Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

39
30
Low Cost
firstorderai icon

authenticator_mcp

by firstorderai

Sec9

Enables AI agents to securely retrieve 2FA codes and passwords from a local Authenticator App for automated login processes.

Setup Requirements

  • ⚠️Requires the Authenticator App · 2FA desktop version to be installed and running on the same machine.
  • ⚠️Requires an access token to be generated within the Authenticator App's settings and provided to the MCP server.
Verified SafeView Analysis
The server design enhances security by communicating exclusively with a local desktop application (via 127.0.0.1) and requiring a generated access token for authentication. Input parameters for website and username are properly URL-encoded and validated using Zod. The access token is handled through environment variables or CLI arguments, not hardcoded. A minor concern is the override of `process.stdout.write` to silently filter non-JSON messages, which could obscure debugging information but does not appear to be a direct security vulnerability.
Updated: 2026-01-08GitHub
39
12
Medium Cost
Happy-Technologies-LLC icon

mcp-servicenow-nodejs

by Happy-Technologies-LLC

Sec3

Automate ServiceNow operations, development, and administration through an AI-powered interface, offering multi-instance support, dynamic schema discovery, natural language querying, and local script synchronization.

Setup Requirements

  • ⚠️Requires ServiceNow instance(s) with API access and credentials (admin/developer roles highly recommended for full functionality).
  • ⚠️Requires Node.js 18+ to run.
  • ⚠️For multi-instance support, manual setup of 'config/servicenow-instances.json' is required.
  • ⚠️SSE connections might require specific proxy configurations (e.g., Nginx, Traefik, HAProxy) to maintain keepalives in production environments, as mentioned in documentation.
Review RequiredView Analysis
The 'SN-Execute-Background-Script' tool allows for arbitrary JavaScript code execution on the connected ServiceNow instance with the privileges of the configured user via `sys_trigger` records. If the MCP server or an interacting AI agent is compromised, this could lead to full remote code execution and data manipulation on the ServiceNow instance. The 'SN-Sync-Script-From-Local' and 'SN-Watch-Scripts' tools also introduce a risk by automatically pushing local code changes to ServiceNow; a compromised local repository could inject malicious scripts. While hardcoded secrets are avoided by using environment variables or a configuration file, the inherent capability to execute arbitrary code is a significant security concern if not managed within a highly secure and controlled environment.
Updated: 2026-01-13GitHub
39
15
High Cost
MakingChatbots icon

genesys-cloud-mcp-server

by MakingChatbots

Sec9

Provides LLM access to Genesys Cloud's Platform API for business insights, including conversation analysis, queue management, and OAuth client auditing.

Setup Requirements

  • ⚠️Requires a Genesys Cloud organization and an OAuth Client configured with the necessary permissions for the tools intended to be used.
  • ⚠️Requires the environment variables GENESYSCLOUD_REGION, GENESYSCLOUD_OAUTHCLIENT_ID, and GENESYSCLOUD_OAUTHCLIENT_SECRET to be set.
  • ⚠️Requires Node.js version 18.20.0 or higher.
Verified SafeView Analysis
No hardcoded secrets were found; credentials are correctly fetched from environment variables. The server authenticates with Genesys Cloud using OAuth client credentials. The primary security consideration is ensuring the configured Genesys Cloud OAuth client has only the minimum necessary permissions assigned to prevent unauthorized data access, which is an external configuration risk.
Updated: 2025-12-04GitHub
39
18
Low Cost
grafana icon

xk6-mcp

by grafana

Sec3

A k6 extension for performance testing Model Context Protocol (MCP) servers.

Setup Requirements

  • ⚠️Requires `xk6` to be installed for building the custom k6 binary.
  • ⚠️Requires building a custom k6 binary with the extension (`xk6 build --with github.com/dgzlopes/xk6-mcp`).
  • ⚠️The provided examples depend on a separate `mcp-example-server` binary, which needs to be downloaded or run separately.
Review RequiredView Analysis
The `StdioClient` in the `mcp.go` source explicitly allows the k6 test script to specify an arbitrary local executable `path` and `args` (via `exec.Command`). This grants the k6 script direct command execution capabilities on the host system where k6 is running. While intended for interacting with local MCP servers, this poses a severe security risk if the k6 script itself is untrusted or compromised.
Updated: 2026-01-18GitHub
39
15
Low Cost
KennyVaneetvelde icon

