Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

38
9
Low Cost
meloncafe icon
Sec9

Provides remote, authenticated access to ChromaDB for AI assistants like Claude, enabling semantic search and vector database operations from various platforms and locations.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for recommended installation and full stack operation (ChromaDB + MCP server).
  • ⚠️Requires `MCP_AUTH_TOKEN` to be configured as a strong, randomly generated token for public internet access (e.g., via Tailscale Funnel or Cloudflare Tunnel); authentication is disabled by default if not set.
  • ⚠️A running ChromaDB instance is required, which is automatically provisioned when using Docker Compose.
Verified SafeView Analysis
The server demonstrates a very strong commitment to security. It includes extensive measures such as input sanitization (preventing log injection, ANSI escape sequences, prototype pollution), strict origin header validation (DNS rebinding protection), a comprehensive set of security headers (CSP, HSTS, X-Frame-Options, etc.), rate limiting, and timing-safe token comparison to prevent timing attacks. Authentication is unified across MCP and REST API endpoints, with warnings for less secure query parameter authentication in production. The project actively uses static analysis tools (DeepSource, CodeQL, Dependabot) and has a detailed security policy. No `eval` or obfuscation was found. The core functionality as a proxy for ChromaDB means it mediates access and enhances security for the underlying database, which is typically not exposed directly. It does, however, expose an `/mcp` endpoint and a proxied `/api/v2/*` for ChromaDB, requiring careful configuration of `MCP_AUTH_TOKEN` for public deployments.
Updated: 2026-01-18GitHub
38
1
Medium Cost

NixSearch.NET

by playday3008

Sec9

Enables AI assistants to search and explore NixOS packages, options, and flakes by integrating with the search.nixos.org Elasticsearch backend via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires .NET 9.0 SDK or later for building and running.
  • ⚠️For AWS Lambda deployment of the MCP server, AWS CLI must be configured.
Verified SafeView Analysis
The project is a standard client/server application. It connects outbound to the public search.nixos.org Elasticsearch backend. The MCP server, if run locally, would listen for inbound connections, but its primary deployment target is AWS Lambda, which provides robust security. No obvious use of 'eval' or obfuscation is indicated. Standard practices for securing a .NET application and AWS Lambda deployment should be followed.
Updated: 2025-11-17GitHub
38
12
Medium Cost
gbrigandi icon

mcp-server-cortex

by gbrigandi

Sec9

This server acts as a bridge, exposing Cortex threat intelligence analysis capabilities as tools consumable by Model Context Protocol (MCP) clients, such as large language models (LLMs).

Setup Requirements

  • ⚠️Requires a separate, running Cortex instance with network access from this server.
  • ⚠️Requires a Cortex API key with permissions to list analyzers and run jobs.
  • ⚠️Specific Cortex analyzers (e.g., AbuseIPDB, VirusTotal, Urlscan.io, AbuseFinder) must be enabled and correctly configured within the Cortex instance, often requiring their own external API keys.
  • ⚠️Requires the Rust toolchain installed to build from source (pre-compiled binaries are available).
Verified SafeView Analysis
The server correctly retrieves sensitive API keys (CORTEX_API_KEY) from environment variables rather than hardcoding them. It implements robust input validation for IPs, URLs, and hashes, preventing the analysis of private IPs, malicious URL schemes (e.g., `javascript:`, `file:`), or malformed inputs. The overall security is contingent on the proper configuration and security of the underlying Cortex instance and its integrated analyzers.
Updated: 2025-12-06GitHub
38
13
Medium Cost
nickzren icon

opentargets-mcp

by nickzren

Sec9

Serves as a Model Context Protocol (MCP) server exposing the Open Targets Platform GraphQL API as a set of structured tools for AI agents and other MCP-compatible clients to access biomedical data.

Setup Requirements

  • ⚠️Requires Python 3.12+.
  • ⚠️The 'thefuzz' library is optional; without it, the 'search_suggestions' tool will not function.
  • ⚠️Requires external network access to the Open Targets Platform GraphQL API (api.platform.opentargets.org by default).
Verified SafeView Analysis
The server uses `os.getenv` for configuration, avoiding hardcoded secrets. It acts as a proxy to the Open Targets GraphQL API by default. The `graphql_query` tool explicitly rejects mutations, preventing unintended data modifications through this interface. The primary network risk is to the configured `OPEN_TARGETS_API_URL`; if a user reconfigures it to a malicious endpoint, it would be a user-side risk, not an inherent flaw in the server's design. All network interactions are handled with `aiohttp.ClientSession` and include basic error handling.
Updated: 2026-01-16GitHub
38
1
Medium Cost
GitHub30 icon

ssl-mcp-server

by GitHub30

Sec8

Provides an MCP server for performing SSL certificate operations like retrieval, generation, and parsing.

