Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

36
3
Low Cost
paoloricciuti icon

dotprompts

by paoloricciuti

Sec9

A personal prompt management system exposed as a Model Context Protocol (MCP) server, enabling AI agents to access, create, update, and delete user-defined prompts.

Setup Requirements

  • ⚠️Requires a Turso or compatible SQLite database, configured via DATABASE_URL and DATABASE_TOKEN environment variables.
  • ⚠️Social login features necessitate setting up GitHub and Google OAuth applications, requiring GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, GOOGLE_CLIENT_ID, and GOOGLE_CLIENT_SECRET environment variables.
  • ⚠️The base URL for the authentication service, BETTER_AUTH_URL, must be correctly configured.
Verified SafeView Analysis
All sensitive information (database credentials, OAuth client IDs/secrets) are correctly sourced from private environment variables, preventing hardcoding. The 'better-auth' library is used for robust authentication and session management, including social logins (GitHub, Google). CRUD operations on prompts enforce user ownership, preventing unauthorized access or modification of other users' data. While the server uses broad CORS headers (Access-Control-Allow-Origin: *), which is typical for MCP integration, this is balanced by strong authentication and data access controls.
Updated: 2025-12-12GitHub
36
6
High Cost
spences10 icon

mcp-sqlite-tools

by spences10

Sec9

A Model Context Protocol (MCP) server for LLMs to safely and efficiently interact with local SQLite databases, providing comprehensive operations from schema management to query execution and transactions.

Setup Requirements

  • ⚠️Requires Node.js and pnpm (or npm/yarn) installed on the local machine.
  • ⚠️Operates exclusively on local SQLite database files, not remote databases.
  • ⚠️Default path validation restricts access to directories outside `SQLITE_DEFAULT_PATH`; users may need to explicitly configure `SQLITE_ALLOW_ABSOLUTE_PATHS` or `SQLITE_DEFAULT_PATH` for broader access.
Verified SafeView Analysis
The server implements robust security features including comprehensive input validation (Valibot), strict query classification (separating read-only, write, and schema operations), and path validation to prevent directory traversal attacks. It supports configurable path restrictions and uses parameterized queries to mitigate SQL injection. Resources are gracefully cleaned up on shutdown, and transaction safety is built-in. No direct 'eval' or other highly dangerous dynamic code execution patterns were identified. Its local nature, combined with these protections, makes it generally safe, provided the host environment is secure and configurations like `SQLITE_ALLOW_ABSOLUTE_PATHS` are managed carefully.
Updated: 2026-01-17GitHub
36
4
Medium Cost
AIConfigPlaza icon

acp

by AIConfigPlaza

Sec8

A platform for unified management, sharing, and synchronization of AI programming tool configurations (Agents, Prompts, MCP Services, Skills) across various AI IDEs.

Setup Requirements

  • ⚠️To run the full platform backend, .NET SDK is required. Essential environment variables like `ConnectionStrings:DefaultConnection` (for database), `Jwt:Key` (for JWT signing), `GitHub:ClientId`, and `GitHub:ClientSecret` must be configured.
  • ⚠️A GitHub OAuth App must be registered to obtain `Client ID` (for frontend and backend) and `Client Secret` (for backend) for user authentication. The `Authorization callback URL` must be correctly set for the GitHub app.
  • ⚠️A database compatible with the `DefaultConnection` string (e.g., PostgreSQL, SQL Server) must be available and configured for the backend.
Verified SafeView Analysis
The CLI component includes `sanitizeFileName` and `sanitizePath` functions to mitigate path traversal vulnerabilities during file writing, and prompts for user confirmation before overwriting existing files, which is a strong security practice. Backend configuration files (appsettings.json) correctly use placeholders for sensitive data (database connection strings, JWT keys, GitHub secrets), indicating external configuration is required. The frontend implements standard GitHub OAuth authentication with CSRF protection. No `eval()` or code obfuscation was detected.
Updated: 2026-01-13GitHub
36
3
Medium Cost
Sec9

Generates images using the Volcengine SeeDream model via the Model Context Protocol (MCP) for AI agents and clients.

Setup Requirements

  • ⚠️Requires a Volcengine API Key to function, which must be obtained and provided.
  • ⚠️Generated image links are temporary and typically expire after 24 hours.
  • ⚠️The API key is passed as a command-line argument, potentially visible in process lists; using environment variables is generally more secure for secrets.
Verified SafeView Analysis
The server explicitly requires a Volcengine API Key, passed as a command-line argument (--ark-key). While this avoids hardcoding, command-line arguments can sometimes be visible in process lists, which is less secure than using environment variables for sensitive keys. No 'eval' or other dynamic code execution patterns were found. Network communication is via HTTPS to the official Volcengine API.
Updated: 2025-12-06GitHub
36
6
Medium Cost
aegntic icon

cldcde

by aegntic

Sec2

A persistent context manager that scrapes, stores, searches, and analyzes AI conversations from various platforms (ChatGPT, Grok, Gemini, Claude) to support project development and insights.

