Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

38
2
Medium Cost
IBM icon
Sec3

A local Model Context Protocol (MCP) server enabling AI agents to securely interact with IBM OpenPages GRC platform.

Setup Requirements

  • ⚠️Requires Python 3.11+
  • ⚠️Requires access to an IBM OpenPages instance with valid authentication credentials (username/password or API key)
  • ⚠️Requires manual configuration of connection and authentication details in a `.env` file
Review RequiredView Analysis
Direct f-string concatenation of user-provided arguments (e.g., `name_filter`, `status_filter`, `sort_by` fields, `sort_by.order`) into SQL queries in `generic_object_tools.py` creates a significant SQL injection vulnerability. The `SSL_VERIFY` setting can be disabled for development, posing a risk if left `False` in production environments, potentially exposing traffic to eavesdropping.
Updated: 2026-01-17GitHub
38
12
Low Cost
giantswarm icon

muster

by giantswarm

Sec8

Muster is a control plane that aggregates and manages Model Context Protocol (MCP) servers, providing AI agents with intelligent tool discovery, dynamic service orchestration, and workflow automation for infrastructure management.

Setup Requirements

  • ⚠️Requires Kubernetes 1.21+ and Helm 3.0+ for production deployment via the provided Helm chart.
  • ⚠️Muster is an aggregator; it needs external Model Context Protocol (MCP) servers (e.g., `mcp-kubernetes`, `mcp-prometheus`) to provide actual tools for infrastructure interaction. Without these, it primarily offers its core management tools.
  • ⚠️For building from source or local development, a Go development environment is required to compile the `muster` binary.
Verified SafeView Analysis
The project is open-source and provides strong security features like RBAC profiles and session-scoped tool visibility in its Kubernetes deployment. However, configurable options can introduce risks: - The `--yolo` flag, which disables denylists for destructive tool calls, must be used with extreme caution and avoided in production environments. - Exposing the aggregator API (`muster.aggregator.host: "0.0.0.0"`) without proper external network policies and OAuth authentication (enabled via `muster.oauth.enabled` in Helm) can lead to unauthorized access. - While OAuth tokens are stored in-memory by default, the option to configure persistent storage using `valkey` (`muster.oauthServer.storage.type: "valkey"`) introduces an external dependency that requires its own robust security management. - SSO Token Forwarding, though designed for seamless authentication, requires careful configuration of `TrustedAudiences` on downstream MCP servers to prevent token misuse, as emphasized in the documentation's security best practices.
Updated: 2026-01-19GitHub
38
1
Medium Cost

mcp-ocr

by ForceInjection

Sec8

Provides an OCR server leveraging Kimi API for image text extraction via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a Kimi API Key (Paid service) for text extraction.
  • ⚠️Python and pip must be installed to manage dependencies.
Verified SafeView Analysis
The server itself listens for requests and consumes an external paid API (Kimi API). API keys are configured via environment variables or a local file, requiring careful protection. No obvious 'eval' or obfuscation risks are present in the provided description. Standard network security practices should be applied when deploying the server.
Updated: 2025-11-17GitHub
38
16
Medium Cost
hmake98 icon

nestjs-starter

by hmake98

Sec9

A production-ready NestJS boilerplate for building scalable, enterprise-grade APIs with JWT authentication, PostgreSQL/Prisma, AWS S3/SES, Bull/Redis queues, Docker/Kubernetes support, and AI capabilities via Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires AWS credentials (AWS_ACCESS_KEY, AWS_SECRET_KEY, AWS_S3_BUCKET, AWS_SES_SOURCE_EMAIL) for S3 and SES features.
  • ⚠️Kubernetes deployment requires manual updates to `secret.yaml` (critical secrets), `app-deployment.yaml` (Docker image registry), and `ingress.yaml` (domain configuration).
  • ⚠️Database (PostgreSQL) and Redis instances are required, either locally or via Docker/Kubernetes deployment, and `DATABASE_URL` must be correctly configured.
Verified SafeView Analysis
The server employs strong security practices including Argon2 for password hashing, AES-256-GCM for data encryption, JWT for authentication, RBAC for authorization, global validation pipes, Helmet for security headers, and Pino for structured logging with sensitive data redaction. Sentry integration is used for error tracking and reporting. Kubernetes secrets are used for sensitive environment variables. A critical note is that the `secret.yaml` template contains default secrets that MUST be updated by the user in a production environment to prevent vulnerabilities.
Updated: 2025-11-27GitHub
38
11
Low Cost
gbrigandi icon

mcp-server-thehive

by gbrigandi

Sec7

Provides AI models and automation tools with programmatic access to TheHive incident response platform for security operations and case management.