Setup Requirements

  • ⚠️Requires Python environment setup with specific dependencies (fastmcp, pyopenssl, cryptography).
  • ⚠️Requires outbound internet access for the `get_certificate_and_chain` tool to fetch remote certificates.
Verified SafeView Analysis
The server's tools, particularly `get_certificate_and_chain` (which makes outbound network requests to arbitrary hostnames and ports) and `generate_self_signed_cert` (which generates private keys), should be deployed with careful consideration of access control. While the implementation uses secure libraries (`cryptography`, `pyopenssl`) and does not show signs of direct vulnerabilities like `eval` or command injection, the nature of the functions means that if exposed publicly without authentication, they could be misused (e.g., for port scanning, or generating sensitive key material for unauthorized parties). The `readOnlyHint: True` annotation for `generate_self_signed_cert` might be misleading as it generates new, sensitive data (private key).
Updated: 2025-11-27GitHub
38
4
Low Cost
n2ns icon

n2n-nexus

by n2ns

Sec8

A local digital asset hub designed for multi-AI assistant collaboration, integrating real-time meeting rooms with structured asset vaults for project management.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️The `better-sqlite3` native module is preferred for concurrent multi-IDE environments. If it fails to install, the server will fall back to a single-process JSON storage mode, limiting concurrency.
Verified SafeView Analysis
The server incorporates several good security practices, including input validation (e.g., path traversal prevention for file uploads via `FileNameSchema`), masking internal paths in error messages, and using mutexes for concurrency control on shared files. Privileged operations are restricted to 'Host' instances. The default network bind address is `0.0.0.0`, which makes the server accessible from any network interface by default; while common for local development, this could be a minor concern in certain environments without proper firewalling, as communication is over unencrypted HTTP/SSE for local connections.
Updated: 2026-01-19GitHub
38
11
Low Cost
JamesANZ icon

memory-mcp

by JamesANZ

Sec8

Provides persistent memory and intelligent context window caching for LLM conversations within AI coding environments.

Setup Requirements

  • ⚠️Requires Node.js 18+ and npm installed.
  • ⚠️Requires a running MongoDB instance (defaults to 'mongodb://localhost:27017', but custom URI needs to be set via MONGODB_URI environment variable).
  • ⚠️Manual setup for Claude Desktop involves editing a JSON config file or running an automated script that modifies the config.
Verified SafeView Analysis
The server uses standard Node.js practices and connects to MongoDB. Communication with clients (like Cursor or Claude Desktop) occurs via standard I/O (stdio), limiting direct network exposure. No 'eval' or obvious code obfuscation was found. The primary security considerations are proper configuration and securing the MongoDB instance, as sensitive conversation data is stored there. The `postinstall` script modifies Claude Desktop's configuration, which is an expected integration step but involves file system modification. Overall, it appears designed with a reasonable security posture for its intended use case.
Updated: 2025-12-10GitHub
38
13
Medium Cost
doitintl icon

doit-mcp-server

by doitintl

Sec8

Provides a Model Context Protocol (MCP) interface to the DoiT API, allowing Large Language Models (LLMs) to access and analyze cloud cost data, anomalies, reports, invoices, and support tickets for troubleshooting and analysis.

