Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

41
40
Medium Cost
zaizaizhao icon
Sec7

Generates various chart types using server-side rendering and stores the resulting images in MinIO object storage, providing accessible URLs.

Setup Requirements

  • ⚠️Requires Node.js (v18+) and npm/yarn.
  • ⚠️Requires Docker for easy deployment and MinIO integration.
  • ⚠️Requires system-level dependencies (e.g., Cairo, Pango, libpng) for Canvas image rendering in `@antv/gpt-vis-ssr`, which can be a point of friction during local setup.
  • ⚠️Critical environment variables (`PUBLIC_API_URL`, `MINIO_EXTERNAL_ENDPOINT`, MinIO credentials) must be correctly configured for production deployments to ensure proper external access and security.
Verified SafeView Analysis
The default MinIO credentials (`minioadmin`/`minioadmin`) are hardcoded in `docker-compose.yml` and used by default in `deploy-production.sh`. The README explicitly warns that these *must be changed* for production, but the script still uses them. The MinIO service also sets a public read policy for the 'charts' bucket, meaning generated images are publicly accessible without authentication. CORS is enabled globally, which could be a risk if not restricted to specific origins in production.
Updated: 2025-11-19GitHub
41
21
Medium Cost
intruder-io icon

intruder-mcp

by intruder-io

Sec9

Enables MCP clients to manage and query vulnerability scanning and security posture information from Intruder.io.

Setup Requirements

  • ⚠️Requires an Intruder API Key (potentially paid service).
  • ⚠️Requires a Python environment with 'uv' for local execution.
  • ⚠️Requires Docker for containerized execution.
Verified SafeView Analysis
The server correctly retrieves the Intruder API key from environment variables, preventing hardcoding. All external communication is directed to the official Intruder API endpoint. Pydantic models are used for data validation, enhancing robustness. No dangerous functions like 'eval' or arbitrary shell command execution from user input were detected in the provided source code.
Updated: 2025-11-26GitHub
41
16
High Cost
divar-ir icon

sourcegraph-mcp

by divar-ir

Sec8

Provides AI-enhanced code search and content fetching capabilities from Sourcegraph instances to LLM agents.

Setup Requirements

  • ⚠️Requires access to a Sourcegraph instance (sourcegraph.com or self-hosted).
  • ⚠️Requires Python 3.13+.
  • ⚠️The SRC_ENDPOINT environment variable must be set.
  • ⚠️SRC_ACCESS_TOKEN is required for private Sourcegraph instances.
Verified SafeView Analysis
The server relies on environment variables for sensitive data (SRC_ACCESS_TOKEN) and endpoint configuration, avoiding hardcoded secrets. It does not use 'eval' or other inherently dangerous functions. Network requests are made to a user-configured Sourcegraph endpoint. The primary security consideration is trusting the configured Sourcegraph instance and the integrity of the SRC_ENDPOINT variable to prevent malicious redirection.
Updated: 2025-11-25GitHub
41
17
Low Cost
enuno icon
Sec9

A Model Context Protocol (MCP) server that exposes the UniFi Network Controller API, enabling AI agents and applications to interact with UniFi network infrastructure in a standardized way.

Setup Requirements

  • ⚠️Requires UniFi API Key for authentication.
  • ⚠️Docker and Docker Compose are highly recommended for deployment.
  • ⚠️Python 3.10+ is required.
  • ⚠️Full functionality (e.g., Zone-Based Firewall features) requires 'UNIFI_API_TYPE=local' which means local network access to your UniFi gateway.
Verified SafeView Analysis
The server implements strong security practices including reading API keys from environment variables, HMAC signature verification for webhooks, mandatory confirmation flags for all mutating operations, dry-run mode for previewing changes, and comprehensive audit logging. It uses httpx for API calls with configurable SSL verification. A 'debug_api_request' tool is present but is guarded by a 'DEBUG' environment variable, mitigating accidental exposure in production. There is no evidence of direct 'eval' or similar dangerous patterns used without clear context. The caching layer (Redis) is optional and handles its absence gracefully.
Updated: 2026-01-08GitHub
41
14
Low Cost
prefrontal-systems icon

cortexgraph

by prefrontal-systems

Sec9

A Model Context Protocol (MCP) server providing AI assistants with ephemeral, local short-term memory, temporal decay, reinforcement, and automatic promotion to long-term storage.

