Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

37
9
Medium Cost
RohanAnandPandit icon

trading212-mcp-server

by RohanAnandPandit

Sec9

This server provides a Model Context Protocol (MCP) interface for seamless data connectivity and advanced interaction capabilities with the Trading212 trading platform.

Setup Requirements

  • ⚠️Requires Trading212 API Key (TRADING212_API_KEY environment variable).
  • ⚠️Requires Python >= 3.11.
  • ⚠️Environment variable 'ENVIRONMENT' must be set to 'demo' or 'live' depending on the API key type.
Verified SafeView Analysis
The server primarily uses `os.getenv` for sensitive information like API keys, which is a good security practice. HTTP requests are handled by `httpx` with `hishel` for caching, standard and generally safe libraries. No 'eval' or direct un-sanitized shell command execution is observed. A minor concern is the generic `Exception` raised on HTTP errors in `_make_requests`, which might expose internal error details, though this is less critical in an MCP server context than a public API.
Updated: 2025-11-29GitHub
37
6
Medium Cost
EstebanForge icon

mcp-cli-ent

by EstebanForge

Sec6

Orchestrates Model Context Protocol (MCP) servers and their tools on-demand for AI agents, without loading tool definitions directly into the agent's context window.

Setup Requirements

  • ⚠️Requires Go 1.21+ for building from source.
  • ⚠️Requires Node.js and npx for most default MCP servers (e.g., chrome-devtools, context7, brave-search).
  • ⚠️Requires various API keys (e.g., ENT_CONTEXT7_API_KEY, ENT_BRAVE_API_KEY, ENT_OPENAI_API_KEY, ENT_ANTHROPIC_API_KEY) set as environment variables for specific servers.
Verified SafeView Analysis
The primary security consideration is that mcp-cli-ent's core function is to execute external commands (e.g., 'npx') as defined in user-editable configuration files (`mcp_servers.json`). If this configuration file is compromised or contains malicious command definitions, mcp-cli-ent will execute arbitrary code on the local system. The default `mcp_servers.example.json` utilizes `npx` to fetch and run `@latest` versions of external MCP servers (e.g., `chrome-devtools-mcp@latest`), introducing a supply-chain risk if these upstream npm packages are compromised. However, the Go source code itself does not contain obvious vulnerabilities like 'eval' or direct shell injection when constructing commands via `os/exec.CommandContext`, and environment variable substitution is handled safely with regular expressions. The daemon functionality is designed to run locally (localhost or Unix socket), limiting direct network exposure.
Updated: 2026-01-19GitHub
37
6
Low Cost
Sec8

A UI for interacting with AI models via OpenRouter and managing/utilizing MCP (Model Context Protocol) servers and their tools from a centralized catalog.

Setup Requirements

  • ⚠️Requires an OpenRouter API Key for AI model access (can be a paid service).
  • ⚠️Requires configuration with a real OIDC provider (e.g., Okta, Keycloak, Auth0) for production. Local development uses a simple mock OIDC provider.
  • ⚠️Relies on external MCP servers to be running and accessible for tool integration.
Verified SafeView Analysis
The application leverages external OIDC providers and OpenRouter for AI models. It connects to external MCP servers, which could pose a risk if server URLs or tools are not properly validated/trusted from the configured catalog. However, the provided code demonstrates standard security practices for token management (JWE, HTTP-only cookies, auto-refresh), environment variable usage for secrets, and uses a trusted authentication library ('better-auth'). Clear warnings are given for development secrets.
Updated: 2026-01-19GitHub
36
7
Low Cost
Sec8

Connects WordPress and WooCommerce to AI systems via Model Context Protocol, enabling AI agents to query and manage e-commerce data (products, orders, categories, shipping, payments, taxes) and content (posts, pages).

Setup Requirements

  • ⚠️Requires a running WordPress 6.4+ and PHP 8.0+ installation.
  • ⚠️WooCommerce must be active for the e-commerce-specific tools to function.
  • ⚠️WordPress Permalinks should be set to 'Post name' for proper product link generation.
  • ⚠️For Claude Desktop integration, JWT authentication must be explicitly disabled in plugin settings, and a local Node.js or PHP proxy needs to be run, which then forwards requests to the WordPress API.
Verified SafeView Analysis
The plugin prioritizes read-only operations for most exposed WordPress/WooCommerce data, with dangerous write functionalities largely removed or disabled by default. It leverages WordPress's REST API, which incorporates native sanitization and authentication. Input validation is implemented via `ToolValidator` and `SchemaValidator`. Authentication relies on JWT or standard WordPress cookies, with granular permission checks. The option to disable JWT authentication allows a 'read-only without authentication' mode specifically for local proxy integrations (e.g., Claude Desktop), which is an explicit, administrator-opt-in trade-off for convenience in a controlled environment. The `McpRestApiCrud` tool, which could expose any GET REST API endpoint, is hardcoded to be disabled by default, significantly reducing potential unintended data exposure. CORS is configured with `Access-Control-Allow-Origin: *` for the Streamable endpoint, requiring clients to manage their own authentication securely.
Updated: 2025-12-05GitHub
36
7
Low Cost
mtrudel icon

excom

by mtrudel

Sec2

Provides an MCP (Model Context Protocol) server implemented in Elixir.

