Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(2866)

98
1575
High Cost
glidea icon

zenfeed

by glidea

Sec7

An AI-powered information hub that acts as an intelligent RSS reader, real-time news knowledge base, and personal assistant for monitoring events and delivering analysis reports.

Setup Requirements

  • ⚠️Docker and Docker Compose are required for deployment.
  • ⚠️Requires API keys for Large Language Models (LLMs), such as SiliconFlow or Google Gemini. These are not free.
  • ⚠️Lack of authentication means strict firewall/security group rules are CRITICAL to prevent API_KEY leakage if exposed to public networks.
  • ⚠️Relies on an RSSHub instance (provided in docker-compose, but needs to be functional).
  • ⚠️Content processing using LLMs can incur significant token costs.
Verified SafeView Analysis
The server lacks built-in authentication, which means exposing it directly to public networks could lead to unauthorized access and API_KEY leakage. Users are explicitly warned in the README to configure strict firewall/security group rules and are responsible for safeguarding API keys and credentials. The default `docker-compose.yml` exposes several ports (1400, 1300, 1301, 9090) that need careful management.
Updated: 2025-11-22GitHub
98
575
Medium Cost
IvanMurzak icon

Unity-MCP

by IvanMurzak

Sec3

AI-powered game development assistant for Unity Editor and runtime, bridging Large Language Models (LLMs) with Unity's API to automate tasks, generate code, and debug projects.

Setup Requirements

  • ⚠️Requires Docker for recommended deployment (or manual binary setup).
  • ⚠️Requires Unity MCP Plugin installed in a Unity Editor project.
  • ⚠️Requires a compatible MCP Client (e.g., Claude Code, Cursor) for interaction.
  • ⚠️Unity project path cannot contain spaces for proper plugin installation and server operation.
Review RequiredView Analysis
The server and plugin architecture allows LLMs to perform C# code compilation and execution using Roslyn with full read/write access to Unity project assets and scripts. This means a potentially compromised or jailbroken LLM could generate and execute arbitrary malicious C# code, leading to data loss, project corruption, or system compromise without clear sandboxing or explicit user review for each code execution.
Updated: 2025-12-11GitHub
97
505
Low Cost
YuzeHao2023 icon

Awesome-MCP-Servers

by YuzeHao2023

Sec10

A curated, community-driven list of Model Context Protocol (MCP) servers, tools, frameworks, clients, and utilities, enabling AI models to securely interact with local and remote resources.

Verified SafeView Analysis
The provided source code is a documentation repository (README files) and is inherently safe to read. It contains a critical and comprehensive security warning section for *other MCP servers* listed within the ecosystem, advising users on best practices for safe deployment and interaction, including running servers in isolated environments and limiting permissions.
Updated: 2025-12-06GitHub
97
378
Low Cost
kagent-dev icon

kmcp

by kagent-dev

Sec8

Kubernetes controller and CLI for declarative deployment and management of Model Context Protocol (MCP) servers, simplifying local development to production.

Setup Requirements

  • ⚠️Requires a Kubernetes cluster with `kubectl` access.
  • ⚠️Requires Helm 3.0+ for controller installation.
  • ⚠️Local development tools depend on the chosen framework (e.g., Docker for building, Node.js/npm for `npx`, Python/uv, Go, Java/Maven).
Verified SafeView Analysis
The Kubernetes controller component utilizes standard K8s API interactions and applies security best practices like image tag validation and default security contexts (`runAsNonRoot`, `drop: ALL`). It's designed to deploy user-defined container images and commands (via `MCPServer` CRD), making the ultimate security dependent on the user's deployed workload and Kubernetes RBAC. The CLI component executes various system commands (`helm`, `kubectl`, `docker`, `npx`, `uv`, `go`, `mvn`) locally, requiring the user to have these tools installed and configured securely. A built-in sanitizer helps redact sensitive information in CLI output. No `eval` or arbitrary code execution vulnerabilities were found within the project's own controller or CLI logic.
Updated: 2025-11-24GitHub
97
399
Medium Cost
brave icon
Sec9

Integrates the Brave Search API to provide comprehensive search capabilities including web, local business, image, video, news, and AI-powered summarization.