mcp-forge

by KennyVaneetvelde

Sec8

A command-line interface (CLI) tool for scaffolding new Model Context Protocol (MCP) servers with various configurable features and transports.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️Generated projects heavily recommend `uv` for dependency management.
  • ⚠️Testing with `MCP Inspector` requires `npx` (Node.js/npm ecosystem).
Verified SafeView Analysis
The `mcp-forge` tool itself, which is a project generator, does not exhibit direct security vulnerabilities in its source code (e.g., no `eval`, obfuscation, or unmanaged network access). However, the documentation for *generated* projects highlights an example `CalculatorTool` that uses `eval(input_data.expression)`. This specific pattern in generated code is a critical security vulnerability, allowing arbitrary code execution if not properly sanitized or replaced by a safer alternative. Users of the generated servers must be aware of and mitigate such risks in the generated examples.
Updated: 2025-11-24GitHub
39
18
Medium Cost
noditlabs icon

nodit-mcp-server

by noditlabs

Sec9

Connects AI agents and developers to structured, context-ready blockchain data across multiple networks through Nodit's Web3 infrastructure.

Setup Requirements

  • ⚠️Requires Node.js 18+ runtime.
  • ⚠️Requires a Nodit API Key, obtained from the Nodit Console (a paid service).
  • ⚠️The Nodit API Key must be set as an environment variable (NODIT_API_KEY) for the server to function.
Verified SafeView Analysis
The server uses environment variables for sensitive API keys (NODIT_API_KEY), preventing hardcoding. Input validation for tool arguments is implemented using Zod. Network requests are directed to predefined Nodit API endpoints, which mitigates arbitrary URL injection risks. The server includes robust error handling for various API response statuses. Additionally, specific resource-intensive Solana operations are explicitly blocked, demonstrating a proactive security posture. No 'eval' or other dynamic code execution from user input was found.
Updated: 2026-01-16GitHub
39
16
Medium Cost
zekker6 icon

mcp-helm

by zekker6

Sec6

Provides a Model Context Protocol (MCP) server for AI assistants to interact with Helm repositories and charts without requiring a local Helm installation.

Setup Requirements

  • ⚠️Requires write access to `/tmp` for Helm cache and registry configuration.
  • ⚠️If building from source, Go 1.24.3 is required.
  • ⚠️Outgoing network access to Helm repositories is necessary for chart operations.
Verified SafeView Analysis
The server uses `helm.sh/helm/v4/pkg/downloader` and explicitly sets `Verify: downloader.VerifyNever`. This means it will not verify the integrity or authenticity of downloaded Helm charts (e.g., via provenance files). If this server is exposed to untrusted users or configured to pull charts from untrusted repositories, there's a significant risk of processing or analyzing potentially malicious chart content.
Updated: 2026-01-16GitHub
39
9
Medium Cost
airy10 icon
Sec4

Dynamic bridging between Apple's Foundation Models/AnyLanguageModel and external Model Context Protocol (MCP) servers for tool execution.

Setup Requirements

  • ⚠️Requires macOS 26.0+
  • ⚠️Requires Swift 6.0+
  • ⚠️Requires an external, MCP-compliant server to function (not included in this repository)
  • ⚠️OpenAI API Key (or similar) potentially required for some LLM backends in example use cases.
Review RequiredView Analysis
The library acts as a client to external MCP servers. Significant security risks exist if connecting to untrusted servers via HTTP/SSE or launching untrusted executables via stdio. The `executablePath` and `serverURL` inputs can lead to arbitrary code execution or data exfiltration if not carefully managed by the integrating application. The project is labeled as a proof-of-concept, implying it may lack production-grade security hardening.
Updated: 2025-11-28GitHub
39
26
Medium Cost
pkdindustries icon

soulshack

by pkdindustries

Sec4

An advanced IRC chatbot powered by LLMs, designed to bridge traditional chat with modern AI capabilities and a unified tool system.