Setup Requirements

  • ⚠️Requires access to a TheHive 5 instance.
  • ⚠️A valid TheHive API token must be provided via the `THEHIVE_API_TOKEN` environment variable.
  • ⚠️The `VERIFY_SSL` environment variable defaults to `false`. For production deployments, it must be explicitly set to `true` to ensure secure (SSL/TLS) communication.
Verified SafeView Analysis
The server uses environment variables for sensitive API tokens (`THEHIVE_API_TOKEN`), which is good practice. It communicates with TheHive via HTTP(S) requests. A notable security concern is the default `VERIFY_SSL=false` setting for API connections; this should be explicitly set to `true` in production environments to prevent Man-in-the-Middle attacks. There are no `eval` or similar dynamic code execution functions from untrusted input. Test files contain a hardcoded `test_token`, but this is isolated to the testing environment.
Updated: 2025-12-06GitHub
38
8
Low Cost
fr0ster icon

mcp-abap-adt

by fr0ster

Sec1

MCP server for integrating with SAP ABAP Development Tools (ADT) to perform read, write, and system operations on ABAP objects.

Setup Requirements

  • ⚠️Requires an accessible SAP ABAP system (Cloud or S4HANA).
  • ⚠️Mandatory authentication configuration (SAP_URL, SAP_CLIENT, and credentials) via .env file or AuthBroker service keys.
  • ⚠️Node.js runtime environment is required.
  • ⚠️Transport requests are necessary for write operations to SAP systems.
  • ⚠️Critical security vulnerability: The path validation in `writeResultToFile` is explicitly disabled, allowing arbitrary file writes to the server's filesystem.
Review RequiredView Analysis
Critical vulnerability: The `writeResultToFile` function has its path validation disabled, allowing arbitrary file writes to any location on the file system where the server is running. This poses a severe risk of system compromise if a handler is invoked with untrusted file paths. Additionally, while configurable, listening on all network interfaces (`0.0.0.0`) requires robust network segmentation and client-side credential management to prevent unauthorized access. The extensive use of `process.env` for sensitive configurations means that the environment must be secured.
Updated: 2026-01-13GitHub
38
9
Medium Cost
ysntony icon

tiktok-ads-mcp

by ysntony

Sec9

Provides a read-only Model Context Protocol (MCP) server for interacting with the TikTok Business API to retrieve advertising campaign data and performance reports.

Setup Requirements

  • ⚠️Requires Python 3.14.0 or higher, which is a future release and may not be readily available in current environments. This is specified in `pyproject.toml`.
  • ⚠️Requires TikTok Business API access and valid credentials (App ID, App Secret, and Access Token) which must be obtained from the TikTok for Business Developers portal.
  • ⚠️Assumes operation within an MCP client environment (e.g., Cursor) for proper tool discovery and invocation via `stdio` transport.
Verified SafeView Analysis
Credentials are loaded securely from environment variables. Uses standard HTTP client (httpx) with robust retry logic (tenacity) for external API calls. Input filtering mechanisms utilize `json.dumps` for serialization, which prevents direct code injection. All stated operations are read-only, significantly limiting potential for malicious actions. No 'eval', 'exec', or other highly dangerous patterns were detected in the provided source code.
Updated: 2025-11-26GitHub
38
20
Medium Cost
perses icon

mcp-server

by perses

Sec8

The Perses MCP Server enables LLM hosts (e.g., Claude Desktop, VS Code) to interact with the Perses Application in a standardized way using the Model Context Protocol.

Setup Requirements

  • ⚠️Requires a running Perses backend server (`PERSES_SERVER_URL` must be accessible).
  • ⚠️Requires a `PERSES_TOKEN` obtained via `percli`, which must be set as an environment variable.
  • ⚠️The `PERSES_TOKEN` has a default expiration of 15 minutes, requiring frequent re-authentication or backend configuration changes for longer sessions.
Verified SafeView Analysis
The server correctly handles the 'PERSES_TOKEN' via an environment variable, preventing hardcoding. It integrates with a backend Perses API using this token for authentication. No direct use of 'eval' or similar dynamic code execution is observed. Network risks are standard for a server application, particularly in 'streamable-http' mode where it binds to a port. The 'beta' status noted in the README suggests potential for changes or undiscovered issues, but the overall code structure for security appears sound.
Updated: 2026-01-09GitHub
38
10
Medium Cost
itcaat icon

teamcity-mcp

by itcaat

Sec5

A Model Context Protocol (MCP) server that exposes JetBrains TeamCity functionalities as structured, AI-ready resources and tools for LLM agents and IDE plugins.

