Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Low Cost
chefbob icon

OOMCP

by chefbob

Sec6

Enables AI assistants to read and modify OmniOutliner documents on macOS via a localhost HTTP server.

Setup Requirements

  • ⚠️Requires macOS 13.0 or later.
  • ⚠️Requires OmniOutliner Pro for scripting capabilities.
  • ⚠️Requires 'mcp-remote' (Node.js package) to be installed globally for Claude Desktop integration.
Verified SafeView Analysis
The server uses 'osascript' to execute JavaScript for Automation (JXA) scripts against OmniOutliner. This involves dynamic script execution, which is inherently risky. The application explicitly disables the macOS App Sandbox, which is a major security concern, although it states mitigations are in place: 1) server binds only to localhost (127.0.0.1) preventing remote access, 2) CORS is restricted to localhost, and 3) all user inputs are validated and sanitized (e.g., removal of null bytes, length limits, and escaping) before being passed to scripts. The JXA scripts themselves are templated. The primary residual risk is a potential vulnerability in input sanitization or JXA parsing that could lead to privilege escalation or unintended interactions with other local applications if the app or its inputs were compromised, due to the disabled sandbox.
Updated: 2026-01-16GitHub
0
0
Low Cost
ordinary3oy icon

splunk-mcp

by ordinary3oy

Sec3

Sets up a Proof of Concept environment for integrating Splunk's Model Context Protocol (MCP) Server with Claude Desktop.

Setup Requirements

  • ⚠️Requires Docker Desktop to be installed and running.
  • ⚠️Requires 1Password CLI ('op') for secure secrets management.
  • ⚠️Requires 'make', 'jq', and 'curl' utilities installed on the host machine.
  • ⚠️Manual restart of Claude Desktop is required after initial setup for configuration changes to take effect.
Review RequiredView Analysis
The setup explicitly disables SSL certificate verification for both the Splunk MCP server and the client-side 'mcp-remote' tool (`CURL_OPTS="-k"`, `ssl_verify=false`, `NODE_TLS_REJECT_UNAUTHORIZED="0"`). While noted for 'local development', this is a critical security vulnerability if used in any non-isolated environment or production, as it exposes data to potential man-in-the-middle attacks. The `README.md` file contains misleading links where all 'additional resources' (Splunk, Docker, 1Password documentation) and 'download' links point to a single zip file (`splunk-mcp-demagog.zip`) on GitHub, rather than their official sources or specific releases. This raises significant trust concerns regarding the integrity of the downloaded components and the installation instructions. Tokens are generated and stored in a file (`.secrets/splunk-token`) and the Claude Desktop config, but are restricted with `chmod 600` and have a 15-day expiry, which are reasonable practices. Secrets are managed securely via 1Password CLI for injection into environment variables.
Updated: 2026-01-19GitHub
0
0
Low Cost
OscarAC icon

kicad-mcp

by OscarAC

Sec7

Provides a web-based interface and API for managing and sharing KiCad electronic component data and related files.

Setup Requirements

  • ⚠️Requires Node.js runtime
  • ⚠️Configuration for port and data paths (DB_PATH, DATA_PATH, UPLOAD_PATH) is handled via environment variables, typically in a .env file.
Verified SafeView Analysis
Uses parameterized queries for SQLite, significantly mitigating SQL injection risks. No 'eval' or code obfuscation found. The default CORS configuration allows all origins, which might require stricter configuration for production. File upload functionality restricts allowed types (images, PDFs) but statically serves uploaded content, posing a minor risk if file type validation is bypassed or if malicious non-executable content (e.g., XSS in HTML) were uploaded and accessed. No hardcoded secrets were identified as configuration uses environment variables.
Updated: 2025-12-03GitHub
0
0
Medium Cost
m0370 icon
Sec9

Provides AI agents with tools to search, filter, and retrieve medical literature from PubMed via NCBI E-utilities API.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Optional but recommended `NCBI_API_KEY` environment variable for higher API rate limits (otherwise 3 requests/second limit).
  • ⚠️Requires `httpx` and `xmltodict` Python libraries to be installed (via `requirements.txt`).
Verified SafeView Analysis
The server loads `NCBI_API_KEY` from environment variables, avoiding hardcoded secrets. It communicates via standard input/output (stdio) as a subprocess, limiting external network exposure to explicit API calls. Uses `httpx` for HTTP requests and `xmltodict` for XML parsing, both standard and generally safe. There's no use of `eval` or direct execution of arbitrary user-provided code. XML parsing from external sources (NCBI) is a potential, but low, risk for XXE given the trusted source and modern Python XML library defaults.
Updated: 2025-11-24GitHub
0
0
Medium Cost
Didiye icon

mcp-dadosbr

by Didiye

Sec7

Provides a Model Context Protocol server for real-time lookup of Brazilian public data, including company information (CNPJ), postal codes (CEP), and intelligent web search with sequential thinking capabilities.