Setup Requirements

  • ⚠️LLM API Keys or a local Ollama instance are required for core functionality (e.g., SOULSHACK_OPENAIKEY, SOULSHACK_ANTHROPICKEY, SOULSHACK_GEMINIKEY, SOULSHACK_OLLAMAURL).
  • ⚠️CRITICAL: The 'admins' configuration MUST be explicitly set to restrict administrative commands; otherwise, any IRC user can administer the bot.
  • ⚠️External dependencies for tools: 'jq' for shell scripts, 'npx' for local MCP filesystem server, 'docker' for system resource monitoring. These are not managed by Go and must be pre-installed.
  • ⚠️Go 1.23+ is required for building from source.
Review RequiredView Analysis
CRITICAL: By default, if the 'admins' list is empty, *any* user on IRC is considered an admin. This grants them full control over bot settings, including adding/removing tools (which can execute shell commands) and modifying API keys at runtime. Running this bot without explicitly configuring an 'admins' hostmask is a severe security risk. Additionally, the 'examples/tools/news.py' script uses 'verify=False' for HTTPS requests, which is vulnerable to Man-in-the-Middle attacks, and has a hardcoded empty API key, although this tool is optional.
Updated: 2026-01-18GitHub
39
12
High Cost
edwarddjss icon

ExpoSnap

by edwarddjss

Sec7

Enables AI assistants to view and analyze screenshots from React Native/Expo applications for AI-powered mobile UI development.

Setup Requirements

  • ⚠️Requires Node.js (>=20) to run the server.
  • ⚠️Requires manual integration of `ScreenshotWrapper` into the target React Native/Expo application.
  • ⚠️Relies on local network auto-discovery or manual configuration in the IDE's MCP settings, which might necessitate firewall adjustments or specific network setups.
Verified SafeView Analysis
The HTTP server uses a wide-open CORS policy (`Access-Control-Allow-Origin: *`), which is convenient for local development but poses a security risk in a production environment by allowing any domain to interact with it. File uploads are handled using `multer` and are saved to an internally managed directory with internally generated filenames, mitigating common path traversal vulnerabilities. No explicit 'eval' or direct command injection vectors with unsanitized user input were found. The auto-discovery feature actively scans local IP ranges, which could lead to unintended exposure on less controlled networks, though the server still requires specific endpoints to be hit.
Updated: 2025-12-10GitHub
39
11
Low Cost
microsoft icon

devbox-mcp-server

by microsoft

Sec5

Seamlessly integrate AI agents with Microsoft Dev Box services for natural language interactions to manage Dev Boxes, configurations, and pools.

Setup Requirements

  • ⚠️Node.js 18 or newer is required.
  • ⚠️Azure subscription with a provisioned Dev Center, at least one project, and appropriate RBAC permissions on Dev Center resources are necessary.
  • ⚠️Requires an MCP client, such as Visual Studio Code with GitHub Copilot extension or Visual Studio 2022 (version 17.14 or later).
  • ⚠️Authentication requires being logged into Windows SSO (Web Account Manager), Azure CLI, or configured with Azure environment variables with necessary permissions.
Verified SafeView Analysis
A full security audit is not possible as the actual source code for the `@microsoft/devbox-mcp` npm package was not provided for analysis. The provided `README.md` and `SECURITY.md` do not contain executable code. The installation uses `npx`, which downloads and runs a package directly, inherently trusting its contents. Authentication relies on robust Azure mechanisms like `DefaultAzureCredential` and WAM, minimizing risks of hardcoded secrets. No 'eval' or malicious patterns were found in the truncated files provided.
Updated: 2025-12-12GitHub
39
9
High Cost

openzim-mcp

by cameronrye

Sec9

Enables Large Language Models (LLMs) to intelligently access, search, and navigate content within offline ZIM knowledge archives, providing structured information for research, chatbots, and content analysis systems.

Setup Requirements

  • ⚠️Requires manual download and management of ZIM files from external sources (e.g., Kiwix Library) into a designated directory.
Verified SafeView Analysis
The server is designed for structured access to local ZIM files and explicitly implements input validation and path traversal protection. It uses CodeQL and SonarCloud for security analysis. However, like any local file server, exposing it directly to untrusted public networks without robust authentication and authorization measures would be a significant security risk, as it grants programmatic access to local file content.
Updated: 2025-11-17GitHub
PreviousPage 100 of 760Next