Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(8554)

39
15
High Cost
MakingChatbots icon

genesys-cloud-mcp-server

by MakingChatbots

Sec9

Provides LLM access to Genesys Cloud's Platform API for business insights, including conversation analysis, queue management, and OAuth client auditing.

Setup Requirements

  • ⚠️Requires a Genesys Cloud organization and an OAuth Client configured with the necessary permissions for the tools intended to be used.
  • ⚠️Requires the environment variables GENESYSCLOUD_REGION, GENESYSCLOUD_OAUTHCLIENT_ID, and GENESYSCLOUD_OAUTHCLIENT_SECRET to be set.
  • ⚠️Requires Node.js version 18.20.0 or higher.
Verified SafeView Analysis
No hardcoded secrets were found; credentials are correctly fetched from environment variables. The server authenticates with Genesys Cloud using OAuth client credentials. The primary security consideration is ensuring the configured Genesys Cloud OAuth client has only the minimum necessary permissions assigned to prevent unauthorized data access, which is an external configuration risk.
Updated: 2025-12-04GitHub
39
18
Low Cost
grafana icon

xk6-mcp

by grafana

Sec3

A k6 extension for performance testing Model Context Protocol (MCP) servers.

Setup Requirements

  • ⚠️Requires `xk6` to be installed for building the custom k6 binary.
  • ⚠️Requires building a custom k6 binary with the extension (`xk6 build --with github.com/dgzlopes/xk6-mcp`).
  • ⚠️The provided examples depend on a separate `mcp-example-server` binary, which needs to be downloaded or run separately.
Review RequiredView Analysis
The `StdioClient` in the `mcp.go` source explicitly allows the k6 test script to specify an arbitrary local executable `path` and `args` (via `exec.Command`). This grants the k6 script direct command execution capabilities on the host system where k6 is running. While intended for interacting with local MCP servers, this poses a severe security risk if the k6 script itself is untrusted or compromised.
Updated: 2026-01-18GitHub
39
15
Low Cost
KennyVaneetvelde icon

mcp-forge

by KennyVaneetvelde

Sec8

A command-line interface (CLI) tool for scaffolding new Model Context Protocol (MCP) servers with various configurable features and transports.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️Generated projects heavily recommend `uv` for dependency management.
  • ⚠️Testing with `MCP Inspector` requires `npx` (Node.js/npm ecosystem).
Verified SafeView Analysis
The `mcp-forge` tool itself, which is a project generator, does not exhibit direct security vulnerabilities in its source code (e.g., no `eval`, obfuscation, or unmanaged network access). However, the documentation for *generated* projects highlights an example `CalculatorTool` that uses `eval(input_data.expression)`. This specific pattern in generated code is a critical security vulnerability, allowing arbitrary code execution if not properly sanitized or replaced by a safer alternative. Users of the generated servers must be aware of and mitigate such risks in the generated examples.
Updated: 2025-11-24GitHub
39
18
Medium Cost
noditlabs icon

nodit-mcp-server

by noditlabs

Sec9

Connects AI agents and developers to structured, context-ready blockchain data across multiple networks through Nodit's Web3 infrastructure.

Setup Requirements

  • ⚠️Requires Node.js 18+ runtime.
  • ⚠️Requires a Nodit API Key, obtained from the Nodit Console (a paid service).
  • ⚠️The Nodit API Key must be set as an environment variable (NODIT_API_KEY) for the server to function.
Verified SafeView Analysis
The server uses environment variables for sensitive API keys (NODIT_API_KEY), preventing hardcoding. Input validation for tool arguments is implemented using Zod. Network requests are directed to predefined Nodit API endpoints, which mitigates arbitrary URL injection risks. The server includes robust error handling for various API response statuses. Additionally, specific resource-intensive Solana operations are explicitly blocked, demonstrating a proactive security posture. No 'eval' or other dynamic code execution from user input was found.
Updated: 2026-01-16GitHub
39
16
Medium Cost
zekker6 icon

mcp-helm

by zekker6

Sec6

Provides a Model Context Protocol (MCP) server for AI assistants to interact with Helm repositories and charts without requiring a local Helm installation.

Setup Requirements

  • ⚠️Requires write access to `/tmp` for Helm cache and registry configuration.
  • ⚠️If building from source, Go 1.24.3 is required.
  • ⚠️Outgoing network access to Helm repositories is necessary for chart operations.
Verified SafeView Analysis
The server uses `helm.sh/helm/v4/pkg/downloader` and explicitly sets `Verify: downloader.VerifyNever`. This means it will not verify the integrity or authenticity of downloaded Helm charts (e.g., via provenance files). If this server is exposed to untrusted users or configured to pull charts from untrusted repositories, there's a significant risk of processing or analyzing potentially malicious chart content.
Updated: 2026-01-16GitHub
39
9
Medium Cost
airy10 icon
Sec4

Dynamic bridging between Apple's Foundation Models/AnyLanguageModel and external Model Context Protocol (MCP) servers for tool execution.

Setup Requirements

  • ⚠️Requires macOS 26.0+
  • ⚠️Requires Swift 6.0+
  • ⚠️Requires an external, MCP-compliant server to function (not included in this repository)
  • ⚠️OpenAI API Key (or similar) potentially required for some LLM backends in example use cases.
Review RequiredView Analysis
The library acts as a client to external MCP servers. Significant security risks exist if connecting to untrusted servers via HTTP/SSE or launching untrusted executables via stdio. The `executablePath` and `serverURL` inputs can lead to arbitrary code execution or data exfiltration if not carefully managed by the integrating application. The project is labeled as a proof-of-concept, implying it may lack production-grade security hardening.
Updated: 2025-11-28GitHub
39
26
Medium Cost
pkdindustries icon

soulshack

by pkdindustries

Sec4

An advanced IRC chatbot powered by LLMs, designed to bridge traditional chat with modern AI capabilities and a unified tool system.

Setup Requirements

  • ⚠️LLM API Keys or a local Ollama instance are required for core functionality (e.g., SOULSHACK_OPENAIKEY, SOULSHACK_ANTHROPICKEY, SOULSHACK_GEMINIKEY, SOULSHACK_OLLAMAURL).
  • ⚠️CRITICAL: The 'admins' configuration MUST be explicitly set to restrict administrative commands; otherwise, any IRC user can administer the bot.
  • ⚠️External dependencies for tools: 'jq' for shell scripts, 'npx' for local MCP filesystem server, 'docker' for system resource monitoring. These are not managed by Go and must be pre-installed.
  • ⚠️Go 1.23+ is required for building from source.
Review RequiredView Analysis
CRITICAL: By default, if the 'admins' list is empty, *any* user on IRC is considered an admin. This grants them full control over bot settings, including adding/removing tools (which can execute shell commands) and modifying API keys at runtime. Running this bot without explicitly configuring an 'admins' hostmask is a severe security risk. Additionally, the 'examples/tools/news.py' script uses 'verify=False' for HTTPS requests, which is vulnerable to Man-in-the-Middle attacks, and has a hardcoded empty API key, although this tool is optional.
Updated: 2026-01-18GitHub
39
12
High Cost
edwarddjss icon

ExpoSnap

by edwarddjss

Sec7

Enables AI assistants to view and analyze screenshots from React Native/Expo applications for AI-powered mobile UI development.

Setup Requirements

  • ⚠️Requires Node.js (>=20) to run the server.
  • ⚠️Requires manual integration of `ScreenshotWrapper` into the target React Native/Expo application.
  • ⚠️Relies on local network auto-discovery or manual configuration in the IDE's MCP settings, which might necessitate firewall adjustments or specific network setups.
Verified SafeView Analysis
The HTTP server uses a wide-open CORS policy (`Access-Control-Allow-Origin: *`), which is convenient for local development but poses a security risk in a production environment by allowing any domain to interact with it. File uploads are handled using `multer` and are saved to an internally managed directory with internally generated filenames, mitigating common path traversal vulnerabilities. No explicit 'eval' or direct command injection vectors with unsanitized user input were found. The auto-discovery feature actively scans local IP ranges, which could lead to unintended exposure on less controlled networks, though the server still requires specific endpoints to be hit.
Updated: 2025-12-10GitHub
39
11
Low Cost
microsoft icon

devbox-mcp-server

by microsoft

Sec5

Seamlessly integrate AI agents with Microsoft Dev Box services for natural language interactions to manage Dev Boxes, configurations, and pools.