Setup Requirements

  • ⚠️Requires Node.js / Bun runtime environment.
  • ⚠️Requires Chromium browser installed for Puppeteer web scraping functionality.
  • ⚠️Manages a local SQLite database file, requiring appropriate file system permissions.
Review RequiredView Analysis
CRITICAL: The `import_project_structure` and `export_conversations` methods in `aegntic-hive-mcp/server.js` directly use `filePath` arguments from user input in `fs.readFileSync` and `fs.writeFileSync` respectively. This constitutes a severe path traversal vulnerability, allowing an attacker to read arbitrary files from the system (e.g., `/etc/passwd`) or write arbitrary files to the system (e.g., overwrite critical system files or inject malicious code). Additionally, the use of Puppeteer for web scraping could introduce risks if the scraped websites contain malicious content that could affect the headless browser environment or if cookies/sensitive data are not handled securely (though `fs.writeFileSync` is used for cookies, exposing them on the local filesystem).
Updated: 2025-12-07GitHub
36
6
Medium Cost

mcp-ai-agent

by luuisotorres

Sec5

This repository provides an AI agent designed to interact with and control entities within a Multi-Client Protocol (MCP) environment, likely a game or simulation.

Setup Requirements

  • ⚠️Requires external AI service API keys (e.g., OpenAI, Anthropic) or a locally running LLM, which may incur costs.
  • ⚠️Requires a running Multi-Client Protocol (MCP) server or environment for the agent to connect to and interact with.
  • ⚠️Specific Python version required, as indicated by the presence of a '.python-version' file, potentially necessitating a specific Python environment setup.
Review RequiredView Analysis
Due to the truncated README and absence of code content, a thorough security audit is not possible. The presence of `.env.example` suggests reliance on environment variables for configuration, potentially including API keys or connection details to external services (e.g., LLMs, MCP server), which introduces network communication risks. Without source code, it's impossible to verify the handling of external inputs, dependency vulnerabilities, or the absence of malicious code like 'eval'. Therefore, it is not safe to run without further inspection.
Updated: 2025-11-18GitHub
36
5
Medium Cost

MCPServer

by JavierusTk

Sec7

Provides a Model Context Protocol (MCP) server for Claude Code integration, offering custom tools including advanced Windows OutputDebugString capture and analysis.

Setup Requirements

  • ⚠️Requires a commercial IDE: RAD Studio 12 (Delphi 29.0).
  • ⚠️Dependent on a specific external repository (`Delphi-MCP-Server`) cloned at a hardcoded path (`/mnt/w/Delphi-MCP-Server`).
  • ⚠️Requires careful Claude Code configuration, including specifying HTTP transport, the `/mcp` endpoint, and potentially the Windows system IP if running from WSL.
Verified SafeView Analysis
The server runs locally and offers debug capture tools that monitor `OutputDebugString` messages from user applications in the current Windows session without requiring administrator privileges. The primary security considerations involve proper configuration of network access (CORS, host IP) to prevent exposure to untrusted networks and potential misuse if Claude Code itself is compromised. The default `AllowedOrigins` and `Host` are secure for local use, but changing them without appropriate restrictions could pose a risk.
Updated: 2025-11-17GitHub
36
7
Low Cost
Sec7

Converts an OpenAPI 3.0 Specification into a Model Context Protocol (MCP) Server instance, enabling AI models to interact with the defined API.

Setup Requirements

  • ⚠️Requires a valid OpenAPI 3.0 Specification to be provided (base64 encoded) during deployment.
  • ⚠️Requires an OpenAPI Security Configuration (base64 encoded) if the OpenAPI spec defines security schemes.
Verified SafeView Analysis
The server loads OpenAPI specifications and security configurations from local JSON files (`openapi.json`, `security.json`) at runtime. These files are expected to be generated during deployment from base64-encoded parameters (`OPENAPI_SPEC_BASE64`, `OPENAPI_SECURITY_CONFIG_BASE64`). The security of the deployed server heavily depends on the integrity and trustworthiness of these input specifications and how sensitive information (like API keys in `security.json`) is handled by the deployment platform. The `publish.yaml` does not explicitly mark `OPENAPI_SPEC_BASE64` or `OPENAPI_SECURITY_CONFIG_BASE64` as sensitive parameters, which could be a concern if they contain secrets that are not appropriately protected during the deployment process or at rest. No direct `eval` or remote code execution vectors are apparent in the provided Node.js source code.
Updated: 2026-01-19GitHub
36
7
Low Cost
1Dark134 icon

arxiv-mcp-server

by 1Dark134

Sec9

The server enables researchers to search for academic papers on arXiv, analyze citations and trends, and export data in multiple formats, with a stated aim for AI-assisted discovery and processing.

