Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

55
1
Medium Cost

starter-mcp-server

by bravo-box

Sec6

A starter kit for developing and deploying serverless functions or microservices across multiple cloud providers, exemplified by a chat application.

Setup Requirements

  • ⚠️Requires cloud provider accounts (e.g., AWS, GCP, Azure) and associated credentials.
  • ⚠️May require specific Infrastructure as Code (IaC) tools (e.g., Terraform, Pulumi) for infrastructure deployment.
  • ⚠️Docker might be required for local development or containerized deployments.
Review RequiredView Analysis
Without access to the code or a complete README, specific vulnerabilities cannot be identified. As a 'server' and 'function' platform, it inherently carries potential risks related to insecure defaults, network exposure, and the execution environment for user-defined functions.
Updated: 2025-11-18GitHub
55
156
Medium Cost
cyanheads icon

git-mcp-server

by cyanheads

Sec8

A Model Context Protocol (MCP) server that provides Git-specific tools and resources for AI/LLM agents to interact with version control systems.

Setup Requirements

  • ⚠️Requires the Git CLI (binary `git`) to be installed on the system and available in the PATH for the default `CliGitProvider`.
  • ⚠️Requires `OPENROUTER_API_KEY` to be set for interaction with Large Language Models (LLMs), which is a paid service.
  • ⚠️Authentication (if `MCP_AUTH_MODE` is 'jwt' or 'oauth') requires additional environment variables like `MCP_AUTH_SECRET_KEY`, `OAUTH_ISSUER_URL`, and `OAUTH_AUDIENCE` for secure operation, especially in a production environment. The default `MCP_AUTH_MODE` is 'none', which disables authentication.
  • ⚠️If speech capabilities are enabled (`SPEECH_TTS_ENABLED` or `SPEECH_STT_ENABLED`), API keys for ElevenLabs (`SPEECH_TTS_API_KEY`) and/or OpenAI Whisper (`SPEECH_STT_API_KEY`) are required, which are paid services.
Verified SafeView Analysis
The server demonstrates strong security awareness, implementing detailed path sanitization (`sanitizePath` to prevent directory traversal and enforce `GIT_BASE_DIR`), robust authentication via JWT/OAuth, and scope-based authorization. Critical secrets are loaded from environment variables. Direct execution of native Git CLI commands (via `CliGitProvider`) is a potential attack surface, but the codebase uses a command builder with argument validation and a `SAFE_GIT_OPTIONS` set, significantly mitigating risks. A 'development mode' bypass for authentication is present for convenience, but the `JwtStrategy` explicitly warns and enforces `MCP_AUTH_SECRET_KEY` in production, which is good practice. Proper configuration of `MCP_AUTH_MODE` and `GIT_BASE_DIR` is crucial for production deployments.
Updated: 2025-12-13GitHub
55
1
Medium Cost
yasg1988 icon
Sec9

Provides educational data (schedules, grades, homework) from Dnevnik.ru API to AI assistants via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires manual Dnevnik.ru OAuth token acquisition through a browser.
  • ⚠️Requires manual identification and configuration of `person_id`, `school_id`, and `group_id`.
Verified SafeView Analysis
The server uses environment variables or a config file for API tokens, which is a good security practice. It interacts with an external API via `aiohttp.ClientSession` and doesn't expose any direct network interfaces, communicating through standard I/O (stdio_server). There are no 'eval' or obvious malicious patterns. The `set_attendance` tool is described in the README but not implemented in the provided code, which is a minor inconsistency but not a security risk.
Updated: 2025-12-06GitHub
55
1
Medium Cost
Etude-Labs icon
Sec9

An IDE-agnostic MCP server that exposes project rules and workflows as MCP resources, providing consistent development guidelines to AI coding tools.

Setup Requirements

  • ⚠️Requires .NET 9 SDK
  • ⚠️Docker required for containerized deployment
  • ⚠️External authentication/TLS handling required for HTTP endpoints in production
Verified SafeView Analysis
The server adheres to a clean architecture and has explicit mitigations for common risks like path traversal. It runs as a non-root user in Docker. HTTP transport does not include built-in authentication or TLS, expecting these to be handled by upstream infrastructure (e.g., API gateway, ingress, load balancer). Configuration and rule files are recommended to be mounted as read-only.
Updated: 2025-12-03GitHub
55
33
Medium Cost
jraylan icon

seamless-agent

by jraylan

Sec9

Empowers AI agents within GitHub Copilot Chat (or similar LM clients) to seek interactive user confirmation and feedback via specialized tools (ask_user, plan_review, walkthrough_review) before executing actions, ensuring user control.

Setup Requirements

  • ⚠️Requires VS Code 1.104.0+ and GitHub Copilot Chat extension.
  • ⚠️If integrating with Antigravity IDE, Node.js must be installed and in the system PATH for the `seamless-agent-mcp.js` CLI tool.
  • ⚠️Local API authentication relies on a dynamically generated bearer token, which might require troubleshooting if misconfigured during Antigravity integration.
Verified SafeView Analysis
The HTTP API service binds exclusively to localhost (127.0.0.1) and employs a randomly generated bearer token for authentication, utilizing `crypto.timingSafeEqual` to prevent timing attacks. CORS is explicitly disabled. Image attachments undergo magic number validation to mitigate spoofed file types. No direct `eval` or obfuscation is present. The primary security risk would stem from a compromised VS Code environment itself, rather than the extension's internal mechanisms.
Updated: 2026-01-08GitHub
55
1
Medium Cost
Sec6

This server implements the Model Context Protocol, likely for managing and serving contextual data and interactions for AI models.