Setup Requirements

  • ⚠️Requires a Brave Search API key, obtainable from brave.com/search/api/. Different plans (Free/Pro) offer varying query limits and features.
  • ⚠️Full local search capabilities and AI summarization (`brave_local_search`, `brave_summarizer`) require a Brave Search API Pro plan.
  • ⚠️The server defaults to STDIO transport. If HTTP transport is desired, it must be explicitly configured via environment variable (`BRAVE_MCP_TRANSPORT=http`) or command-line argument (`--transport http`).
Verified SafeView Analysis
The server correctly handles API keys via environment variables or CLI arguments, avoiding hardcoded secrets. Input parameters are validated using Zod schemas for various tools, ensuring data integrity. The 'goggles' parameter in search requests is sanitized to accept only HTTPS URLs, preventing arbitrary URL injection. Client-side rate limiting logic is present in `src/utils.ts` but commented out in the `issueRequest` function in `src/BraveAPI/index.ts`, implying reliance on upstream Brave API rate limits, which is not a critical vulnerability but means the server itself won't throttle outbound requests.
Updated: 2025-12-10GitHub
94
641
Medium Cost
hyperbrowserai icon

mcp

by hyperbrowserai

Sec9

This server provides Hyperbrowser's Model Context Protocol (MCP) interface, offering tools for web scraping, structured data extraction, crawling, and general-purpose browser automation using AI agents like OpenAI's CUA and Anthropic's Claude Computer Use.

Setup Requirements

  • ⚠️Requires a Hyperbrowser API Key (HYPERBROWSER_API_KEY or HB_API_KEY environment variable).
  • ⚠️Certain advanced features (e.g., CAPTCHA solving, Proxies, Batch Scrape, Static IPs) require a paid Hyperbrowser plan.
  • ⚠️Requires Node.js (v18.0.0 or higher).
  • ⚠️An OpenAI API Key (OPENAI_API_KEY environment variable) is required for some features like documentation summarization scripts and AI function calling integrations with OpenAI models.
Verified SafeView Analysis
The server correctly retrieves API keys from environment variables (HYPERBROWSER_API_KEY or HB_API_KEY), preventing hardcoded secrets. External network calls (to Hyperbrowser backend, Bing, OpenAI) are a core part of its functionality and appear well-defined and controlled, not arbitrary. JSON schema compilation via AJV is used for validation and does not pose a direct code execution risk. Relying on external cloud services for browser automation introduces external dependency risks inherent to the architecture, but the server's code itself follows good security practices.
Updated: 2025-11-20GitHub
94
172
Medium Cost
GuDaStudio icon

geminimcp

by GuDaStudio

Sec8

Integrates Google's Gemini CLI with Claude Code as an MCP server, enabling Claude Code to leverage Gemini for AI-assisted programming tasks, with a focus on frontend design.

Setup Requirements

  • ⚠️Requires installed and configured Claude Code
  • ⚠️Requires installed and configured Gemini CLI (implying Gemini's own API key setup)
  • ⚠️Requires 'uv' tool for installation
  • ⚠️Windows users are strongly recommended to run this project in WSL
Verified SafeView Analysis
The server executes the `gemini` CLI via `subprocess.Popen`. It correctly uses `shell=False` to prevent direct shell injection. The `PROMPT` is passed as a distinct argument to the `gemini` command. A `windows_escape` function is implemented for Windows environments, adding a layer of defense against argument parsing issues. The primary security consideration becomes the trustworthiness and security posture of the underlying Gemini CLI and its handling of arbitrary user prompts, rather than direct vulnerabilities within the wrapper itself.
Updated: 2025-12-11GitHub
93
105
Low Cost
YuzeHao2023 icon

MCP-oura

by YuzeHao2023

Sec9

An MCP server that provides language models access to Oura API for querying sleep, readiness, and resilience health data.

Setup Requirements

  • ⚠️Requires an Oura API token (Personal Access Token from Oura Developer Portal)
  • ⚠️Requires Python 3.12 or newer
  • ⚠️Uses `uvx` for execution, as demonstrated for Claude for Desktop integration.
Verified SafeView Analysis
The server retrieves API access tokens from environment variables, which is a good security practice. It uses `httpx` for network requests with a defined timeout. Input validation for dates is implemented. There are no obvious signs of 'eval' or other dangerous patterns, nor hardcoded secrets. Error handling is present for API and date parsing issues.
Updated: 2025-11-23GitHub
93
125
Medium Cost
agentfront icon

frontmcp

by agentfront

Sec8

FrontMCP is a TypeScript-first framework for building Model Context Protocol (MCP) servers, enabling AI models to interact with external systems through typed tools, resources, and prompts, including dynamic UI rendering and robust authentication.