Setup Requirements

  • ⚠️Requires a DoiT API Key with appropriate permissions for authentication.
  • ⚠️Deployment to Cloudflare Workers involves creating and configuring KV Namespace and Durable Object bindings using the `wrangler` CLI.
  • ⚠️Requires Node.js v18 or higher for local development and deployment tools.
Verified SafeView Analysis
The server handles API keys through an OAuth flow and environment variables (DOIT_API_KEY), which is a standard and generally secure practice. JWT decoding uses `atob`, which is safe for decoding data, not executing code. Running on Cloudflare Workers provides a sandboxed environment, enhancing security. No 'eval' or other obviously dangerous patterns were found. Key management relies on secure configuration of environment variables/bindings in the Cloudflare environment.
Updated: 2026-01-13GitHub
38
11
Medium Cost
EOSC-Data-Commons icon

data-commons-mcp

by EOSC-Data-Commons

Sec8

A server that facilitates natural language search for open-access scientific datasets and tools using a Large Language Model (LLM) and the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires access to a pre-indexed OpenSearch instance.
  • ⚠️Requires API keys for at least one LLM provider (e.g., e-INFRA CZ, Mistral.ai, OpenRouter), which are typically paid services.
  • ⚠️The frontend web application must be built and manually copied into the server's `src/data_commons_search/webapp` directory, introducing an additional setup step.
Verified SafeView Analysis
The project demonstrates good practices by using Pydantic models for input validation, which helps prevent data injection and ensures data integrity. API keys for LLM providers are externalized in a `keys.env` file and handled as `SecretStr` types by Pydantic, preventing hardcoded secrets in the codebase. The `/chat` endpoint offers an optional `CHAT_API_KEY` for authentication, which is crucial for preventing abuse in public deployments, though leaving it unset bypasses this protection. General LLM prompt injection risks apply, but the current agent design with predefined tools and prompts for specific tasks (like search and reranking) limits the scope for arbitrary code generation or unintended actions.
Updated: 2026-01-13GitHub
38
12
High Cost
ali-kh7 icon
Sec9

Facilitates comprehensive web research and data aggregation from diverse sources using Tavily APIs to generate structured information for LLM-powered markdown documentation.

Setup Requirements

  • ⚠️Requires TAVILY_API_KEY environment variable (Tavily is a paid service).
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Hardware acceleration (WebGPU) is an optional feature and requires compatible hardware/OS for functionality.
Verified SafeView Analysis
The server securely handles `TAVILY_API_KEY` via environment variables. It avoids `eval` or obfuscation. File output paths are configurable, defaulting to a timestamped folder within the user's documents; however, a malicious calling agent could potentially specify an unsafe `output_path`. The `hardware_acceleration` feature modifies `NODE_OPTIONS` to enable WebGPU, a powerful but controlled runtime modification for performance.
Updated: 2025-12-15GitHub
38
10
High Cost
grafana icon

mcp-k6

by grafana

Sec9

The mcp-k6 server provides an experimental Model Context Protocol (MCP) interface for k6, enabling script validation, test execution, documentation browsing, and guided script generation for performance testing workflows.

Setup Requirements

  • ⚠️Requires 'k6' executable to be installed and available in the system's PATH.
  • ⚠️Requires Docker for the recommended installation method.
  • ⚠️Initial setup (native or Docker without pre-pulled image) requires internet access to clone git repositories for documentation and type definitions.
Verified SafeView Analysis
The project demonstrates strong security awareness by actively validating script content for dangerous patterns (e.g., 'eval', 'child_process'), sanitizing output to prevent information leakage, and restricting the environment for executing external commands (k6, terraform). Temporary files are created securely with proper permissions and cleanup. A potential minor risk lies in the file reading mechanism for Playwright script conversion, where path normalization mitigates but might not entirely eliminate all edge cases for file disclosure.
Updated: 2026-01-19GitHub
38
7
Medium Cost
faxenoff icon
Sec7

Provides AI agents with semantic analysis and modification capabilities for C# codebases using Roslyn.

Setup Requirements

  • ⚠️.NET 10 SDK and C++ build tools (for Windows Native AOT) or Clang (for Linux Native AOT) are required for building.
  • ⚠️Docker (for TEI) or Ollama (for local LLMs/embeddings) is required for full semantic capabilities.
  • ⚠️The `claude_desktop_config.json` requires specific path formatting with double backslashes (`\\`).
Verified SafeView Analysis
The project is designed to enhance code security by including vulnerability scanning and LLM-based analysis for hardcoded secrets, SQL injection, and XSS. However, the Overlord server processes arbitrary code submissions (e.g., from pre-commit hooks), which introduces inherent risks. While security features are integrated into the analysis, network-level authentication and authorization for Overlord deployments, especially if exposed publicly, would be critical and are not explicitly detailed in the core MCP documentation.
Updated: 2026-01-15GitHub
PreviousPage 111 of 760Next