Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

39
12
Medium Cost
4regab icon

tasksync-mcp

by 4regab

Sec9

Facilitates feedback-oriented AI-assisted development by enabling real-time user feedback and media viewing for agents, reducing speculative operations and improving efficiency.

Setup Requirements

  • ⚠️Requires Node.js and npm/npx runtime environment.
  • ⚠️Must explicitly specify allowed directories on startup (`/path/to/directory`), or the server will default to only allowing access within the current working directory, which might be too restrictive.
  • ⚠️The `get_feedback` tool will block the agent for up to 5 minutes (by default) while waiting for user input, requiring active user participation.
Verified SafeView Analysis
The server implements robust path validation using `fs.realpath` to resolve symlinks and ensure all file operations occur strictly within a set of 'allowed directories' provided at startup or defaulting to the current working directory. This prevents directory traversal and symlink attacks. Atomic file writes are used to maintain data integrity. No direct `eval` calls or obfuscation were found. The server's dependency on `minimatch` for file searching is standard. Dynamic root updates from the MCP client are also validated through `getValidRootDirectories` which also performs `fs.realpath` checks. A high score due to strong path validation.
Updated: 2026-01-17GitHub
39
6
High Cost
Flux159 icon
Sec7

An MCP server for generating various game development assets, including images, videos, audio, and 3D models using multiple AI providers.

Setup Requirements

  • ⚠️Requires OPENAI_API_KEY environment variable (Paid API)
  • ⚠️Requires GEMINI_API_KEY environment variable (Paid API)
  • ⚠️Requires FAL_AI_API_KEY environment variable (Paid API)
  • ⚠️Requires 'curl' command-line tool to be installed and available in the system's PATH.
Verified SafeView Analysis
The server uses file system operations (read/write/delete) and 'curl' commands with 'outputPath' and 'inputImagePath' parameters directly from user input. Without explicit path sanitization (e.g., ensuring paths are confined to a specific output directory), a malicious client could potentially exploit path traversal vulnerabilities to write to or read from arbitrary file system locations. API keys are handled securely via environment variables. Temporary file management for large requests is robust with proper cleanup.
Updated: 2025-12-06GitHub
39
11
Medium Cost

saleor-mcp

by saleor

Sec7

Provides a Python-based GraphQL API server, likely serving as a backend microservice or API for a Saleor e-commerce ecosystem.

Setup Requirements

  • ⚠️Docker required for containerized deployment
  • ⚠️Requires a Python 3.x environment with 'uv' for local development or dependency management
  • ⚠️Likely requires a PostgreSQL database (common for Saleor components)
Verified SafeView Analysis
Based solely on file names, there are no immediate red flags like 'eval' or obfuscation. However, a full security audit would require reviewing the source code in 'src' and specific dependency versions in 'uv.lock' for vulnerabilities. Standard security practices for a Python/GraphQL API server are assumed.
Updated: 2025-11-18GitHub
39
9
Low Cost
kevyder icon

banrepco_mcp

by kevyder

Sec8

Provides a remote Model Context Protocol (MCP) server for accessing Colombian financial indicators like inflation and exchange rates (TRM) for integration with AI models and tools.

Setup Requirements

  • ⚠️Requires deployment on Cloudflare Workers platform.
  • ⚠️Requires the `BAN_REP_CO_API_URL` environment variable to be configured, pointing to the external financial data API.
  • ⚠️Requires Cloudflare Durable Objects (`MCP_OBJECT`) to be configured and bound.
Verified SafeView Analysis
The project uses Zod for input validation, which is good practice to prevent common injection vulnerabilities. It makes HTTP GET requests to an external API whose base URL is configured via an environment variable (`BAN_REP_CO_API_URL`). There are no direct hardcoded secrets in the provided code snippets. The `HttpClient` includes a `console.error` for API request failures, which is helpful for debugging but could potentially leak internal error messages if not handled carefully in production. The system relies on the `BAN_REP_CO_API_URL` being securely configured and pointing to a trusted external data source. No `eval` or similar dangerous functions were found.
Updated: 2025-12-03GitHub
39
11
Medium Cost
mhalder icon
Sec9

This server provides semantic search capabilities using Qdrant vector database, primarily focused on code vectorization for intelligent codebase indexing and semantic code search, as well as general document search.

