Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

35
4
Medium Cost
thoughtspot icon

mcp-chat-client

by thoughtspot

Sec7

A modern chat client that integrates with Model Context Protocol (MCP) servers to provide AI-powered conversations with access to various tools and resources.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment and Cloudflare Workers KV for caching.
  • ⚠️Requires a Supabase account with PostgreSQL and Auth configured for user management and MCP server metadata storage.
  • ⚠️Requires API keys for OpenAI (or Azure OpenAI) and Exa.ai for core AI functionality and web search.
Verified SafeView Analysis
Hardcoded Google Client ID on the frontend is a minor issue. Backend relies on environment variables for sensitive API keys, which is standard secure practice for Cloudflare Workers. Input to AI models is handled via JSON stringification, mitigating direct code injection. OAuth flows for MCP servers are critical and appear to be handled with standard mechanisms.
Updated: 2025-11-25GitHub
35
2
Medium Cost

mcp-mineru

by TINKPA

Sec7

Implements or interacts with the Minecraft Protocol, likely for building custom Minecraft servers or client utilities.

Setup Requirements

  • ⚠️A Python environment (3.x) and the `uv` package manager are required for setup and execution.
  • ⚠️The presence of `claude_desktop_config.example.json` suggests potential integration with Anthropic's Claude API, which may require an API key and incur usage costs.
  • ⚠️Network configuration (e.g., firewall rules, port forwarding) may be necessary to make the server accessible from outside the local machine.
Verified SafeView Analysis
As a network server, this project will inherently process external input and potentially expose network ports, requiring careful security review of the 'src' code. No immediate red flags like 'eval' or obfuscation are apparent from the file list, but a thorough code audit is necessary for full security assurance.
Updated: 2025-11-18GitHub
35
4
Low Cost

mcp-oauth2-proxy

by matheuscscp

Sec7

This project acts as an OAuth2 proxy to secure web applications or services, handling authentication and authorization through an OAuth2 provider.

Setup Requirements

  • ⚠️Requires an OAuth2 provider (e.g., Google, GitHub) and configuration details (client ID, client secret, redirect URI).
  • ⚠️Requires an upstream service to proxy and protect.
  • ⚠️Proper HTTPS configuration and a public domain name are essential for production OAuth2 flows.
Verified SafeView Analysis
Handles sensitive OAuth2 credentials; proper configuration (e.g., HTTPS, secure secret management) is critical to mitigate inherent network risks. Go's type safety reduces some vulnerability classes.
Updated: 2025-11-18GitHub
35
8
Low Cost
CorgiBoyG icon

mcp-server-csdn

by CorgiBoyG

Sec4

The server automatically publishes Markdown articles to the CSDN platform, acting as a tool called by a Spring AI agent.

Setup Requirements

  • ⚠️Requires manual extraction and configuration of a CSDN login cookie from browser developer tools, which is prone to expiration.
  • ⚠️Specific Java Development Kit (JDK 17+) and Maven (3.6+) versions are required.
  • ⚠️Relies on the stability and undocumented authentication mechanisms of CSDN's internal `bizapi.csdn.net` API, which could change without notice.
Verified SafeView Analysis
The example `application.yml` in the project's README and provided source code includes a very long, real-looking CSDN authentication cookie directly. This encourages users to hardcode sensitive session information in a configuration file, which is a critical security risk if committed to version control or otherwise exposed. While the `push.sh` script handles Aliyun credentials more securely via a `.local-config` file, the primary CSDN API key (cookie) is suggested to be directly in `application.yml`. The server also hardcodes numerous HTTP headers for the CSDN API, which might be brittle but not inherently a security flaw.
Updated: 2025-11-22GitHub
35
4
Low Cost

An OAuth 2.1 secured Spring AI MCP gateway enabling ChatGPT Connectors to interact with local development tools via a streamable HTTP endpoint.