Setup Requirements

  • ⚠️The project is described as 'Extremely WiP' (Work in Progress), indicating potential instability and incomplete features.
  • ⚠️Usage instructions are marked as 'WiP' and are not provided, making initial setup and operation difficult for users.
  • ⚠️Requires an Elixir development environment to build and run.
  • ⚠️As an MCP server, it will likely require understanding and potential integration with external models or tools conforming to the Model Context Protocol, the setup of which is not detailed.
Review RequiredView Analysis
A meaningful security audit cannot be performed as no server source code was provided, only README and CHANGELOG files. Therefore, it's impossible to check for 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns within the server's actual implementation.
Updated: 2026-01-12GitHub
36
103
Medium Cost
Sec9

A high-performance and secure online platform for executing C# code in isolated Docker containers, supporting both HTTP and Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for deployment.
  • ⚠️Requires an open network port (5050 by default) on the host machine.
  • ⚠️Local development requires .NET SDK installed.
Verified SafeView Analysis
The system employs a robust Host-Worker architecture with Docker container isolation for untrusted code execution. Key security features include resource limits (CPU, memory, PIDs), network isolation for worker containers, and automatic worker recycling after a configurable number of runs to maintain a clean environment. No obvious hardcoded secrets or malicious patterns were found in the provided configuration files.
Updated: 2025-12-18GitHub
36
7
Medium Cost
neverinfamous icon

sqlite-mcp-server

by neverinfamous

Sec10

Provides an MCP interface for an SQLite database, offering a wide range of data management, advanced analytics, JSON processing, text/vector search, and geospatial capabilities.

Setup Requirements

  • ⚠️Requires SQLite 3.45.0+ for full JSONB support.
  • ⚠️Docker is the recommended installation method for quick start and Cursor IDE integration.
  • ⚠️Requires Python 3.10+.
  • ⚠️Geospatial features rely on the SpatiaLite extension being installed and discoverable on the system (e.g., `mod_spatialite.dll` on Windows).
Verified SafeView Analysis
The server demonstrates a strong commitment to security, particularly against SQL injection. It consistently uses parameterized queries for all SQL operations, preventing common injection vectors. Additionally, dedicated security checks are implemented in `jsonb_utils.py` and `json_helpers.py` to detect and reject suspicious SQL patterns within JSON data and paths. There is no usage of 'eval' or similar dangerous dynamic code execution. Communication happens via stdio, reducing external network attack surface. Tool filtering (`tool_filtering.py`) allows reduction of attack surface by disabling unneeded functionalities. No hardcoded secrets were found.
Updated: 2026-01-13GitHub
36
6
High Cost
merterbak icon

Grok-MCP

by merterbak

Sec9

Provides an MCP server interface to xAI's Grok API, enabling access to agentic tool calling, image generation, vision, and reasoning models.

Setup Requirements

  • ⚠️Requires xAI API Key (Paid service)
  • ⚠️Requires Python 3.11 or higher
  • ⚠️Requires Astral UV for dependency management
  • ⚠️Local image/file path handling often requires a separate 'Filesystem MCP' server setup for full functionality within clients like Claude Desktop.
Verified SafeView Analysis
API key (XAI_API_KEY) is loaded from environment variables. Code execution for agentic tools is handled on xAI's side, not locally, which is a good security practice. Input validations are present for search parameters (e.g., max domain/handle limits). Local file access for images and file uploads (`image_paths`, `file_path`) relies on the surrounding MCP environment (e.g., Filesystem MCP) to ensure path safety and trusted access; without proper mediation, direct exposure of these tools to untrusted inputs could pose path traversal risks.
Updated: 2026-01-13GitHub
36
7
Medium Cost
tenzir icon

mcp

by tenzir

Sec7

The Tenzir MCP Server enables AI assistants to interact with Tenzir, a data pipeline engine for security operations, by providing tools for TQL execution, OCSF schema querying, package management, and code generation.

