Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

42
24
Medium Cost
JamesANZ icon
Sec9

Provides real-time prediction market data from Polymarket, PredictIt, and Kalshi for AI coding environments.

Setup Requirements

  • ⚠️Requires Node.js 18+ and npm to run.
  • ⚠️The automatic Claude Desktop setup script is macOS-specific and may require manual configuration on other operating systems or if Claude Desktop is not installed in the default location.
Verified SafeView Analysis
The server uses `superagent` for fetching data from known external APIs (Polymarket, PredictIt, Kalshi). Input validation for the `keyword` parameter is implemented using `zod` with a max length of 50 characters, and the keyword is URL-encoded before being used in API requests. No `eval` or arbitrary code execution from user input is apparent. Error handling is present for API failures. The `postinstall` script attempts to configure Claude Desktop by writing to a local JSON file, which is a local action and not a server-side vulnerability.
Updated: 2026-01-16GitHub
42
55
Low Cost
openSVM icon
Sec8

A Solana MCP (Multi-Chain Protocol) server that acts as a proxy for Solana RPC requests, offering enhanced capabilities like caching, metrics, and local sBPF program testing and management.

Setup Requirements

  • ⚠️Requires Rust toolchain and Solana CLI installed.
  • ⚠️Network RPC URLs (e.g., SOLANA_RPC_URL) must be configured in `config.json` or environment variables.
  • ⚠️The x402 payment protocol feature, if enabled, requires configuration of a `facilitator_base_url` and network-specific payment details.
Verified SafeView Analysis
The server includes robust input validation, URL sanitization, and HTTPS enforcement for external RPC calls. Sensitive information is redacted in logs. The most critical aspect, sBPF program execution, is performed within an in-memory `liteSVM` sandbox, which significantly mitigates direct code execution risks on the host. A security scanner for sBPF binaries is also provided, indicating a proactive security posture. However, as with any system executing untrusted code, extreme caution is always advised.
Updated: 2026-01-08GitHub
42
42
Medium Cost
kesslerio icon

attio-mcp-server

by kesslerio

Sec9

Provides an edge-compatible core library for building Attio Model Context Protocol (MCP) servers, enabling AI agents to interact with the Attio CRM via defined tools and a flexible HTTP client, including comprehensive data management and validation.

Setup Requirements

  • ⚠️Requires an Attio API Key or OAuth Access Token (must be set via `ATTIO_API_KEY` or `ATTIO_ACCESS_TOKEN` environment variables).
  • ⚠️For advanced phone validation configurations, direct handler invocation is required instead of using the tool registry for custom country settings.
  • ⚠️The server runtime explicitly requires Node.js (due to usage of `perf_hooks`), which might be a point of confusion given the `core` library's advertisement of broader 'edge-compatibility' across non-Node.js environments.
Verified SafeView Analysis
The server demonstrates strong security practices including extensive input validation (JSON schema, field-specific, UUID, email, phone, domain), robust error handling with redaction of sensitive data in logs, and mandatory use of environment variables for API keys/tokens. It also implements DoS protection mechanisms for batch operations and does not use 'eval' or obfuscated code. Any residual risks are inherent to external API integrations.
Updated: 2026-01-07GitHub
42
1
Medium Cost
KashifHanif628 icon
Sec8

This repository provides instructions for connecting Figma designs to the Gemini CLI to enable AI-powered code generation from design contexts.

Setup Requirements

  • ⚠️Requires Figma Personal Access Token (PAT)
  • ⚠️Requires Gemini CLI to be installed globally
  • ⚠️Figma design files must be publicly shared ('Anyone with the link can view')
Verified SafeView Analysis
The provided source code consists solely of README files, offering no server-side code to audit for common vulnerabilities like 'eval' or obfuscation. The security assessment is based on the instructions for integrating with the Figma MCP server via the Gemini CLI, which uses standard bearer token authentication. Users must securely manage their Figma Personal Access Token.
Updated: 2025-11-27GitHub
42
1
Medium Cost
yasg1988 icon

mcp-beget

by yasg1988

Sec9

Manages Beget hosting services (sites, domains, databases, FTP, Cron, DNS, backups, mail) via Claude Code.