Setup Requirements

  • ⚠️Requires a running JetBrains TeamCity instance.
  • ⚠️Requires a TeamCity API Token for authentication with the TeamCity server.
  • ⚠️Client-to-MCP Server authentication (HMAC) is optional and disabled by default if `SERVER_SECRET` is not configured, which is critical for secure deployment.
Review RequiredView Analysis
The server's client-to-server HMAC authentication is optional via the `SERVER_SECRET` environment variable; if not set, the MCP server operates without authentication, posing a significant risk if exposed publicly. The WebSocket `CheckOrigin` is set to `true` by default, which is insecure for production and allows connections from any origin, requiring manual configuration for security. No instances of `eval` or code obfuscation were found. Sensitive configurations (like `TC_TOKEN`) are loaded from environment variables, preventing hardcoded secrets in the source.
Updated: 2025-12-09GitHub
38
11
Medium Cost
piotr-agier icon

google-drive-mcp

by piotr-agier

Sec9

Provides an MCP server for secure integration and file management with Google Drive, Docs, Sheets, and Slides for AI clients.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher (LTS recommended).
  • ⚠️Needs a Google Cloud Project with Google Drive, Google Docs, Google Sheets, and Google Slides APIs explicitly enabled.
  • ⚠️OAuth 2.0 Credentials must be of type 'Desktop app' and provided via a `gcp-oauth.keys.json` file or `GOOGLE_DRIVE_OAUTH_CREDENTIALS` environment variable.
Verified SafeView Analysis
The server implements robust security measures including strong input validation (Zod schemas) for all tool arguments, secure OAuth 2.0 authentication (Desktop app type), and storage of tokens with restrictive file permissions (0600) in an XDG-compliant location. It avoids hardcoded secrets and uses reputable Google API client libraries. The OAuth flow runs on a local Express server on localhost, which gracefully shuts down after successful authentication, minimizing network attack surface. Comprehensive logging and error handling are present. The project structure and clear code facilitate auditability.
Updated: 2025-12-06GitHub
38
13
Medium Cost
aerugo icon

kolada-mcp

by aerugo

Sec9

Provides AI applications with tools to access and analyze Sweden's municipal and regional statistics from the Kolada API, enabling natural language queries against thousands of Key Performance Indicators (KPIs) through semantic search and data retrieval.

Setup Requirements

  • ⚠️Requires Python 3.11 or newer.
  • ⚠️Downloads a large (approx. 500MB+) language model (`KBLab/sentence-bert-swedish-cased`) for semantic search on first run or during Docker build, requiring bandwidth and disk space.
  • ⚠️Requires an active internet connection to `api.kolada.se` to fetch initial metadata and all data.
Verified SafeView Analysis
The server constructs URLs for the Kolada API based on user-provided KPI and municipality IDs. Input validation is performed by looking up IDs in cached maps and converting year strings to integers, which helps mitigate URL injection risks. The client also handles paginated responses, following `next_page` links provided by the Kolada API; this mechanism inherently trusts the upstream API to provide non-malicious URLs. No direct use of `eval`, `exec`, or hardcoded sensitive credentials detected. Overall, the approach is robust for interacting with a trusted external API.
Updated: 2025-11-30GitHub
38
1
High Cost
mrorigo icon

critique-mcp

by mrorigo

Sec9

Implements an Iterative Verification-First (Iter-VF) reasoning workflow as an MCP server to enhance LLM consistency by offloading sampling to a host.

Setup Requirements

  • ⚠️Requires an external Model Context Protocol (MCP) Host/Client running and connected (e.g., via STDIO) to provide actual LLM sampling capabilities.
  • ⚠️Requires a Node.js runtime (>=18.0.0 is recommended based on package dependencies).
  • ⚠️Requires `ts-node` for running in development mode (`npm run dev`).
Verified SafeView Analysis
The server implements strict Zod validation for all inputs and outputs, mitigating common injection risks. It delegates LLM interaction to an MCP host, meaning it does not handle API keys or direct model access, shifting that responsibility to the host. While `cross-spawn` (via `execa` in `vitest` dependencies) is used for test execution, it is not present in the main server runtime. Communication is via STDIO, reducing typical network exposure, but relies on a trusted execution environment. No 'eval' or obvious hardcoded secrets are present in the provided server code.
Updated: 2025-12-04GitHub
PreviousPage 109 of 760Next