Setup Requirements

  • ⚠️The 'cnpj_search' and 'cnpj_intelligence' tools require a 'TAVILY_API_KEY' environment variable (Tavily is a paid service after its free tier of 1000 searches/month).
  • ⚠️For Cloudflare Workers deployment, a 'CLOUDFLARE_API_TOKEN' (with specific permissions) and KV namespaces are required, including 'MCP_KV' for rate limiting.
  • ⚠️Node.js version 18.0.0 or higher is required to run the server.
Verified SafeView Analysis
The server implements API key authentication and rate limiting for REST endpoints (e.g., /cnpj/{cnpj}, /search) when deployed as a Cloudflare Worker, which is good practice for public APIs. However, the core MCP protocol endpoints (/mcp, /sse) are intentionally unauthenticated for broad compatibility with AI assistants, meaning any client can make tool calls to these specific endpoints if exposed publicly. A dummy OAuth flow is provided for integration. Sensitive data in logs is protected via PII sanitization. While `eval` is not used, and API keys are expected via environment variables (not hardcoded), the unauthenticated nature of the MCP endpoints requires careful consideration for public deployments beyond personal or internal AI agent use.
Updated: 2026-01-19GitHub
0
0
Medium Cost
jtsang4 icon
Sec9

An MCP server providing long-term memory and semantic search capabilities using Qdrant vector database and OpenAI embeddings for AI agents.

Setup Requirements

  • ⚠️Requires OpenAI API Key (a paid service) for embeddings.
  • ⚠️Requires Python 3.12+.
  • ⚠️A running Qdrant instance is necessary (defaults to http://localhost:6333, but can be configured via QDRANT_URL).
Verified SafeView Analysis
The project avoids `eval` or similar dangerous functions. All sensitive configurations like API keys and URLs are loaded from environment variables, which is a good security practice. Network interactions are standard for connecting to Qdrant and OpenAI APIs. No obvious malicious patterns were found in the provided source code.
Updated: 2025-11-19GitHub
0
0
Low Cost
thomkav icon

mcp-gateway

by thomkav

Sec9

Provides a robust security layer for Model Context Protocol (MCP) servers, offering authentication, session management, authorization, rate limiting, and audit logging for AI agent integrations with third-party APIs.

Setup Requirements

  • ⚠️Requires `MCP_JWT_SECRET` environment variable (minimum 256 bits/32 bytes) for secure JWT signing. Using the default in development is insecure for production.
  • ⚠️Relies on OS Keyring (Keychain, Credential Manager, Secret Service) for secure API token storage. If unavailable or locked, it will fail in production configurations (`fallbackToMemory: false`).
  • ⚠️Users must configure their 3rd-party API tokens (e.g., Vikunja, GitHub) using the provided `mcp-gateway configure` CLI tool.
  • ⚠️Requires Node.js >=18.0.0 and pnpm >=9.0.0.
Verified SafeView Analysis
The project is explicitly designed with a strong focus on security, adhering to Anthropic's MCP Security Best Practices and mitigating common OWASP API Top 10 risks. Key security features include: JWT-based authentication with HMAC-SHA256 signatures, UUIDv4 cryptographically random session IDs, per-user rate limiting, comprehensive audit logging, and secure storage of third-party API tokens in the OS keyring (Keychain on macOS, Credential Manager on Windows, libsecret on Linux). There is no observable use of `eval` or direct dangerous `child_process` calls for untrusted input. Hardcoded secrets are explicitly avoided in favor of environment variables or OS keyring storage, with clear instructions for production use. Input validation using Zod schemas is extensive in examples to prevent injection attacks.
Updated: 2026-01-16GitHub
0
0
Low Cost
softdevarka icon

Odoo-MCP-Server

by softdevarka

Sec4

Integrate Odoo ERP with a Model Context Protocol (MCP) client to enable AI agents (like Claude) to interact with Odoo data and functionality.