Setup Requirements

  • ⚠️Node.js 18 or newer is required.
  • ⚠️Azure subscription with a provisioned Dev Center, at least one project, and appropriate RBAC permissions on Dev Center resources are necessary.
  • ⚠️Requires an MCP client, such as Visual Studio Code with GitHub Copilot extension or Visual Studio 2022 (version 17.14 or later).
  • ⚠️Authentication requires being logged into Windows SSO (Web Account Manager), Azure CLI, or configured with Azure environment variables with necessary permissions.
Verified SafeView Analysis
A full security audit is not possible as the actual source code for the `@microsoft/devbox-mcp` npm package was not provided for analysis. The provided `README.md` and `SECURITY.md` do not contain executable code. The installation uses `npx`, which downloads and runs a package directly, inherently trusting its contents. Authentication relies on robust Azure mechanisms like `DefaultAzureCredential` and WAM, minimizing risks of hardcoded secrets. No 'eval' or malicious patterns were found in the truncated files provided.
Updated: 2025-12-12GitHub
39
7
Medium Cost
isakskogstad icon

Skolverket-MCP

by isakskogstad

Sec9

Provides AI assistants access to Skolverket's open APIs (Curriculum, School Units, Planned Educations) to search, find, compare, and analyze educational data and statistics.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️For local installation with clients like Claude Desktop or OpenAI Codex, an absolute path to the 'dist/index.js' file is required in client configurations.
  • ⚠️While Skolverket APIs are generally open, the server supports an optional SKOLVERKET_API_KEY environment variable. If the upstream APIs were to require authentication, this would become a critical setup step.
Verified SafeView Analysis
The server correctly uses environment variables for API keys and redacts sensitive headers in logs. It employs robust error handling, request tracing, and configurable retries/timeouts for external API calls using Axios. CORS is enabled for all origins, which is standard for public APIs but allows access from any domain. No 'eval' or obvious malicious patterns were found. Logging is structured and directed to stderr for console output, which is crucial for MCP servers to prevent mixing logs with tool output.
Updated: 2025-12-08GitHub
39
8
High Cost
Pantheon-Security icon

notebooklm-mcp-secure

by Pantheon-Security

Sec9

Provides programmatic access and management of NotebookLM and Google Gemini for AI agents, offering deep research capabilities, document analysis, and comprehensive compliance and security features.

Setup Requirements

  • ⚠️Requires manual Google Account login via a browser window ('setup_auth') for NotebookLM access, which can be a point of friction.
  • ⚠️Requires a 'GEMINI_API_KEY' environment variable to enable Gemini Deep Research and Document API features, and these premium features may incur costs.
  • ⚠️NotebookLM has strict daily query quotas (e.g., 50 queries/day for free accounts), leading to potential 'RateLimitError' unless a Google AI Pro/Ultra account is used.
Verified SafeView Analysis
The server demonstrates an exceptionally strong focus on security and compliance, implementing a wide array of features including post-quantum encryption, certificate pinning, input/output validation (e.g., prompt injection, suspicious URLs), secure session management, tamper-evident audit logging, secrets scanning, breach detection, incident management, data retention, and secure data erasure with wiping. Input validation for URLs and session IDs helps mitigate common injection risks. The extensive compliance framework for GDPR, SOC2, and CSSF is well-integrated. The main security consideration is the reliance on browser automation (Patchright/Chromium) for NotebookLM interactions, which, while handled with robust isolation and stealth measures, introduces an inherent attack surface compared to pure API-based interactions. No 'eval' or obfuscation was found, and no hardcoded secrets were identified.
Updated: 2026-01-15GitHub
39
9
Low Cost
kdpa-llc icon

local-skills-mcp

by kdpa-llc

Sec9

Enables LLMs and AI agents to access expert skills stored locally on the filesystem, utilizing lazy loading for context-efficient interaction via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js version 18+ to run.
  • ⚠️When installed locally (not globally), the MCP client configuration requires an absolute path to the `dist/index.js` binary.
  • ⚠️Requires a separate MCP-compatible client (e.g., Claude Code, Claude Desktop, Cline) to interact with the server.
Verified SafeView Analysis
The server primarily operates on local files via stdio, minimizing network attack surface. It does not use `eval` or obvious obfuscation. Skill content (`SKILL.md`) is read and relayed, not executed by the server itself; the AI client interprets the content. Path traversal attempts during skill loading are handled by reporting a 'skill not found' error. The primary security consideration is trusting the source of the `SKILL.md` files, as malicious text content could theoretically influence an AI. The project includes a `SECURITY.md` and `CODE_OF_CONDUCT.md`.
Updated: 2026-01-19GitHub
PreviousPage 95 of 713Next