Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

35
3
Medium Cost
JustinBeckwith icon

pylon-mcp

by JustinBeckwith

Sec9

An MCP server enabling AI agents to interact with and manage the Pylon customer support platform, handling accounts, contacts, issues, tags, and teams.

Setup Requirements

  • ⚠️Requires Node.js 24+.
  • ⚠️Requires a Pylon API token with Admin access.
  • ⚠️Requires pnpm as the package manager for installation.
Verified SafeView Analysis
The server securely loads the Pylon API token from environment variables (PYLON_API_TOKEN), avoiding hardcoded secrets. The codebase is clear, well-structured, and not obfuscated, making it easy to audit. It utilizes the StdioServerTransport, meaning it communicates via standard input/output, which limits direct external network attack surface from the MCP server itself. Input validation for API parameters using `zod` and internal filtering (`cleanFilter`, `validateTimeRange`) are implemented to prevent malformed requests and potential injection. Outbound network requests are exclusively directed to the official Pylon API.
Updated: 2026-01-19GitHub
35
3
Low Cost

Provides backend services for a generic multi-cloud application generator, enabling remote application scaffolding and management across various cloud providers.

Setup Requirements

  • ⚠️Requires Node.js and npm/yarn for development and execution.
  • ⚠️Requires configuration for one or more cloud provider accounts (e.g., AWS, Azure, GCP credentials/API keys) to interact with multi-cloud environments.
  • ⚠️Specific installation steps or environment configurations might be required, as suggested by the 'install.yml' file, which is typically used for CI/CD or automated deployments.
Review RequiredView Analysis
Cannot inspect code for 'eval' or obfuscation. As a server for a Multi-Cloud Platform, it inherently involves network risks and potential interaction with sensitive cloud resources. The absence of a README (404 Not Found) makes understanding its specific security posture, authentication mechanisms, and data handling practices impossible without a full code review.
Updated: 2025-11-18GitHub
35
6
Medium Cost
dokku-MCP icon

dokku-mcp

by dokku-MCP

Sec9

Exposes Dokku's management capabilities through the Model Context Protocol (MCP), enabling Large Language Models (LLMs) to interact with and manage a Dokku instance.

Setup Requirements

  • ⚠️Early Development: Breaking changes are expected, and it is not recommended for production use.
  • ⚠️Requires Go 1.25+ for building from source.
  • ⚠️Requires Docker and Docker Compose for local development environment.
  • ⚠️Requires configured SSH access to a Dokku instance, including SSH key management.
  • ⚠️Verbose log output from Dokku commands can lead to higher LLM token consumption.
Verified SafeView Analysis
The project demonstrates a strong commitment to security. It includes robust input validation, a command blacklist (with plans for an allow-list), and sensitive log redaction to prevent command injection and information leakage. Secure SSH handling, including path traversal prevention and key file access checks, is implemented. Comprehensive CI testing with security tools (gosec, nancy, staticcheck) and a strict code quality policy (blocking `interface{}`, `any`, `reflect`, `unsafe`) further enhance its security posture. While the default CORS policy for SSE is `*`, it is well-documented and configurable for stricter environments, and token-based authentication is still required.
Updated: 2026-01-13GitHub
35
8
High Cost
CorgiBoyG icon

mcp-server-juejin

by CorgiBoyG

Sec3

AI-powered service for publishing articles to JueJin community.

Setup Requirements

  • ⚠️Requires a JueJin account and an active login Cookie, which must be manually extracted from the browser.
  • ⚠️The JueJin Cookie is session-based and will expire, requiring periodic updates.
  • ⚠️The project utilizes Spring AI 1.0.0-M6, which is a milestone (non-General Availability) release, potentially introducing stability issues or future breaking changes.
  • ⚠️Requires JDK 17+ and Maven 3.6+.
Review RequiredView Analysis
The provided `application.yml` example and instructions explicitly encourage hardcoding a sensitive JueJin login cookie directly into the configuration file. This practice poses a critical risk of credential leakage if the configuration is committed to version control or shared insecurely. While the application itself doesn't contain malicious code like 'eval', this credential management vulnerability is severe.
Updated: 2025-11-22GitHub
35
5
Medium Cost
peterbud icon

nitro-mcp-server

by peterbud

Sec4

This project serves as a Model Context Protocol (MCP) server demonstrating streamable HTTP transport with pluggable authentication providers (Auth0, Microsoft Entra ID) and schema-validated tools/resources.

