Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

0
0
Medium Cost
horison-ai icon

mcp-servers

by horison-ai

Sec8

Provides integration servers for Horison's agentic chat service to connect with external applications like Google Drive, Gmail, and Outlook.

Setup Requirements

  • ⚠️Requires a parent `agentic-chat-service` to spawn subprocesses.
  • ⚠️Relies on an external `connectivity-service` for OAuth authentication.
  • ⚠️Requires careful handling of git submodules during cloning and updates.
Verified SafeView Analysis
The repository explicitly states several good security practices: all secrets managed via environment variables, OAuth tokens cached with a 5-minute TTL, and an internal API key for service-to-service communication. Per-connector authentication is also mentioned. However, without access to the actual source code, the effectiveness of these measures, especially in a 'multi-tenant, shared-infrastructure model', cannot be fully audited. There's no indication of 'eval', obfuscation, or hardcoded secrets in the provided README.
Updated: 2025-11-22GitHub
0
0
Low Cost
HiteshKumarMeghwar icon

test-remote-server

by HiteshKumarMeghwar

Sec10

This server provides basic arithmetic and random number generation capabilities through an MCP interface.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Port 8000 must be available for the server to run.
Verified SafeView Analysis
The server's source code is very simple and performs only basic arithmetic and random number generation. It does not use 'eval' or other dangerous functions, access external resources beyond its direct purpose, or handle sensitive data. No hardcoded secrets or malicious patterns were found. The 'fastmcp' library is used, and assuming its security, the application code itself appears extremely safe.
Updated: 2025-11-27GitHub
0
0
High Cost
PundarikakshNTripathi icon

Eidos

by PundarikakshNTripathi

Sec8

Eidos is an agentic MCP server that provides verified, reasoned feedback on low-level system programming tasks to AI coding agents, acting as a "Ground Truth Engine".

Setup Requirements

  • ⚠️Requires Google Gemini API Key (Paid service).
  • ⚠️Docker must be installed and running for sandboxed execution of system tools.
  • ⚠️Python 3.14+ is specified as the runtime environment in the README and badges.
Verified SafeView Analysis
The server uses `subprocess.run` to execute system tools (compilers, sanitizers, `readelf`). Code is written to temporary files before being passed to tools, mitigating direct command injection through the code string. The README emphasizes running within a sandboxed Docker container, which is crucial for secure execution of untrusted code. The `sanitize_input` utility function is defined but not actively used in the provided source code, which is a minor oversight but not a critical vulnerability given the current `subprocess.run` pattern using lists of arguments and temporary files. No `eval` or hardcoded secrets found.
Updated: 2025-11-30GitHub
0
0
Medium Cost
MarcGrol icon
Sec6

The Service Catalog MCP Server allows AI agents to query and understand the architecture, module ownership, interface dependencies, database usage, and Service Level Objectives (SLOs) of large software platforms via natural language.

Setup Requirements

  • ⚠️Requires Go toolchain for building (`make`).
  • ⚠️Requires manual configuration in LLM agent settings (e.g., `~/.gemini/settings.json` or `claude_desktop_config.json`) to specify the server executable path.
  • ⚠️For network-exposed transports (HTTP/SSE), API key authentication is optional and must be explicitly configured (`-api-key`) to prevent unauthorized access.
Verified SafeView Analysis
1. **Data Embedding:** Two SQLite databases (`service-catalog.sqlite` and `slos.sqlite`) containing potentially sensitive internal system architecture and SLO data are embedded directly into the executable. This means anyone with access to the binary has full access to this data, which could lead to information disclosure if the data itself is considered confidential for the organization. 2. **Optional Authentication:** The Streamable HTTP and SSE transports support API key authentication, but it is *optional*. If the server is deployed on a network without a configured API key (i.e., `--api-key` is not provided or is empty), any client can access its full functionality, allowing unauthorized access to the service catalog and SLO information. 3. **SQL Injection:** The repository layer (`internal/plugin/servicecatalog/repo/repo.go` and `internal/plugin/slo/repo/repo.go`) appears to use parameterized queries (e.g., `$1` placeholder for SQLite), which generally mitigates common SQL injection vulnerabilities. 4. **No Malicious Patterns:** No instances of `eval`, code obfuscation, or other immediately apparent malicious dynamic code execution patterns were found in the provided server source code.
Updated: 2025-12-16GitHub
0
0
Medium Cost
VinnyCarter05 icon

investing-mcp

by VinnyCarter05

Sec7

Parse and query investment statements from multiple institutions (Questrade, IBKR, Scotia, TD Direct) using natural language and structured queries, providing portfolio analytics and Monte Carlo simulations.