Setup Requirements

  • ⚠️Requires Node.js 22+ to run.
  • ⚠️Requires Qdrant and Ollama (default embedding provider) to be running, typically via Podman or Docker Compose, and the Ollama embedding model (`nomic-embed-text`) must be pulled.
  • ⚠️API keys are required for OpenAI, Cohere, and Voyage AI embedding providers if not using Ollama, and for secured Qdrant instances.
Verified SafeView Analysis
The server includes path validation (`validatePath`) to prevent directory traversal attacks. For HTTP transport, the README explicitly warns users to run it behind a reverse proxy with HTTPS, implement authentication/authorization at the proxy level, use firewalls, and not expose it directly to the public internet without protection. API keys for cloud embedding providers and Qdrant are sourced from environment variables. The `MetadataExtractor` module also includes basic secret detection logic within code chunks, enhancing overall security awareness.
Updated: 2026-01-18GitHub
39
16
Medium Cost
wondeks icon

unity-mcp

by wondeks

Sec4

Facilitate AI client interaction with the Unity Editor to automate development actions and workflows.

Setup Requirements

  • ⚠️Requires Unity Editor (2022.3 or later).
  • ⚠️Requires Python 3.12 or later.
  • ⚠️Requires `mcp[cli]` Python library and other dependencies specified in `pyproject.toml`.
  • ⚠️The C# counterpart (Unity-MCP package) must be installed and active in the Unity Editor project to establish a connection.
Review RequiredView Analysis
The server connects to the Unity Editor locally via a socket and proxies commands from an MCP client (e.g., Claude Desktop, Cursor). While the default connection is to 'localhost', assuming a trusted environment, there are significant risks: 1. Script Execution: Tools like `create_script` and `update_script` directly pass arbitrary C# code content from the AI client to Unity for creation/modification. If the AI client (or its input) is compromised, this allows arbitrary code execution within the Unity Editor environment, which can lead to full system compromise upon compilation and execution. 2. Command Execution: The `execute_command` tool allows running various Unity Editor commands. While it can validate against available commands, a malicious command could still perform sensitive operations. 3. Asset Manipulation: `import_asset` and `create_prefab` can lead to injecting or modifying potentially harmful assets or configurations if a malicious source is provided. There is no sandboxing or robust content validation for AI-generated code or commands before they are sent to the Unity Editor. The system design inherently trusts the AI's output to be non-malicious.
Updated: 2026-01-19GitHub
39
10
Medium Cost

mcp-instana

by instana

Sec7

Serves as a bridge between AI agents/custom tools and Instana REST APIs to access real-time observability data within a development workflow.

Setup Requirements

  • ⚠️Requires a valid IBM Instana account and API token for authentication.
  • ⚠️Needs an MCP-compatible client (e.g., Claude Desktop, GitHub Copilot) to connect to and utilize the server.
  • ⚠️For development setup, requires the 'uv' Python package installer.
Verified SafeView Analysis
The server processes sensitive Instana API tokens, which are handled via HTTP headers (Streamable HTTP mode) or environment variables (Stdio mode). It listens on a local port (default 8080) and makes outbound calls to the Instana API. Proper management of Instana credentials and network access is crucial for security.
Updated: 2025-11-17GitHub
39
15
Low Cost
ZizoTheDev icon

ffmpeg-mcp

by ZizoTheDev

Sec6

This server provides FFmpeg capabilities as tools, enabling automated media processing tasks like video speed manipulation and audio extraction via the Model Context Protocol.

Setup Requirements

  • ⚠️FFmpeg must be installed and accessible via system PATH or by setting the `FFMPEG_PATH` environment variable.
  • ⚠️Requires Node.js (v18+) or Bun runtime to execute.
Review RequiredView Analysis
The server uses `tinyexec` to execute FFmpeg commands, passing arguments as an array, which generally prevents classic shell injection vulnerabilities. However, the server does not perform input validation or sanitization on `input_file` or `output_file` paths. This could allow an attacker to specify arbitrary file paths (e.g., using `../` for directory traversal or absolute paths) for FFmpeg to read from or write to, leading to potential arbitrary file system access, data leakage, or overwriting sensitive files, depending on the server's permissions.
Updated: 2025-12-15GitHub
39
18
Medium Cost
leshchenko1979 icon

fast-mcp-telegram

by leshchenko1979

Sec9

Enables AI assistants to interact with Telegram for messaging, search, and contact management via a standardized MCP interface.