Setup Requirements

  • ⚠️Requires Node.js v20+ and pnpm.
  • ⚠️Authentication requires configuring environment variables for Auth0 or Microsoft Entra ID (e.g., `NITRO_MCP_SERVER_AUTH_PROVIDERS_AUTH0_CLIENT_ID`).
  • ⚠️For production, the default file system storage for OAuth data (`registrationStore`, `authCodeStore`) must be replaced with a secure, production-grade database or distributed cache to ensure security and scalability.
Review RequiredView Analysis
CRITICAL: The server relies on local file system storage (fs driver) for `registrationStore` and `authCodeStore` to manage OAuth client registrations, authorization codes, and states. This is fundamentally insecure for production environments as it's vulnerable to local file system attacks and does not support distributed deployments or high availability. The 'Todo' section explicitly mentions a missing cleanup task for expired authorization codes, which is a significant vulnerability for resource exhaustion and potential misuse of stale codes. The `/auth/register` endpoint acts as a DCR proxy without inherent rate limiting, which is noted in the README as a point requiring external protection to prevent abuse.
Updated: 2025-11-28GitHub
35
2
Medium Cost
fmktech icon

mcp-kg-skills

by fmktech

Sec7

Manages a knowledge graph of reusable Python functions (skills), documentation, and environment variables for dynamic script composition and execution by an LLM.

Setup Requirements

  • ⚠️Python 3.12 or higher required.
  • ⚠️uv (fast Python package installer) required.
  • ⚠️Neo4j database required (Docker recommended).
Verified SafeView Analysis
The 'execute' tool allows arbitrary Python code execution provided by the LLM. While output is sanitized (secrets replaced with '<REDACTED>') and secret environment variables are stored with restricted file permissions (0600), a sophisticated or exploited LLM could still potentially craft code to exfiltrate secrets if it manages to infer variable names. The 'QueryTool' is strictly read-only, preventing graph modification operations.
Updated: 2025-11-26GitHub
35
119
Low Cost
Sec6

Programmatic management and automation of UniFi Network Controllers, enabling external systems (like LLMs or custom scripts) to interact with UniFi devices, clients, and network configurations.

Setup Requirements

  • ⚠️Requires access to a UniFi Network Controller (v7.x+ recommended).
  • ⚠️Requires setting critical environment variables (UNIFI_HOST, UNIFI_USERNAME, UNIFI_PASSWORD).
  • ⚠️Default `UNIFI_VERIFY_SSL=false` introduces security risks if not explicitly set to `true` and proper SSL certificates are not validated.
Review RequiredView Analysis
The default `verify_ssl=False` in `UniFiSettings` and its explicit mention as `UNIFI_VERIFY_SSL="false"` in examples is a significant security risk, making connections vulnerable to Man-in-the-Middle (MITM) attacks if not explicitly configured to `True` with proper certificate validation in production environments. Additionally, `aiohttp.CookieJar(unsafe=True)` is used in the `ConnectionManager`, which relaxes cookie security policies and could potentially expose the session to risks under certain conditions (e.g., XSS vulnerabilities in the UniFi web interface). While the project implements granular permissions (`permission_category`, `permission_action`), requires explicit confirmation (`confirm=True`) for destructive actions, and uses robust input validation with JSON schemas, these two critical network security concerns lower the overall score. It is crucial to ensure this server runs in a trusted, isolated environment and that `UNIFI_VERIFY_SSL` is correctly configured for production.
Updated: 2025-12-19GitHub
35
7
Medium Cost
RocketPy-Team icon

Infinity-API

by RocketPy-Team

Sec8

Performs rocket simulations, stores input data, and provides an API for managing rocket components and flights.

Setup Requirements

  • ⚠️Requires Python 3.12 or above
  • ⚠️Requires MongoDB-Atlas instance
  • ⚠️Requires MONGODB_CONNECTION_STRING environment variable
Verified SafeView Analysis
The application uses Pydantic for input validation, environment variables for secrets (MONGODB_CONNECTION_STRING, UPTRACE_DSN), and structured logging for auditability. It uses 'dill' for serializing RocketPy objects for download, which carries an inherent risk if arbitrary deserialization from untrusted sources were allowed (which it is not directly exposed in this API). The `fastmcp` integration uses an experimental OpenAPI parser, which might introduce unforeseen vulnerabilities. Overall, good practices are followed for a server handling complex object serialization.
Updated: 2026-01-11GitHub
35
5
High Cost
VictoriaMetrics-Community icon

mcp-victoriatraces

by VictoriaMetrics-Community

Sec9

Provides a Model Context Protocol (MCP) server for VictoriaTraces, enabling AI clients to query trace data, list services and operations, and search embedded documentation.

Setup Requirements

  • ⚠️Requires a running VictoriaTraces instance (single-node or cluster).
  • ⚠️Authentication to VictoriaTraces via `VT_INSTANCE_BEARER_TOKEN` or `VT_INSTANCE_HEADERS` may be required.
  • ⚠️Requires Go 1.25+ to build from source, or Docker to run pre-built images.
Verified SafeView Analysis
The server follows good security practices by relying on environment variables for sensitive configuration (like `VT_INSTANCE_BEARER_TOKEN`), which can be managed via Kubernetes secrets. Input validation is present for tool parameters, helping prevent common injection vulnerabilities. The build process includes vulnerability (govulncheck) and license (wwhrd) checks. No explicit `eval` or code obfuscation was found. Network exposures are standard for a server (HTTP/SSE/gRPC) and endpoints like `/metrics` can be protected with auth keys. The security of the backend VictoriaTraces instance is crucial as this server acts as a proxy.
Updated: 2026-01-14GitHub
35
4
Medium Cost
Sec7

An expert developer tool for comprehensive code analysis, semantic search, refactoring, code modification, and automated documentation. It leverages AI and specialized runtime environments (Node.js/Bun) for high performance, featuring deep Git integration for branch-aware indexing and merge conflict resolution across multiple programming languages.