Setup Requirements

  • ⚠️Requires Java 25 and Maven.
  • ⚠️Requires a separate Authorization Server module (auth-server) to be running concurrently on port 9090.
  • ⚠️Cloudflare Tunnel setup is required for public access and ChatGPT integration, including a domain managed by Cloudflare and specific path-based routing configuration.
  • ⚠️The Authorization Server and MCP Gateway must have their 'issuer'/'issuer-uri' configured to match the public domain used by the Cloudflare Tunnel.
Verified SafeView Analysis
The project is explicitly labeled as a 'learning and integration reference' and 'not meant to be a production-grade gateway'. Security relaxations are made for simplicity, including disabled CSRF protection and broadly configured CORS (allowing all origins, methods, and headers with credentials). It uses a hardcoded in-memory user ('omar/secret') and a client ID ('springai-gateway-client') for the Authorization Server demo, with explicit warnings against using these in production. While transparent about these known issues, they represent significant vulnerabilities if deployed without modification. The use of Cloudflare Tunnel for exposure offers some network security benefits.
Updated: 2025-11-27GitHub
35
6
Medium Cost
theforeman icon

foreman-mcp-server

by theforeman

Sec8

A Model Context Protocol (MCP) server that enables Language Models (LLMs) to interact with a Foreman instance for IT automation, reporting, and configuration management.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️Requires access to an existing Foreman instance
  • ⚠️Foreman API credentials (username/password or token) are mandatory and handled differently based on transport mode (CLI/ENV for stdio, headers for streamable-http)
  • ⚠️Requires an MCP-compatible client (e.g., VSCode with Copilot, Claude Desktop, MCP Inspector) to interact with the server
Verified SafeView Analysis
The `AuthMiddleware`'s `user_map` can grow indefinitely, which is noted as a TODO to consider cleanup mechanisms; this could pose a potential resource exhaustion (DoS) risk. For the `streamable-http` transport, authentication relies on credentials (username and token) passed in request headers, shifting security responsibility for credential handling to the client application. Sensitive headers are sanitized before logging. SSL verification with Foreman is configurable via command-line options or environment variables, including support for custom CA bundles.
Updated: 2026-01-12GitHub
35
4
Medium Cost

Enables organizations to leverage AI agents for secure, natural language querying and activation of vast financial services data within Snowflake to derive insights and actions.

Setup Requirements

  • ⚠️Requires access to a Snowflake account and a configured database (e.g., DASH_MCP_DB).
  • ⚠️Requires an API key for an AI model provider (e.g., OpenAI API Key) to power the AI agents.
Verified SafeView Analysis
The provided source code is a declarative YAML definition of a semantic model and standard SQL queries. It does not contain executable code, 'eval' statements, obfuscation, hardcoded secrets, or malicious patterns. The 'public_access' modifiers are part of the metadata definition, not runtime security vulnerabilities in this file. The security of the actual 'MCP Server' that uses this model would depend on its implementation, which is not provided.
Updated: 2025-12-05GitHub
35
3
Low Cost
YashMakan icon

fastmcp

by YashMakan

Sec9

Build fast, declarative, and type-safe servers implementing the Model Context Protocol (MCP) in Dart.

Setup Requirements

  • ⚠️Requires `dart run build_runner build` to be executed after code changes (e.g., adding/modifying annotated functions) to generate boilerplate.
  • ⚠️Mandatory `part 'your_file.fastmcp.g.dart';` directive must be added at the top of files containing `@Tool`, `@Resource`, or `@Prompt` annotations.
  • ⚠️Requires Dart SDK version >= 3.0.0.
Verified SafeView Analysis
The framework leverages build-time code generation (`fastmcp_generator`) to create type-safe argument parsing, handler wrappers, and robust error handling with `try-catch` blocks. This design inherently reduces common runtime vulnerabilities associated with dynamic input processing. No use of 'eval' or similar dangerous dynamic code execution patterns are present in the provided source. Network transports (e.g., HTTP) would still require standard security practices (e.g., authentication, authorization, rate-limiting) for the deployed application, but the framework itself promotes a secure foundation. Recent updates mention support for OAuth and security schemes, indicating active security considerations.
Updated: 2025-11-26GitHub
35
5
Medium Cost

Orchestrates an AI agent using Amazon Bedrock and AWS ECS to perform automated browser interactions via the Playwright MCP server.