Setup Requirements

  • ⚠️Requires `uv` package manager for dependency resolution and environment setup, as indicated by `uv.lock` and `pyproject.toml`.
  • ⚠️A specific Python version is required, as specified in the `.python-version` file.
Review RequiredView Analysis
A deep security audit is not possible without access to the actual code. File names suggest a standard Python server structure using a modern dependency management system. No obvious signs of 'eval' or obfuscation were found from the file names alone. General network risks associated with any server application should be considered, but no specific vulnerabilities can be identified without code inspection.
Updated: 2025-11-17GitHub
55
1
High Cost
fxrrysalim icon

rbx-mcp-engine

by fxrrysalim

Sec5

Provides a high-performance, WebSocket-based bridge for AI agents to interact with and control Roblox Studio in real-time.

Setup Requirements

  • ⚠️Requires Roblox Studio to be installed on the machine.
  • ⚠️The 'rbx-studio-mcp.exe' executable must be downloaded and its path specified in the AI client's MCP configuration.
  • ⚠️Requires configuration of an external MCP-compatible AI client (e.g., Claude, Cursor, Windsurf).
Verified SafeView Analysis
The primary security consideration is the `run_code` tool, which allows AI agents to execute arbitrary Luau code within Roblox Studio with 'God Mode' privileges. While this is an advertised core feature enabling deep engine access and control, it inherently presents a significant risk if the AI agent or its prompts are compromised. The server communicates with the AI client via standard I/O (stdio JSON-RPC) and with Roblox Studio via a localhost-bound WebSocket (port 44755), limiting external network attack surface. No hardcoded secrets or obvious malicious patterns were found in the provided source.
Updated: 2025-12-01GitHub
55
1
Low Cost
pand40x icon

crypto-mcp

by pand40x

Sec9

Provides real-time and historical cryptocurrency data to LLM applications, using Binance as the primary source and CoinMarketCap as a fallback.

Setup Requirements

  • ⚠️Requires CoinMarketCap API keys for fallback functionality, which must be obtained and configured in a .env file.
  • ⚠️The MCP client configuration requires the absolute path to the 'build/index.js' file, which can be a common point of error.
  • ⚠️Node.js v20.0.0 or higher is required.
Verified SafeView Analysis
The server uses environment variables for API keys and `zod` for input validation, which are good security practices. It avoids hardcoding secrets and utilizes public API endpoints where possible. No 'eval' or other directly dangerous functions are used. Symbol normalization helps prevent injection. The overall design prioritizes robustness and security within its operational scope.
Updated: 2025-11-29GitHub
55
1
Medium Cost
Sec9

Facilitates AI agent-driven UI test generation and execution for Next.js applications using Playwright, returning test artifacts and summaries.

Setup Requirements

  • ⚠️Requires 'pnpm' for dependency management.
  • ⚠️Requires Playwright and its browser dependencies to be installed separately via 'pnpm dlx playwright install --with-deps'.
  • ⚠️Requires a Node.js runtime environment to execute the server.
Verified SafeView Analysis
The server generates Playwright specs based on structured 'goals.md' input and executes them locally using `npx playwright test`. While Playwright interacts with browser processes and the local filesystem for artifacts, there's no evident use of 'eval' or direct arbitrary code execution from untrusted sources within the server logic itself. The primary security consideration lies in the potential for a malicious 'goals.md' file to craft Playwright actions that could perform undesirable operations, but this assumes the agent (and thus the user) provides such input.
Updated: 2025-11-17GitHub
55
1
Medium Cost
khaoss85 icon

arvo-mcp

by khaoss85

Sec9

Connects AI assistants to Arvo's AI fitness coach to access and manage workout data, personal records, and training plans via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires an Arvo account and API key from arvo.guru (external service).
  • ⚠️Requires Node.js 18+ to run.
  • ⚠️Requires manual configuration in the AI client's settings (e.g., modifying claude_desktop_config.json or Cursor MCP settings).
Verified SafeView Analysis
The server acts as a proxy for the Arvo API, correctly using HTTPs and bearer token authentication via an environment variable (ARVO_API_KEY). The API key is not hardcoded and is validated on startup. No 'eval' or other direct code injection vulnerabilities were found in the provided server code. Security heavily relies on the upstream Arvo API and the user's secure handling of their API key locally. The project provides a detailed SECURITY.md, indicating a responsible approach to security.
Updated: 2026-01-19GitHub
55
163
Medium Cost
meilisearch icon

meilisearch-mcp

by meilisearch

Sec7

Connect LLMs to Meilisearch for natural language interaction and management of search indices and data.

Setup Requirements

  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires a running Meilisearch instance (e.g., Docker container on port 7700).
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop or OpenAI agents) for interaction.
Verified SafeView Analysis
The server allows dynamic updates to Meilisearch connection settings (URL and API key) via MCP tools like `update-connection-settings`. While convenient for development, the README warns this approach does not follow best MCP security practices for production without proper safeguards. A compromised LLM agent could potentially redirect the Meilisearch connection to a malicious instance or expose/change the API key. There are no immediate signs of 'eval', obfuscation, or hardcoded secrets within the provided source code. API keys are masked in output logs.
Updated: 2026-01-09GitHub
55
1
High Cost
QwQzy icon

searcher

by QwQzy

Sec5

Provides a Model Context Protocol (MCP) server for aggregating and extracting information from search engines like Bing using Playwright for web scraping.

Setup Requirements

  • ⚠️Requires Python 3.12
  • ