, which is good practice. Local file writing (Phase 3) lacks exclusive control for concurrent writes, which could lead to data integrity issues or loss if multiple operations attempt to write to the same file simultaneously. However, there are no indications of code execution vulnerabilities (e.g., `eval`) or obvious malicious patterns.
Updated: 2025-11-24GitHub
PreviousPage 711 of 713Next