Setup Requirements

  • ⚠️Requires Python 3.12+.
  • ⚠️Requires a local Tenzir installation, 'uvx' (with 'uv' installed), or the 'TENZIR_BINARY' environment variable set, for pipeline and test execution.
  • ⚠️For bootstrapping or rebuilding embedded data (documentation, OCSF schemas), 'git' and 'pnpm' (Node.js package manager) are required system dependencies.
Verified SafeView Analysis
The server's core functionality involves executing external Tenzir binaries and test frameworks (`tenzir` and `tenzir-test`) via `asyncio.create_subprocess_exec`. While arguments are generally passed as a list to mitigate shell injection, the `TENZIR_BINARY` environment variable (if set) determines the executable, posing a risk if configured maliciously (e.g., pointing to a harmful script or containing command separators). User-provided TQL code for `run_pipeline` and `run_test` is executed by this external binary, meaning vulnerabilities could exist within the Tenzir binary or TQL itself when processing untrusted input. Initial bootstrapping of documentation and OCSF schemas involves cloning a Git repository and running `pnpm` commands, requiring external network access and Node.js dependencies, but this occurs in a temporary directory and is not user-controlled at runtime.
Updated: 2026-01-17GitHub
36
1
Low Cost
Sec8

Provides a production-ready scaffolding for AI-assisted development, offering persistent memory, context, and a suite of specialized tools to AI agents.

Setup Requirements

  • ⚠️Requires Node.js and npm for installing `pomera-ai-commander` and `@modelcontextprotocol/server-sequential-thinking` globally.
  • ⚠️Requires Python `uv` package manager (installed via `pip install uv`) for `mcp-text-editor`.
  • ⚠️Requires manual creation and population of `api-keys.local.json` with API keys for external services (Brave Search, Google Custom Search, Gmail OAuth credentials, Microsoft Graph) for full functionality.
  • ⚠️Requires specific configuration steps for integrating MCP servers into the user's IDE (Cursor, VS Code + Cline, Windsurf, Zed, Claude Desktop), often involving editing JSON configuration files or using dedicated UI.
Verified SafeView Analysis
The project demonstrates good security practices for handling API keys (recommending `.local.json` and `.gitignore`), and OAuth tokens (pickle files for self-generated tokens in secure subdirectories). SQL queries are parameterized, preventing injection. External command execution via `subprocess.run` is primarily for system checks and dependency installation, mostly with fixed arguments or commands verified to be safe. The primary security considerations involve the trustworthiness of the external Node.js and Python packages (`pomera-ai-commander`, `mcp-text-editor`, `@modelcontextprotocol/server-sequential-thinking`) that the project facilitates the installation and configuration of. If these external tools are compromised, the system could be vulnerable.
Updated: 2026-01-17GitHub
36
5
High Cost
sandst1 icon

remind

by sandst1

Sec9

Generalization-capable memory layer for LLMs that extracts, stores, and retrieves semantic concepts from raw episodic experiences, mimicking human memory consolidation.

Setup Requirements

  • ⚠️Requires API keys for OpenAI, Anthropic, or Azure OpenAI (typically paid services).
  • ⚠️If using Ollama, requires a local Ollama server running and models pulled (e.g., 'llama3.2', 'nomic-embed-text').
  • ⚠️Requires Python 3.11+.
  • ⚠️Building the Web UI requires Node.js/npm and running 'cd web && npm install && npm run build'.
Verified SafeView Analysis
The server explicitly restricts database names to prevent path traversal vulnerabilities. API keys are sourced from environment variables, not hardcoded. JSON parsing from LLM output is handled with error recovery. Overall, the design demonstrates good security practices for its intended use.
Updated: 2026-01-19GitHub
36
1
Low Cost
adriancs2 icon

Claude-MCP

by adriancs2

Sec8

Extends Claude Desktop's capabilities with surgical file editing, database operations, and document processing.

Setup Requirements

  • ⚠️Requires Windows operating system.
  • ⚠️Requires .NET Framework 4.8 runtime.
  • ⚠️Requires Claude Desktop to function as the client.
  • ⚠️Manual creation and configuration of 'allowed_directories.txt' and 'mysql_constr.txt' are necessary.
Verified SafeView Analysis
The server includes strong local security features such as 'Allowed Directories' to restrict file access to user-defined paths, and 'Caller Validation' to ensure requests originate from Claude Desktop. Configuration for sensitive operations like MySQL uses external files ('mysql_constr.txt'), avoiding hardcoded secrets within the executable. Automatic backups mitigate data loss from edits. While it inherently handles high-privilege operations (file/DB access, HTTP requests), the design incorporates specific mitigations for common risks. No 'eval' or obfuscation is indicated.
Updated: 2025-12-08GitHub
PreviousPage 122 of 760Next