Setup Requirements

  • ⚠️Requires Beget hosting account login and password.
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires configuration within Claude Code's `~/.claude/settings.json` file.
Verified SafeView Analysis
Credentials (BEGET_LOGIN, BEGET_PASSWORD) are loaded from environment variables, which is a good practice. The server makes standard HTTPS requests to the official Beget API endpoint. No 'eval', 'exec', or direct arbitrary code execution from user input is present in the provided source code. Security primarily depends on the user's secure handling of environment variables and the Beget API's own security measures.
Updated: 2025-11-28GitHub
42
30
Low Cost
dtkmn icon
Sec9

Orchestrates OWASP ZAP security scanning actions (spider, active scan, OpenAPI import, reporting) via the Model Context Protocol, enabling AI agents like Claude Desktop or Cursor to perform security testing.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for local setup, or Kubernetes 1.23+ and Helm 3.8+ for cluster deployment.
  • ⚠️Requires generation and configuration of ZAP_API_KEY, MCP_API_KEY, and LOCAL_ZAP_WORKPLACE_FOLDER environment variables before starting.
  • ⚠️For JWT authentication (recommended for production), a 256-bit JWT_SECRET must be generated and configured.
Verified SafeView Analysis
The project demonstrates strong security practices: it implements flexible authentication modes (API Key, JWT with refresh and blacklist), enforces robust URL validation to prevent scanning of internal/private networks and localhost by default, and mandates strong secret keys for JWT. CSRF protection is intentionally disabled with clear justification, as it's an API-only server using header-based token authentication (not cookies), aligning with OWASP API security best practices. There are no hardcoded secrets in the source code; sensitive configurations are loaded via environment variables, with 'changeme' defaults for development. Explicit warnings are provided for using 'none' security mode in production.
Updated: 2026-01-19GitHub
42
16
Medium Cost
LinkupPlatform icon

linkup-mcp-server

by LinkupPlatform

Sec9

Provides web search and page fetching capabilities for AI assistants, enabling real-time information access through Linkup's API.

Setup Requirements

  • ⚠️Requires a Linkup API Key (obtained from app.linkup.so, may involve a paid plan depending on usage).
  • ⚠️Requires an MCP compatible client (e.g., Cursor, VSCode, Claude Code) for integration.
  • ⚠️JavaScript rendering for page fetching (`renderJs: true`) can significantly increase request time and resource usage.
Verified SafeView Analysis
The server's source code is clean, well-structured, and does not contain obvious malicious patterns or hardcoded secrets. It acts as an intermediary, forwarding requests to the external Linkup API using a user-provided API key. The primary security consideration relies on the user's secure handling of their Linkup API key and the inherent security of the external Linkup API itself. Responses are JSON-stringified, ensuring transparency without direct eval execution. No obfuscation detected.
Updated: 2026-01-19GitHub
42
12
Medium Cost
opentargets icon

platform-mcp

by opentargets

Sec8

Provides a Model Context Protocol (MCP) server for AI assistants to interact with the Open Targets Platform GraphQL API for drug discovery and target-disease associations.

Setup Requirements

  • ⚠️Requires Python 3.10+ for execution.
  • ⚠️Requires 'uv' package manager for local development and dependency management.
  • ⚠️Project is experimental; features, APIs, and documentation may change without notice.
  • ⚠️Requires access to the external Open Targets Platform API.
Verified SafeView Analysis
The server includes an optional 'jq filtering' feature that dynamically evaluates 'jq' expressions provided by the user (or LLM). While 'jq' itself is a JSON processing language and not Python 'eval', a maliciously crafted or highly inefficient 'jq_filter' could potentially be used to exploit server resources, leading to a Denial of Service. This feature is disabled by default, which mitigates the risk. The server implements adaptive rate limiting to prevent general abuse. No hardcoded sensitive credentials were found. The project is explicitly labeled 'experimental' and 'under active development'.
Updated: 2026-01-11GitHub
42
1
Medium Cost
Aiden12581 icon

SpringAIAlibaba

by Aiden12581

Sec9

This repository provides a collection of Spring AI examples demonstrating various integrations with Alibaba Cloud's DashScope platform, covering chat, streaming, prompt engineering, structured output, memory, text-to-image, text-to-speech, embeddings, RAG, and tool calling.

Setup Requirements

  • ⚠️Requires Alibaba Cloud DashScope API Key (a paid service) configured as an environment variable `aliQwen-api` or a Spring property `spring.ai.dashscope.api-key`.
  • ⚠️Requires a running Redis instance for chat memory (SAA-08Persistent) and vector store (SAA-11Embed2vector, SAA-12RAG4AiOps).
  • ⚠️The SAA-02Ollama module requires a local Ollama instance running with the appropriate model.
  • ⚠️The SAA-18TodayMenu module requires a Bailian platform App ID configured via `spring.ai.dashscope.agent.options.app-id`.
Verified SafeView Analysis
The code uses environment variables or Spring's @Value annotation for API keys and other sensitive configurations (e.g., aliQwen-api, Redis host/port, Bailian App ID), which is good practice and avoids hardcoded secrets. No 'eval' or other direct code injection vulnerabilities were found. Standard web application security considerations apply.
Updated: 2025-11-28GitHub
42
13
Low Cost
poly-mcp icon
Sec9

A secure, production-ready IoT/Edge server designed to expose industrial protocols (MQTT, Modbus) via a unified HTTP API, enabling AI agents to monitor and control industrial infrastructure through the PolyMCP framework.