Setup Requirements

  • ⚠️Requires local PDF/CSV files for indexing (not direct broker integrations).
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Paths for data and databases are relative to the project structure; deviations may require explicit environment variable configuration or path adjustments (e.g., in `~/.claude/.mcp.json`).
  • ⚠️Uses `yfinance` for S&P 500 historical data in Monte Carlo simulations, which makes external API calls to Yahoo Finance (no API key required, but relies on external service availability).
Verified SafeView Analysis
The server primarily processes local PDF/CSV files using third-party libraries (`pymupdf4llm`, `csv` module). While well-established, processing untrusted external files inherently carries a risk of parser exploits or resource exhaustion. The `sentence-transformers` library downloads models from Hugging Face, assuming trust in these models. No obvious direct code vulnerabilities (e.g., SQL injection, RCE via `eval`) or hardcoded secrets are found. Environment variables are used for sensitive paths. Overall, it is reasonably safe for its intended local, personal use, assuming a degree of trust in the input files.
Updated: 2026-01-03GitHub
0
0
Medium Cost
ljchg12-hue icon

tty-mcp-server

by ljchg12-hue

Sec9

An MCP server that enables secure execution of TTY/PTY commands and interactive shell sessions for AI assistants or other clients.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher.
  • ⚠️The `node-pty` dependency, being a native addon, might require local build tools (e.g., C++ compiler, Python) during `npm install` on certain OS/architectures if pre-built binaries are unavailable.
  • ⚠️Requires an MCP client (e.g., Claude Code) to be configured (via `~/.mcp.json`) to connect to and utilize this server.
Verified SafeView Analysis
The server implements strong security measures, including a command whitelist, explicit blocking of dangerous shell metacharacters and command substitution patterns in both commands and arguments, and validation of the working directory to prevent path traversal. It uses `node-pty` to spawn commands directly, bypassing shell interpretation, which is a critical defense against injection. PTY sessions include timeouts and proper cleanup. The extensive whitelist of commands could slightly increase the attack surface if any whitelisted command has an unknown vulnerability, but overall, the approach is robust.
Updated: 2026-01-16GitHub
0
0
Low Cost
rk31339 icon
Sec7

A Spring Boot-based Model Context Protocol (MCP) server for AI-powered equity order management, providing tools for trading operations and market analysis.

Setup Requirements

  • ⚠️Requires Java 17 or higher
  • ⚠️Requires Maven 3.6+
Verified SafeView Analysis
The README explicitly states this is a development/demo server with mock data and lacks production-grade security features like authentication, authorization, rate limiting, and real data integration. No 'eval' or direct arbitrary code execution vulnerabilities from user input were found. Input to prompt generation functions (`marketAnalysis`, `greetUser`) is directly interpolated into strings, which could be a vector for prompt injection against the LLM client, but not against the server's execution environment. No hardcoded sensitive secrets are visible in the provided Java source.
Updated: 2025-12-01GitHub
0
0
Low Cost
alucardeht icon

figma-mcp-server

by alucardeht

Sec8

This server acts as an intermediary to receive Figma webhooks and forward them to another specified server for further processing or integration.

Setup Requirements

  • ⚠️Requires `FIGMA_API_KEY` environment variable.
  • ⚠️Requires `MCP_SERVER_URL` environment variable pointing to the ultimate destination server.
  • ⚠️Requires the server to be publicly accessible for Figma to send webhooks to.
Verified SafeView Analysis
The server functions as a simple proxy, forwarding incoming webhook data to a configurable `MCP_SERVER_URL`. While the code itself does not contain 'eval', obfuscation, or hardcoded secrets (API key is an env var), the security relies heavily on the trustworthiness of the configured `MCP_SERVER_URL` and the incoming webhook's origin. No specific input validation on the forwarded payload is observed, which is typical for a raw proxy but means downstream systems must handle validation.
Updated: 2025-12-05GitHub
0
0
Low Cost
korplydev icon
Sec8

A minimal Model Context Protocol (MCP) server demonstrating tool registration and exporting data in TOON format via a streamable HTTP transport.

Setup Requirements

  • ⚠️Requires Node.js and npm/yarn installed to run.
  • ⚠️This is an MCP server, providing tools for an LLM to consume, not an LLM-powered application itself.
Verified SafeView Analysis
The server uses CORS with 'origin: *', which is generally acceptable for development or internal APIs but not recommended for production-facing applications without specific origin restrictions. No other critical vulnerabilities like 'eval', obfuscation, hardcoded secrets, or malicious patterns were found in the provided source code. Input validation is handled using Zod schemas.
Updated: 2025-12-01GitHub
0
0
Medium Cost
tkdgur4427 icon

rekah-unreal-mcp

by tkdgur4427

Sec8

Provides Language Server Protocol (LSP) tools for Unreal Engine C++ development, enabling code analysis and navigation through a FastMCP server, specifically leveraging clangd.

Setup Requirements

  • ⚠️Requires 'clangd' to be installed and available in the system's PATH.
  • ⚠️An Unreal Engine C++ project requires a 'compile_commands.json' file for 'clangd' to function correctly. Instructions for generating it are provided by the setup tool.
  • ⚠️Requires Python 3.11 or higher.
  • ⚠️The server runs on the 'FastMCP' framework, which needs to be installed (e.g., 'mcp[cli]').
Verified SafeView Analysis
The server spawns and communicates with a local 'clangd' subprocess. The primary security consideration lies in how the parent FastMCP server exposes the 'setup_lsp' tool. If untrusted users can call 'setup_lsp' with arbitrary 'project_dir' or 'compile_commands_dir' paths, it could potentially lead to information disclosure via clangd reading files outside the intended scope or denial of service. The Python code itself does not use 'eval', is not obfuscated, and contains no hardcoded secrets. It robustly handles JSON-RPC message parsing, minimizing related injection risks.
Updated: 2026-01-17GitHub
PreviousPage 713 of 713Next