Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

36
8
High Cost
SpaceFrontiers icon

mcp

by SpaceFrontiers

Sec9

This server acts as an interface to the Space Frontiers API, allowing language models to perform semantic search, resolve document identifiers, and retrieve filtered document content or metadata from various data sources.

Setup Requirements

  • ⚠️Requires Space Frontiers API Key for authentication (obtainable from https://spacefrontiers.org/developers/keys, likely paid).
  • ⚠️Requires Python version 3.10 or 3.11 (specified as '>=3.10,<4').
  • ⚠️Requires 'uv' for running and dependency management, with a specific Git source configured for the 'mcp' dependency.
Verified SafeView Analysis
The code appears well-structured, using `fastmcp` for the server and `spacefrontiers-clients` for API interaction. Input validation is handled via Pydantic annotations. Authentication relies on API keys passed via environment variables or request headers, which is standard practice. No `eval`, `exec`, or direct shell commands are observed. A minor note is that `pyproject.toml` points to a GitHub branch for a specific `mcp` dependency via `tool.uv.sources`, which, while not inherently insecure, implies a custom or non-PyPI source that would require further vetting in a high-security context. However, the core `fastmcp` dependency is from PyPI.
Updated: 2025-12-02GitHub
36
37
High Cost
Sec9

Provides LLMs and AI agents with tools for interacting with the Paddle Billing API to manage payments, subscriptions, and other billing-related entities.

Setup Requirements

  • ⚠️Requires a Paddle API Key (for sandbox or production environments).
  • ⚠️Requires an MCP-compatible client (e.g., Cursor, Claude Desktop, Windsurf) to function as a tool server for an LLM/AI agent.
  • ⚠️Node.js and pnpm (or npm/yarn) are needed for local development/installation.
Verified SafeView Analysis
The server implements robust parameter validation using Zod schemas for all incoming tool arguments, significantly reducing the risk of injection vulnerabilities. API keys are handled securely via environment variables or CLI arguments and are not hardcoded. The code primarily acts as a wrapper around the official Paddle Node.js SDK, and includes explicit warnings within prompts to LLMs regarding destructive or sensitive actions.
Updated: 2026-01-05GitHub
36
6
Low Cost
sysdiglabs icon

sysdig-mcp-server

by sysdiglabs

Sec7

Serves as a Model Context Protocol (MCP) server, enabling Large Language Models (LLMs) to query and interact with the Sysdig Secure platform for security events and Kubernetes metrics.

Setup Requirements

  • ⚠️Requires a Sysdig Secure API Token (paid service access).
  • ⚠️The `generate_sysql` tool does not work with Service Account tokens; a regular user API token is required for this specific tool.
  • ⚠️Explicit Sysdig API Permissions (`metrics-data.read`, `policy-events.read`, `risks.read`, `sage.exec`) must be configured for the API token used.
Verified SafeView Analysis
The server offers an option (`SYSDIG_MCP_API_SKIP_TLS_VERIFICATION=true`) to skip TLS verification, which, while useful for self-signed certificates in specific deployments (e.g., on-prem), introduces a significant security risk for Man-in-the-Middle (MITM) attacks if used improperly in production environments. The `generate_sysql` tool has a known limitation where it does not work with Service Account tokens and returns a 500 error, requiring a regular user API token instead. Tools dynamically filter based on user permissions, which is a strong positive security control. Direct SysQL execution is possible via `run_sysql`, and while SysQL is designed for secure querying, a robust prompt engineering or validation layer is crucial on the LLM side to prevent unintended data exposure or resource strain. No obvious hardcoded secrets or malicious patterns were found in the provided code snippet; API tokens are loaded from environment variables or HTTP headers, which is good practice.
Updated: 2025-12-09GitHub
36
45
Medium Cost
railsblueprint icon

blueprint-mcp

by railsblueprint

Sec7

Enable AI assistants and coding agents to control and automate real web browsers (Chrome, Firefox, Opera) through a browser extension, maintaining logged-in sessions and avoiding bot detection.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run the server.
  • ⚠️Requires a separate browser extension to be installed (Chrome Web Store, Firefox Add-ons, or manual install).
  • ⚠️Requires configuration within your MCP client (e.g., Claude Desktop, VS Code/Cursor) to specify the command and arguments.
  • ⚠️PRO features (cloud relay, multi-browser) require an OAuth login via `auth action='login'`.
Verified SafeView Analysis
The server's core functionality involves executing arbitrary JavaScript in the browser context (`Runtime.evaluate`) and performing privileged browser actions, which is inherently powerful and carries risk if the AI agent or MCP client is compromised. By default, the server only accepts local WebSocket connections (localhost:5555), limiting direct network exposure for the free tier. PRO mode uses OAuth for authentication to a cloud relay. The browser extension requires explicit user action to connect. Token decoding for user info on the local server does not validate JWT signatures, which is a minor concern but likely relies on the PRO relay for full validation. The use of `child_process.exec` to open a browser for OAuth flow is controlled, opening a predefined URL. Overall, the project acknowledges and attempts to mitigate risks through local-only defaults and explicit user/authentication steps, but its powerful nature means high trust in the connecting AI client is required.
Updated: 2025-12-21GitHub
36
6
Low Cost

kuaidi100-MCP

by kuaidi100-api

Sec8

Provides a Micro-Control Plane (MCP) server for integrating with Kuaidi100's logistics tracking, time estimation, and price estimation APIs.