Setup Requirements

  • ⚠️Requires `sentence-transformers` and spaCy models (`en_core_web_sm`) to be installed/downloaded for full functionality (embeddings, entity extraction), otherwise these features are disabled.
  • ⚠️The `bd` CLI tool (for 'beads' issue tracking) is a dependency if agent functionalities are enabled and utilized for coordination.
  • ⚠️The default JSONL storage loads all memories into RAM, making it unsuitable for very large datasets; SQLite storage is available as a more scalable alternative.
Verified SafeView Analysis
The project demonstrates a very strong focus on security, with dedicated modules and features for input validation, path traversal prevention, file/directory permission hardening (0o600/0o700), and sensitive data detection. The `detect_secrets` module actively scans content and `.env` files for common secret patterns (API keys, tokens, passwords) and warns the user. Rate limiting is implemented for API endpoints. `subprocess.run` is used for external CLI (`bd` for Beads integration) but appears to be handled with care, using `--json` output and not `shell=True`. Overall, security is a core concern, making it robust against common vulnerabilities.
Updated: 2026-01-15GitHub
41
3
Medium Cost
Fawzy-AI-Explorer icon

ObsidianMate

by Fawzy-AI-Explorer

Sec9

An intelligent, AI-powered assistant designed to supercharge Obsidian note-taking workflows.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher
  • ⚠️Requires Docker for MCP (Model Context Protocol) servers (Obsidian, YouTube Transcript)
  • ⚠️Requires a Google API Key (Paid for LLM usage)
  • ⚠️Requires an Obsidian API Key for vault interaction
Verified SafeView Analysis
Secrets (API keys) are handled using `SecretStr` from Pydantic settings, loaded from environment variables or .env files, which is good practice. The application runs a FastAPI server exposed on 0.0.0.0:8000 and leverages Docker for MCP services (Obsidian, YouTube Transcript, Excalidraw), which might expose additional network interfaces. Proper network isolation and firewall rules are recommended for production deployment. No direct `eval` calls or clear malicious patterns were found.
Updated: 2025-11-30GitHub
41
23
High Cost
i-dot-ai icon

lex

by i-dot-ai

Sec9

Provides a UK legal research API for AI agents, offering capabilities to search legislation, caselaw, amendments, and explanatory notes using semantic and keyword search, and includes a Micro-Copilot (MCP) server for integration with AI assistants.

Setup Requirements

  • ⚠️Requires Azure OpenAI API Key (Paid): Critical for semantic search, AI summaries, explanations, and PDF processing (embeddings and chat models).
  • ⚠️Requires Qdrant Vector Database: Can be run locally via Docker Compose or connected to a cloud instance (requires URL/API Key).
  • ⚠️Requires Initial Data Ingestion: The server is non-functional without pre-ingested legal data. The ingestion process is time-consuming and also incurs significant AI token costs.
  • ⚠️Docker required for local setup of Qdrant and convenient execution.
Verified SafeView Analysis
The server uses `uvicorn` with `reload=True` in its local run command, which is not suitable for production. CORS is configured with `allow_origins=["*"]`, typical for a public API but note-worthy. Secret management for `QDRANT_CLOUD_API_KEY`, `AZURE_OPENAI_API_KEY`, and `REDIS_PASSWORD` relies on environment variables, which is good practice. The system interacts with external AI services for embeddings, summaries, explanations, and PDF OCR, involving potentially large prompts and outputs. While these interactions are handled by client libraries with retry/timeout mechanisms, the experimental `FASTMCP_EXPERIMENTAL_ENABLE_NEW_OPENAPI_PARSER` feature is used, which might have unknown implications.
Updated: 2026-01-13GitHub
41
2
Medium Cost
yejianye icon
Sec9

Provides semantic search and connection discovery within Obsidian vaults, leveraging pre-generated embeddings, for both command-line users and AI agents via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️Requires the Smart Connections Obsidian plugin to be installed and the vault indexed within Obsidian, as it relies on plugin-generated embedding data ('.smart-env/').
  • ⚠️Requires the `OBSIDIAN_VAULT` environment variable to be set or the `--vault`/`vault_path` argument to be provided for specifying the Obsidian vault path.
Verified SafeView Analysis
The server and CLI operate on local, pre-indexed Obsidian vault data, performing only read operations. Robust path validation mechanisms (e.g., `fs.realpathSync`, `path.relative` checks) are implemented when handling user-provided note paths to prevent path traversal attacks, ensuring all operations remain strictly within the defined vault boundary. Embedding generation for queries uses `@xenova/transformers` locally, mitigating external network risks during inference. No direct `eval` usage or hardcoded sensitive information was found.
Updated: 2025-11-25GitHub
41
29
High Cost
FlowLLM-AI icon

flowllm

by FlowLLM-AI

Sec2

FlowLLM is a configuration-driven framework for building LLM-powered applications, encapsulating LLM, Embedding, and vector store capabilities as HTTP/MCP services. It's designed for AI assistants, RAG applications, and complex workflow orchestration, minimizing boilerplate code.

Setup Requirements

  • ⚠️Requires API keys for LLM and Embedding models (typically paid services like OpenAI, DashScope).
  • ⚠️Requires Python 3.10+ (as per `README.md`).
  • ⚠️Full functionality may require external services like Elasticsearch, Qdrant, PostgreSQL (with pgvector), or Ray, which need separate setup and management.
Review RequiredView Analysis
The framework uses `exec()` and `eval()` internally (`parse_flow_expression`) to process `flow_content` defined in YAML configuration. While the documentation states execution in a 'restricted environment', arbitrary code execution remains a critical risk if the YAML input is not from an absolutely trusted source or if the sandbox is insufficient. Default CORS settings allow all origins, which should be restricted in production environments.
Updated: 2026-01-07GitHub
41
22
Low Cost
flaviodelgrosso icon

fastify-mcp-server

by flaviodelgrosso

Sec9

A Fastify plugin providing a streamable HTTP transport for the Model Context Protocol (MCP), enabling AI assistants to interact with services.

Setup Requirements

  • ⚠️Requires Node.js >= 22
  • ⚠️Requires Fastify 5.x
  • ⚠️Requires implementation of a `createMcpServer` factory function to define MCP tools.
Verified SafeView Analysis
The plugin provides a secure framework for implementing an MCP server, including robust Bearer token authentication and session management with pluggable storage. Bearer token validation relies on a user-provided `OAuthTokenVerifier` implementation, ensuring no hardcoded secrets in the core plugin. Session management for Redis uses `SCAN` for operations to prevent blocking. The overall security posture in a deployed application will depend on the security of the user's `OAuthTokenVerifier` implementation, the `createMcpServer` logic, and the underlying `@modelcontextprotocol/sdk` itself. The demo includes a clearly marked mock verifier.
Updated: 2026-01-19GitHub
41
16
Medium Cost
xiaolai icon
Sec8

Provides long-term memory for AI coding agents by indexing conversation history, tracking decisions and mistakes, and enabling semantic search across projects.

Setup Requirements

  • ⚠️Requires Node.js 20 or 22 LTS; other versions may break native modules.
  • ⚠️If using Ollama, `ollama serve` must be running and the embedding model must be pulled. If using OpenAI, `OPENAI_API_KEY` environment variable is required. Transformers.js is the default and works offline.
  • ⚠️Default storage paths require a writable home directory. In sandboxed environments (e.g., certain Claude setups), `CCCMEMORY_DB_PATH` and `CCCMEMORY_GLOBAL_INDEX_PATH` environment variables must be explicitly set to a writable location.
Verified SafeView Analysis
The server uses `better-sqlite3` for local database storage and `simple-git` for Git integration. SQL queries are generally parameterized, mitigating SQL injection risks. File system operations for project data and backups leverage built-in Node.js `fs` module, with efforts made in path sanitization (`sanitization.ts`) to prevent path traversal attacks. Environment variables are used for sensitive information like `OPENAI_API_KEY` rather than hardcoding. The `execFileSync` calls in `worktree.ts` for Git commands appear to use controlled arguments, reducing command injection risk. Network interaction for embeddings is with specified LLM APIs (Ollama, OpenAI, or local Transformers.js). Overall, good practices are in place, but local file system interaction always presents some inherent risk if configured maliciously by an untrusted host.
Updated: 2026-01-08GitHub
41
23
Medium Cost
OEvortex icon

ddg_search

by OEvortex

Sec8

A Model Context Protocol server for web search using DuckDuckGo and AI-powered answers from IAsk AI, Monica, and Brave AI, designed for integration with AI assistants.

Setup Requirements

  • ⚠️Reliance on web scraping means the server is susceptible to breaking changes if DuckDuckGo, IAsk AI, Monica, or Brave AI alter their website structure or APIs.
  • ⚠️Performance and resource consumption (network, CPU) can be significant for 'detailed' web searches that fetch full page content via Jina AI or for comprehensive AI-generated responses.
Verified SafeView Analysis
The server employs good security practices, including rotating user agents to mitigate detection during web scraping and robust input validation for all search queries and parameters. Network requests use timeouts to prevent hangs from unresponsive external services. Critically, it explicitly states 'No API keys required', which reduces the risk of credential exposure. Error handling for tool execution is comprehensive, returning structured error messages without crashing the server. The server's own source code does not implement explicit rate limiting, but this might be handled by the underlying MCP SDK or is expected from the consuming client.
Updated: 2026-01-19GitHub
PreviousPage 81 of 713Next