Setup Requirements

  • ⚠️Requires Telegram API_ID and API_HASH from my.telegram.org/apps.
  • ⚠️Requires a phone number (for user account) or bot token (for bot account) for initial authentication via an interactive CLI or web setup flow.
  • ⚠️Requires Python 3.10+.
  • ⚠️For HTTP_AUTH mode, securely managing the generated Bearer token is critical as it grants full access to the associated Telegram account. Session files (e.g., ~/.config/fast-mcp-telegram/) need to be persisted via Docker volume mounts in containerized deployments.
Verified SafeView Analysis
The project demonstrates a strong focus on security, especially for SSRF prevention, Bearer token authentication, session isolation, and dangerous Telegram API method blocking. File handling restricts local file access to stdio mode. While `invoke_mtproto` allows direct API access (inherently increasing surface area), it is protected by default by a denylist for dangerous operations and requires explicit opt-in. Proper management of Bearer tokens is critical as they grant full account access.
Updated: 2026-01-19GitHub
39
7
High Cost
KSAklfszf921 icon

Skolverket-MCP

by KSAklfszf921

Sec9

Provides AI assistants access to Skolverket's open APIs (Läroplan, Skolenhetsregistret, Planned Educations) for searching, comparing, and analyzing Swedish education data and statistics.

Setup Requirements

  • ⚠️The `SKOLVERKET_API_KEY` environment variable might become a mandatory requirement for Skolverket's APIs in the future, although it currently defaults to optional.
  • ⚠️Requires Node.js version 18.0.0 or higher to run.
  • ⚠️Local installation guides require users to provide an absolute file path to the `dist/index.js` file, which can be a common point of user error.
Verified SafeView Analysis
The server uses explicit allow-listing for tool execution, meaning only pre-defined functions can be called, significantly mitigating arbitrary code execution risks. Environment variables (`process.env`) are used for sensitive configurations like API keys, preventing hardcoding. Input validation is performed for tool parameters. The use of `execSync` is limited to a build script, not the runtime server. Cross-Origin Resource Sharing (CORS) is enabled with a wildcard origin (`*`) in the HTTP server, which is common for APIs but could be tightened if specific client origins are known.
Updated: 2025-12-08GitHub
39
17
High Cost
phil65 icon

LLMling

by phil65

Sec3

A declarative Python framework for building LLM applications, managing resources, prompts, and tools, serving as a backend for MCP servers and Pydantic-AI agents.

Setup Requirements

  • ⚠️Requires Python 3.13+ (as per pyproject.toml).
  • ⚠️Requires 'mcp-server-llmling' package to be installed to run as an MCP server.
  • ⚠️Optional dependencies like 'watchfiles' (for file watching), 'pygit2'/'GitPython' (for Git repository resources), and 'httpx' (for HTTP requests) may be needed for specific features, or third-party tool integrations (e.g., 'crewai', 'langchain_core', 'autogen_core').
Review RequiredView Analysis
The `register_code_tool` functionality in `src/llmling/config/runtime.py` uses `exec()` to dynamically execute Python code provided by the LLM. This is a critical security risk as a malicious or compromised LLM could execute arbitrary code. Additionally, resource loaders and toolsets (e.g., `PathResourceLoader`, `RepositoryResourceLoader`, `OpenAPITools`) allow access to arbitrary external URLs and Git repositories, posing risks like Server-Side Request Forgery (SSRF) and arbitrary file downloads. Proper sandboxing, strict input validation, and careful permission management are crucial if exposing these capabilities to an LLM, especially with untrusted input.
Updated: 2025-12-09GitHub
39
16
Medium Cost
yotsuda icon

PowerShell.MCP

by yotsuda

Sec6

Enables AI assistants to execute arbitrary PowerShell commands and CLI tools for system automation, development tasks, and data analysis in a persistent, shared console environment.

Setup Requirements

  • ⚠️Requires PowerShell 7.2+ installed.
  • ⚠️Requires a compatible MCP client like Claude Desktop, which needs manual JSON configuration (e.g., modifying `claude_desktop_config.json`).
  • ⚠️On Linux/macOS, manual execution permission (`chmod +x`) is required for the proxy executable.
  • ⚠️Potential PATH issues on macOS where Homebrew-installed PowerShell might not be found by the proxy without a symlink or explicit PATH modification in the proxy's launcher logic.
Verified SafeView Analysis
The server uses local-only named pipes for communication, significantly mitigating network exposure risks. However, its core functionality, particularly the `invoke_expression` tool, grants AI complete and unrestricted PowerShell access to the host system. This is a deliberate design choice for powerful system interaction but inherently carries a high risk if the MCP client or the AI itself is compromised or untrusted. The project's documentation explicitly warns users about this and recommends use only in trusted environments.
Updated: 2026-01-12GitHub
PreviousPage 103 of 760Next