Setup Requirements

  • ⚠️Requires Node.js >= 22
  • ⚠️Requires npm >= 10 (or Yarn)
  • ⚠️Some features (e.g., Caching, Employee Time app) default to requiring a local Redis instance running on `localhost:6379`
  • ⚠️Authentication configurations (e.g., `IDP_PROVIDER_URL`, `IDP_EXPECTED_AUDIENCE`) should be set via environment variables for production environments.
Verified SafeView Analysis
The server uses `enclave-vm` for sandboxed execution of user-provided JavaScript in CodeCall plugins, and `json-schema-to-zod-v3` incorporates ReDoS protection for regular expressions. These are strong mitigations for dynamic code and untrusted input. However, the `OpenapiAdapter` can fetch API specifications from external URLs, meaning the server's behavior can be influenced by external, potentially untrusted content. Operators must ensure the trustworthiness of OpenAPI sources. Default values for authentication providers are present in demo apps but are configurable via environment variables.
Updated: 2025-12-11GitHub
92
74
Medium Cost
nuxt-modules icon

mcp-toolkit

by nuxt-modules

Sec8

A Nuxt module for easily creating a Model Context Protocol (MCP) server directly within a Nuxt application, allowing AI assistants to access defined tools, resources, and prompts.

Setup Requirements

  • ⚠️Requires `zod` as a peer dependency.
  • ⚠️For Cloudflare Workers/Pages deployment, the `agents` package is required.
  • ⚠️To use Nuxt server utilities like `useEvent()` within handlers, `experimental.asyncContext: true` must be enabled in `nuxt.config.ts`.
  • ⚠️Initial setup requires `pnpm install` followed by `pnpm run dev:prepare` to generate type stubs before running development servers.
Verified SafeView Analysis
The module uses Zod for input/output validation, which is a strong security practice. Sensitive configurations like API keys are expected to be handled via environment variables (e.g., `GITHUB_CLIENT_ID`, `AI_GATEWAY_API_KEY`). The `execSync` command is used in the `detectIDE` function for internal developer tooling (IDE detection) and not exposed as a public API, limiting its direct risk. `evalite` for evaluations is used in a testing context, not in the production server, and is therefore an acceptable risk. Overall, the core server functionality appears robust with appropriate input handling.
Updated: 2025-12-09GitHub
89
57
High Cost
andrlange icon
Sec9

Provides a Model Context Protocol (MCP) server for comprehensive access to Spring ecosystem documentation, migration guides, code examples, language evolution, and Initializr metadata, primarily for AI agent consumption.

Setup Requirements

  • ⚠️Requires PostgreSQL database.
  • ⚠️Requires Java Development Kit (JDK) version 25.
  • ⚠️Requires active internet access to `spring.io`, `start.spring.io`, `api.github.com`, and `docs.spring.io` for data synchronization.
  • ⚠️Initial startup involves a potentially long data synchronization process to populate the knowledge base.
Verified SafeView Analysis
The application uses Spring Security for authentication (API keys and users), with BCrypt hashing for API keys and passwords. External HTTP requests to Spring.io, GitHub, and Initializr are performed using WebClient with timeouts and retry logic. URL validation is implemented for documentation fetching to prevent SSRF by restricting domains to known Spring-related sites. Jsoup is used for HTML parsing, and HTML to Markdown conversion is handled with cleaning steps to mitigate XSS. No obvious hardcoded secrets, 'eval' usage, or malicious patterns were found in the provided code snippets. Robust input validation with `jakarta.validation` is used across DTOs. A potential concern is the logging of full request parameters in `McpRequestLoggerService`, which could contain sensitive data depending on tool usage, but this is a data privacy/retention concern rather than a direct code vulnerability.
Updated: 2025-12-10GitHub
89
29
Medium Cost
iceener icon
Sec6

Manage Google Calendar events (search, create, update, delete, respond, check availability) via a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires a Google Cloud Project with Google Calendar API enabled and OAuth consent screen/credentials configured.
  • ⚠️For production deployments, origin validation (`isAllowedOrigin`) and token encryption (`RS_TOKENS_ENC_KEY` or `TOKENS_ENC_KEY`) must be explicitly hardened for security.
  • ⚠️Cloudflare Worker deployment requires a Cloudflare KV namespace for token storage.
Review RequiredView Analysis
The server implements robust security mechanisms for OAuth 2.1 (PKCE, token encryption at rest if configured) and extensive input validation (Zod). However, a critical vulnerability exists in `src/shared/mcp/security.ts` where the `isAllowedOrigin` function, used for origin validation in production, defaults to always returning `true`. This means any origin can connect to the server, making it highly insecure for remote production deployment without modification. The server explicitly warns in the README and code that `RS_TOKENS_ENC_KEY` (Node.js) or `TOKENS_ENC_KEY` (Cloudflare Workers) is highly recommended for encrypting tokens at rest, otherwise, they are stored unencrypted.
Updated: 2025-12-04GitHub
PreviousPage 4 of 239Next