Setup Requirements

  • ⚠️Platform-Specific Native Binaries: Requires specific builds or pre-compiled binaries for FAISS, CUDA/Metal (for GPU acceleration), OpenVINO Model Server (OVMS), and Llama.cpp. These are OS/architecture/Node.js version dependent and can be complex to build manually.
  • ⚠️LLM/Embedding Server Dependencies: Full semantic and AutoDoc functionality requires external LLM/embedding providers (e.g., Ollama, TEI, vLLM, OVMS, Llama.cpp), often running as Docker containers or separate local server processes, sometimes requiring specific GPU drivers or hardware.
  • ⚠️Language Toolchains: Python 3+, Java JDK, Go compiler, Rust toolchain, C/C++ compilers (Clang) are needed for native parsers and type analysis (e.g., Pyright, JavaParser, Go AST tools).
  • ⚠️Network Access for Model Downloads: Initial setup may download large AI models from Hugging Face or or other repositories.
Verified SafeView Analysis
The server heavily relies on spawning external processes (Git, Python, Java, Kotlin, Go compilers/tools, Clang, Ollama, OVMS, Llama.cpp, ESLint, Pylint, etc.) for parsing, analysis, embedding generation, and language-specific operations. While inputs to these tools are generally validated (e.g., via Zod schemas for tool arguments), the extensive volume and complexity of external process interactions present an increased attack surface. Direct environment variable access (e.g., HF_TOKEN, OPENAI_API_KEY) is used for API keys, which is standard practice but requires secure environment setup. No obvious direct 'eval' or unsanitized user input execution for critical operations was found. The use of native binaries for performance (FAISS, CUDA/Metal) introduces platform-specific dependencies that need to be securely built or provided.
Updated: 2026-01-19GitHub
35
156
Low Cost

Controls Adobe Photoshop programmatically via Model Context Protocol (MCP) for AI assistants.

Setup Requirements

  • ⚠️🔴 WINDOWS OS ONLY: The server relies on Windows-specific COM interfaces and is not supported on macOS or Linux.
  • ⚠️Adobe Photoshop must be installed locally (tested with CC2017-2024 versions).
  • ⚠️Python 3.10 or higher is required.
Review RequiredView Analysis
The server's `execute_javascript` function, utilized by `create_solid_color_layer`, allows direct execution of arbitrary JavaScript code within Photoshop. This presents a critical security vulnerability, as a malicious actor or a compromised AI assistant could inject arbitrary code to perform unauthorized operations within Photoshop, manipulate local files, or potentially execute system commands on the host Windows machine, depending on Photoshop's scripting capabilities and system configurations. This is a form of remote code execution on the local machine.
Updated: 2025-12-19GitHub
35
5
Low Cost
ExpertVagabond icon

raycast-mcp-server

by ExpertVagabond

Sec3

Facilitates advanced Raycast workflow automation and integration with AI assistants on macOS by exposing Raycast and system functionalities as tools.

Setup Requirements

  • ⚠️Requires macOS operating system as it relies on AppleScript (`osascript`) and macOS-specific commands (`open -a Raycast`, `pmset`, `pbcopy`).
  • ⚠️Requires Raycast application to be installed and configured on the host system for core functionality.
  • ⚠️Requires various API keys/tokens (e.g., RAYCAST_API_KEY, GITHUB_TOKEN, NOTION_TOKEN) to be set as environment variables for full authentication and integration capabilities.
Review RequiredView Analysis
The server has critical security vulnerabilities. It directly executes shell commands (`execAsync`) with user-provided input in several tools (`raycast_extensions publish`, `raycast_search`, `raycast_clipboard copy`, `raycast_shortcut`). This exposes the server to: 1. Path traversal for arbitrary file reading (`raycast_extensions publish`) if `publish_path` is manipulated. 2. AppleScript/shell injection if inputs like `query`, `text`, or `custom_key` contain malicious characters that can break out of quoted strings within the `osascript` or `echo` commands. These vulnerabilities could allow an attacker (or a misbehaving AI) to execute arbitrary commands or read sensitive files on the host system. It is NOT safe to run without significant security fixes, including robust input sanitization and validation, or using safer execution methods that don't directly concatenate user input into shell commands.
Updated: 2026-01-13GitHub
PreviousPage 144 of 760Next