Setup Requirements

  • ⚠️Requires a running Odoo 17.0 (or compatible) instance.
  • ⚠️Requires Docker and Docker Compose to easily set up the Odoo instance locally.
  • ⚠️Default Odoo credentials ('admin@example.com', 'admin123') are insecure and MUST be changed for production use.
  • ⚠️Requires Node.js for the MCP server application itself.
Verified SafeView Analysis
The project includes default/weak Odoo credentials ('admin@example.com', 'admin123') in `config/claude_desktop_config.json` and as fallback environment variables in `index.js`. The `docker-compose.yml` also uses a default 'odoo_password'. These must be changed immediately for any production or public deployment, as they pose a critical security risk. The server itself does not contain malicious patterns or 'eval' statements. Data is transmitted via XML-RPC over HTTP, which could be a concern if not secured with HTTPS (though not explicitly shown in the Odoo client setup).
Updated: 2025-11-20GitHub
0
0
Low Cost
bioanywhere icon

chivas2

by bioanywhere

Sec9

Provides Docker deployment configuration and CI/CD setup for a world-news-api-clients server, utilizing Google Artifact Registry and Workload Identity Federation.

Setup Requirements

  • ⚠️Docker required for local development and deployment
  • ⚠️Requires a GCP Project for CI/CD integration with Google Artifact Registry
  • ⚠️GitHub repository secrets `GCP_PROJECT_ID` and `GCP_PROJECT_NUMBER` are required for CI/CD
Verified SafeView Analysis
The provided source code is focused on deployment configuration and CI/CD, not the core application logic. It leverages secure practices such as Workload Identity Federation for GCP authentication and explicitly states that required secrets should be stored in repository settings, not hardcoded. No 'eval' or malicious patterns are observed in the provided deployment files (Dockerfile, docker-compose.yml, GitHub Actions workflow).
Updated: 2025-12-13GitHub
0
0
Low Cost
amruthasreddy icon

remote-mcp-server

by amruthasreddy

Sec9

Manages and tracks personal or business expenses through an API.

Setup Requirements

  • ⚠️Requires Python 3.14 or higher as specified in pyproject.toml.
  • ⚠️Requires write permissions in the system's temporary directory for the SQLite database.
Verified SafeView Analysis
SQL queries utilize parameterized statements, preventing common SQL injection vulnerabilities. No 'eval' or explicit hardcoded secrets were found. The server binds to 0.0.0.0, which means it's accessible from all network interfaces; this is common for development but would require additional security (e.g., firewall, authentication) if exposed to the public internet. Generic exception handling might hide specific error details, but not a direct security flaw in this context. Database path is in a temporary directory, which should typically be writable.
Updated: 2025-11-23GitHub
0
0
Low Cost
alangould92 icon

fareway-database-mcp

by alangould92

Sec9

Provides secure and performant access to Fareway's golf tour database for AI agents via Model Context Protocol (MCP) tools.

Setup Requirements

  • ⚠️Requires Supabase credentials (URL, Service Key) for database access.
  • ⚠️Requires a manually generated secure MCP_API_KEY for authentication.
  • ⚠️Node.js version >=20.0.0 is required.
Verified SafeView Analysis
The server demonstrates strong security awareness: API key authentication is mandatory for all core endpoints, rate limiting is implemented, and the architecture explicitly relies on Supabase Row-Level Security (RLS) for data access control. Environment variables are used for sensitive credentials (Supabase URL/Service Key, MCP API Key), with clear instructions for secure handling (e.g., using service role key, generating strong API keys). No 'eval' or obvious malicious patterns found. The primary remaining risks are common to any service handling sensitive keys: improper external configuration of Supabase RLS or accidental exposure of environment variables.
Updated: 2025-11-26GitHub
0
0
Low Cost
ziyacivan icon

autodocs-mcp

by ziyacivan

Sec8

Generates Model Context Protocol (MCP) servers from ReadTheDocs documentation to enable semantic search and provide documentation content for AI agents and VSCode integration.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Needs internet access for initial download of the Sentence Transformer embedding model from Hugging Face.
  • ⚠️The scraper interacts with external documentation websites, which may have rate limits or Cloudflare protection. `curl-cffi` is used to mitigate some protection mechanisms.
  • ⚠️The generated MCP server requires `chromadb`, `sentence-transformers`, and `mcp` libraries installed in its execution environment.
Verified SafeView Analysis
The server scrapes external websites based on a user-provided URL. Users should only provide trusted documentation URLs to mitigate risks from malicious external content. The tool writes files and creates directories in a user-specified output path; ensure this path is secure. Generated MCP servers execute Python code, load embedding models from Hugging Face (introducing potential supply chain risks), and interact with a local ChromaDB. The project includes a `SECURITY.md` outlining best practices and known considerations.
Updated: 2025-12-11GitHub
PreviousPage 712 of 713Next