Setup Requirements

  • ⚠️Requires a Kuaidi100 API Key, which must be obtained from their official website (may require registration).
  • ⚠️Requires a Python environment with `uv` (or `pip` for local installation) to run the Python-based MCP server via the `uvx` command.
  • ⚠️The Node.js option requires `npx` and depends on an external npm package, '@kuaidi100-mcp/kuaidi100-mcp-server'.
Verified SafeView Analysis
The README explicitly warns about protecting the Kuaidi100 API Key to prevent misuse. Running via `uvx` or `npx` involves executing remote packages, which carries a general supply chain risk. No explicit 'eval' or obfuscation is evident from the provided information. The primary network risk is the intended communication with the Kuaidi100 API.
Updated: 2025-11-17GitHub
35
1
Low Cost

gomoku-mcp-server

by junyeong-nero

Sec5

This is a backend server for a Gomoku game, likely implementing game logic, state management, and handling multiplayer interactions.

Setup Requirements

  • ⚠️Missing `README.md` makes setup instructions, configuration details, and dependencies unclear, requiring manual code inspection.
  • ⚠️Requires a specific Python version, indicated by `.python-version` file.
  • ⚠️Likely requires a Python dependency manager like Poetry or PDM, due to `pyproject.toml`.
Review RequiredView Analysis
Without access to the source code, a comprehensive security audit is impossible. As a server application, it inherently presents network risks. The absence of a README.md makes it impossible to assess default configurations, authentication, or known vulnerabilities without code inspection. Potential risks include unauthenticated access, data injection, and resource exhaustion.
Updated: 2025-11-18GitHub
35
6
Medium Cost
EOSC-Data-Commons icon

matchmaker

by EOSC-Data-Commons

Sec9

A web application for searching scientific datasets using natural language queries, providing AI-ranked results and the ability to dispatch datasets to Virtual Research Environments (VREs).

Setup Requirements

  • ⚠️Requires a separate 'EOSC Data Commons MCP server' backend running on port 8000.
  • ⚠️Requires Node.js version 20 or newer for local development setup.
  • ⚠️Optional VRE dispatch functionality requires Docker and potentially GitHub Container Registry (GHCR) authentication.
Verified SafeView Analysis
The frontend code demonstrates good security practices with no obvious hardcoded secrets or direct use of 'eval'. It uses a `fetchWithTimeout` utility to prevent hanging requests and logs errors differently in development vs. production to avoid leaking sensitive information. External API calls are made to trusted services like DOI.org and a FileMetrix API. The primary network risks involve the backend (EOSC Data Commons MCP server) it communicates with, including its LLM interactions and dispatcher services, which are external to this frontend's codebase.
Updated: 2026-01-19GitHub
35
4
High Cost
ValerianRey icon

RagThisCode

by ValerianRey

Sec8

Set up a RAG (Retrieval-Augmented Generation) system to chat with the code of any public or private GitHub repository.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid).
  • ⚠️Requires GitHub Access Token (for fetching public and/or private repositories).
  • ⚠️Python 3.13+ is required according to `pyproject.toml`, which is very restrictive as Python 3.13 is still in pre-release.
Verified SafeView Analysis
Secrets (API keys, tokens) are correctly handled via environment variables. CORS is configured for local development and should be adapted for production. The frontend uses `dangerouslySetInnerHTML` with LLM-generated content, which carries a minor risk if an LLM generates malicious HTML/JS, though the `marked.parse` function mitigates this for standard markdown.
Updated: 2025-12-03GitHub
35
6
Medium Cost
searchcraft-inc icon

searchcraft-mcp-server

by searchcraft-inc

Sec3

An MCP server that enables AI agents to manage Searchcraft clusters by performing operations on indexes, documents, federations, authentication keys, analytics, and generating search applications from JSON data via natural language prompts.