Setup Requirements

  • ⚠️Requires explicit setting of several critical environment variables (JWT_SECRET_KEY, ENCRYPTION_KEY, AUDIT_HMAC_KEY, MQTT_COMMAND_HMAC_KEY) for production (IOT_ENV=production). Ephemeral keys are used in development with warnings.
  • ⚠️Mandatory use of Pydantic v2 APIs; Pydantic v1 is not supported.
  • ⚠️Full functionality in production requires external dependencies like an MQTT broker, InfluxDB 2.0+, Redis, and Modbus devices (though some are optional depending on the exact use case).
Verified SafeView Analysis
The project demonstrates a high level of security awareness. It employs a security-first design with comprehensive measures: - **Input Validation & Sanitization:** Extensive use of `bleach` and custom validation (`validate_sensor_id`, `sanitize_dict`, etc.) prevents common injection attacks. - **Authentication & Authorization:** API key (`X-API-Key`) and JWT bearer token authentication, coupled with IP allowlisting (CIDR) and request/command rate limiting. - **Data Protection:** Fernet encryption for sensitive configuration data (passwords, tokens), and HMAC signatures for MQTT commands and audit log chaining (tamper-evident). - **Secrets Management:** Environment variables are strictly enforced for critical secrets in production mode, with ephemeral secrets generated in development only as a warning. - **Network Security:** MQTT supports TLS/SSL with client certificates. Modbus includes allowed address configuration per device. - **Audit Trail:** A robust audit logging system uses HMAC chaining to ensure log integrity. - **Dependency Security:** Relies on well-vetted libraries like `cryptography`, `pyjwt`, `passlib`, and `bleach`. - **Code Quality:** No obvious 'eval', obfuscation, or other immediately malicious patterns found. Error handling is generally good. The score is very high due to the comprehensive and thoughtful implementation of security, including defensive programming, strong cryptographic primitives, and secure defaults. Minor deductions account for the inherent complexity of integrating multiple protocols and external systems, which always carries some residual risk if not configured perfectly by the user.
Updated: 2026-01-09GitHub
42
40
Medium Cost
seuros icon
Sec7

This server demonstrates integrating the ActionMCP gem into a Ruby on Rails application to expose AI-callable tools, prompts, and resource templates for language models.

Setup Requirements

  • ⚠️Requires Ruby (specific version in .ruby-version)
  • ⚠️Requires PostgreSQL (Docker recommended for easy setup via `make up`)
  • ⚠️Requires Node.js/npm for the `npx @modelcontextprotocol/inspector` client for interactive testing
Verified SafeView Analysis
The application implements JWT-based authentication, which is a good practice. However, `docker-compose.yml` contains hardcoded development secrets (`SECRET_KEY_BASE`, `ACTION_MCP_JWT_SECRET`) which, while clearly marked for development, should ideally be managed via more secure means even for local environments (e.g., Rails credentials, Docker secrets). Tools like `RubocopTool` and `RubyCodeAnalyzerTool` process user-provided code/paths for static analysis; while not arbitrary execution, such operations always carry a risk of parser-level vulnerabilities or unintended information disclosure if input is not rigorously validated or if the environment is not secured. The `StartWorldWar3Tool` is explicitly marked as 'destructive' (mock functionality), highlighting a need for stringent authorization for any real-world destructive tools.
Updated: 2026-01-09GitHub
42
35
Medium Cost
Dishant27 icon
Sec8

This server acts as a Model Context Protocol (MCP) tool to enable LLMs to interact with the LinkedIn API for professional network data retrieval and interaction.

Setup Requirements

  • ⚠️Access to many LinkedIn APIs (e.g., People Search, Profile API, Messaging) is highly restricted by LinkedIn and often requires specific partner programs or explicit user authorization (OAuth 2.0 Authorization Code flow), which the current client_credentials authentication method does not support. This means many advertised functionalities (like sending messages, searching general profiles, or getting user connections) are likely non-functional for standard developer accounts.
  • ⚠️Requires Node.js 16+ to run the server.
  • ⚠️When configuring with an LLM like Claude Desktop, an absolute path to the compiled `index.js` file is required in the `claude_desktop_config.json`.
Verified SafeView Analysis
The server correctly loads credentials from environment variables, preventing hardcoded secrets. It implements OAuth 2.0 (client credentials and refresh token) using standard libraries (axios). There is no use of 'eval' or code obfuscation. Error handling is present for authentication and API requests. The core security mechanisms for handling credentials and making requests are implemented with good practices. The primary limitation will be LinkedIn's API access restrictions, which are a functional constraint rather than a code security flaw.
Updated: 2026-01-19GitHub
PreviousPage 74 of 713Next