Setup Requirements

  • ⚠️Requires Python >= 3.13
  • ⚠️Full AI assistant features (e.g., generative summaries, question answering) are mentioned in the README but not implemented in the provided source code, implying potential external AI service integration (and associated costs/API keys) would be needed for their realization.
Verified SafeView Analysis
The source code does not contain 'eval' or obvious malicious patterns. Input validation through JSON schemas for MCP tools is a good practice. It interacts with the public arXiv API using httpx for HTTP requests and xml.etree.ElementTree for XML parsing. While parsing external XML always carries a minimal inherent risk, ElementTree is generally robust against common XML vulnerabilities. No hardcoded secrets were found. The 'AI assistant' features described in the README are not fully implemented in the provided source code snippets, which currently use existing paper abstracts for 'summaries' rather than generative AI.
Updated: 2026-01-19GitHub
36
8
Medium Cost
michaelwybraniec icon

mcp-agentic-sdlc

by michaelwybraniec

Sec7

A comprehensive framework for managing software development lifecycle with AI agents, combining structured development processes with intelligent workflow management.

Setup Requirements

  • ⚠️Requires Node.js (version >= 18).
  • ⚠️Requires npm for installation and build steps.
  • ⚠️Designed to be run as an MCP server, requiring client-side configuration with specific AI clients like Cursor or Claude Desktop.
Verified SafeView Analysis
The server uses `fs.mkdirSync` and `fs.writeFileSync` with a user-provided `appDir` parameter. While intended for project initialization in a controlled environment (MCP client), if the `appDir` input is not properly sanitized or validated by the calling client, it could potentially be exploited for directory traversal attacks, allowing file creation/modification outside the intended project directory.
Updated: 2026-01-18GitHub
36
4
Medium Cost
Traves-Theberge icon

PDFlow

by Traves-Theberge

Sec9

Transform PDF documents into structured data (Markdown, JSON, XML, etc.) using multimodal AI, with web UI, CLI, and AI agent integration.

Setup Requirements

  • ⚠️Requires a Google Gemini API Key (free tier has usage limits, paid tier recommended for heavy use).
  • ⚠️Relies on external system dependencies `pdftocairo` (from poppler-utils) and `imagemagick` for PDF-to-image conversion, which need to be installed system-wide or are included in the Docker image.
  • ⚠️Requires Node.js 20+ for local development due to Next.js 16 requirements.
Verified SafeView Analysis
The project demonstrates a strong focus on security. Explicit path validation functions (`isValidPathComponent`, `getSecureFilePath`) are implemented to prevent directory traversal in API routes. The `child_process.spawn` method is used over `exec` with arguments passed as an array to prevent command injection when executing shell scripts. API keys are managed client-side in `sessionStorage` or via environment variables, not hardcoded. Docker configuration uses a non-root user (`nextjs:nodejs`), `read_only: true` for the filesystem (with exceptions for necessary write directories), `no-new-privileges:true`, and resource limits, adhering to robust container security practices. The MCP server also implements file path validation against a configurable list of `ALLOWED_DIRECTORIES`.
Updated: 2025-11-21GitHub
36
17
Low Cost
Sec9

This server provides examples of Model Context Protocol (MCP) implementations, integrating the YouTube API to enable Large Language Models (LLMs) like GitHub Copilot Chat to search for YouTube channels and videos.

Setup Requirements

  • ⚠️Requires a YouTube API Key (must be obtained from Google Cloud Console).
  • ⚠️Requires Node.js v18.0.0 or higher.
Verified SafeView Analysis
The project follows good security practices by loading API keys from environment variables (YOUTUBE_API_KEY) using `dotenv`. Input validation for tool arguments is implemented with `Zod`, which helps prevent malformed input issues. The server relies on the `@modelcontextprotocol/sdk` for MCP handling and `express.js` for the remote (SSE) transport, which are widely used and maintained libraries. No 'eval', obfuscation, or immediately identifiable malicious patterns were found in the provided source code. For production deployments of the remote server, further consideration of web security headers and access control might be beneficial beyond what the SDK provides.
Updated: 2026-01-07GitHub
PreviousPage 127 of 760Next