Setup Requirements

  • ⚠️Requires Searchcraft ENDPOINT_URL and CORE_API_KEY environment variables.
  • ⚠️The `create_vite_app` tool requires `git`, `Node.js`, and `yarn` or `npm` to be installed in the environment.
  • ⚠️Analytics tools like `get_measure_conversion` and `get_measure_summary` require a local Clickhouse instance if not using Searchcraft Cloud.
Review RequiredView Analysis
CRITICAL VULNERABILITY: The `create_vite_app` tool uses `child_process.exec` to clone a Git repository, incorporating the `app_name` parameter directly into the shell command string without proper sanitization or escaping. This allows for command injection, where a malicious `app_name` (e.g., `'; rm -rf / ;'`) could execute arbitrary commands on the host system, leading to severe compromise. Additionally, file path validation for `analyze_json_from_file` and `create_index_from_json` is basic and might not prevent all path traversal attacks, although the `exec` vulnerability is far more critical. The server fetches JSON from URLs and installs external dependencies, which are inherent network risks that need careful monitoring.
Updated: 2026-01-10GitHub
35
5
Low Cost

Provides a Cloudflare Workers-based Model Context Protocol (MCP) server with GitHub OAuth for secure custom integrations with Claude.ai.

Setup Requirements

  • ⚠️Requires a Claude.ai Team or Enterprise plan to utilize custom integrations.
  • ⚠️Extensive manual setup is required for GitHub OAuth App configuration, Cloudflare KV Namespace creation, and setting multiple environment secrets via Wrangler CLI.
  • ⚠️Assumes familiarity with Cloudflare Workers and Wrangler CLI.
Verified SafeView Analysis
The project implements robust security practices including OAuth 2.0 with PKCE, secure secret management via Cloudflare Workers environment variables, and utilizes KV storage for session data. It adheres to OAuth well-known endpoint standards and is built on a secure serverless platform. No 'eval' or obvious obfuscation concerns found.
Updated: 2025-11-17GitHub
35
5
High Cost
0x5457 icon

ts-index

by 0x5457

Sec3

Indexes TypeScript code for semantic and symbol search, with Language Server Protocol (LSP) and Model Context Protocol (MCP) integration, enabling advanced code analysis and interaction.

Setup Requirements

  • ⚠️Requires a running Python FastAPI embedding server (scripts/gte-small.py or compatible API) on http://localhost:8000/embed by default.
  • ⚠️Requires Node.js and npm to install Language Server Protocol (LSP) servers like vtsls or typescript-language-server.
  • ⚠️Requires ast-grep executable to be installed and available in system PATH for AST-based search functionality.
Review RequiredView Analysis
CRITICAL: The `read_file` MCP tool allows reading arbitrary files on the server's filesystem if `file_path` is provided as an absolute path, potentially leading to sensitive data disclosure. This is a severe vulnerability if the MCP server is exposed to untrusted network clients. HIGH: The `ast_grep_search` tool passes user-supplied patterns and globs directly to the `ast-grep` executable. While `exec.CommandContext` is generally safer, a complex or malicious pattern could potentially exploit vulnerabilities in `ast-grep` itself. MEDIUM: The system relies on external executables (`npm`, `node`, LSP servers like `vtsls`, `ast-grep`) and an external embedding API. Vulnerabilities in these third-party components or misconfiguration of the `--embed-url` could lead to supply chain attacks or data leakage. LOW: Temporary files are created in `/tmp` by the `ast-grep` client which, if the server crashes, could be left behind and potentially expose sensitive information to other local users.
Updated: 2026-01-19GitHub
35
2
Medium Cost
ArangoGutierrez icon

k8s-gpu-mcp-server

by ArangoGutierrez

Sec8

Provides just-in-time, real-time NVIDIA GPU hardware introspection for Kubernetes clusters for AI-assisted SRE troubleshooting.

Setup Requirements

  • ⚠️Requires proper NVIDIA GPU setup on Kubernetes nodes, either via RuntimeClass (e.g., `nvidia`), NVIDIA Device Plugin, or NVIDIA DRA Driver.
  • ⚠️Cross-node pod-to-pod HTTP communication (for HTTP transport mode with gateway) might require specific CNI configurations, such as enabling VXLAN encapsulation for Calico CNI on AWS in the same subnet.
  • ⚠️Correct Kubernetes RBAC permissions are critical for the agent to access node/pod metadata and for the gateway to route requests, especially for /dev/kmsg access for XID errors.
Verified SafeView Analysis
The project prioritizes security with detailed RBAC configurations, security contexts (e.g., `readOnlyRootFilesystem: true`, `allowPrivilegeEscalation: false`), and optional NetworkPolicies. The default agent mode is `read-only`. The agent container requires `runAsUser: 0` (root) for NVML access, which is explicitly justified but inherently carries higher privilege. Access to `/dev/kmsg` for XID error analysis requires `CAP_SYSLOG` and potentially `privileged: true`. The gateway supports `kubectl exec` routing as a fallback, which can be less secure than direct HTTP if not properly constrained, but the recommended `HTTP` routing mode mitigates this. Comprehensive documentation on the security model and verification steps is provided.
Updated: 2026-01-19GitHub
PreviousPage 134 of 760Next