Setup Requirements

  • ⚠️Requires Node.js v20 or higher, AWS CDK v2 or higher, and Docker v20 or higher.
  • ⚠️Requires AWS credentials (Access Key/Secret Key/Session Token) for local development or appropriate IAM roles for AWS deployment.
  • ⚠️Amazon Bedrock model must be enabled in the AWS Console before deployment.
Verified SafeView Analysis
The project adheres to good practices by distinguishing between local development credentials (via .env file) and production credentials (via AWS IAM roles/credential providers). There are no apparent hardcoded secrets for production. The `AmazonBedrockFullAccess` policy is quite broad, but it's applied to the ECS task role, which is the correct way to grant permissions to services. No `eval` or similar dangerous patterns were found.
Updated: 2025-11-26GitHub
35
2
High Cost

A local AI-powered wheeled robot (RAMIE) capable of listening, speaking, and executing commands via a Gradio web interface, designed for local compute and real-time interaction.

Setup Requirements

  • ⚠️Requires specific robot hardware: Latte Panda Mu N100 16GB, Latte Panda Mu Lite Carrier Board, Atmel AT324PA microcontroller, HS422 servo motors, and custom 3D-printed parts.
  • ⚠️Requires local Ollama installation and specific LLM models (`qwen3:4b-instruct`, `qwen3:4b`) to be pulled.
  • ⚠️Requires specific Linux OS (Ubuntu 24.04 Server LTS) on the SBC, with careful serial port (`/dev/ttyS4`) permissions (`dialout` group) and network configuration.
  • ⚠️Requires `pyserial`, `gradio`, and `llama_index` Python packages, typically managed with `uv`.
Review RequiredView Analysis
The system features a custom C++ `Uniparser` for serial communication, mapping ASCII commands to function calls on the microcontroller. While designed for this purpose, any vulnerability in this parser could allow arbitrary command execution on the embedded system. The Python component uses `subprocess.Popen` to launch Ollama and `requests.post` for API calls, and `tty.setraw` for terminal input, which can be sensitive. The system is intended to run locally, limiting external attack vectors, but remote SSH development and local network access for the Gradio interface introduce potential risks. Extensive debug logging macros in C++ firmware could expose internal state if enabled in production.
Updated: 2025-11-30GitHub
35
11
Low Cost
Sec8

Provides a Model Context Protocol (MCP) service to enable AI applications to interact with WeChat Official Account APIs, managing features like authentication, media, drafts, and publishing.

Setup Requirements

  • ⚠️Requires WeChat AppID and AppSecret to be provided via CLI arguments.
  • ⚠️Node.js 18+ runtime is required.
  • ⚠️For SSE mode, `CORS_ORIGIN` environment variable should be configured for security (e.g., `https://your-domain.com`).
  • ⚠️Sensitive data encryption for SQLite storage (`WECHAT_MCP_SECRET_KEY` environment variable) should be used with a strong, securely managed key.
Verified SafeView Analysis
The project demonstrates good security awareness by implementing optional AES encryption for sensitive fields (AppSecret, Access Token) via `WECHAT_MCP_SECRET_KEY`. It also explicitly warns about configuring `CORS_ORIGIN` for SSE mode to prevent cross-site scripting (XSS) risks. SQL operations use parameterized queries, mitigating SQL injection. Error logging is designed to be desensitized. The security largely depends on the user correctly configuring strong environment variables and CORS policies.
Updated: 2025-11-19GitHub
35
6
Low Cost
Naveen666555 icon

n8n-workflows

by Naveen666555

Sec8

A fast, modern documentation system for N8N workflows, providing search, categorization, visualization, and a RESTful API for workflow management and analysis.

Setup Requirements

  • ⚠️Requires Node.js 19+ installed.
  • ⚠️N8N workflow JSON files must be manually copied into the 'workflows/' directory after cloning.
  • ⚠️Database and directories need to be initialized via 'npm run init' and workflows indexed with 'npm run index' before starting the server for the first time.
Verified SafeView Analysis
The server uses Helmet.js for security headers and express-rate-limit for API rate limiting, which are good practices. SQL queries use parameterized statements to prevent injection. File system access is primarily to designated 'workflows' and 'database' directories, assuming trusted N8N workflow JSON files. No obvious 'eval' or obfuscation found. CORS is enabled, but specific origins are not defined in the truncated code, which might default to a broader setting. Overall, it implements standard security measures for a Node.js application.
Updated: 2026-01-19GitHub
PreviousPage 135 of 760Next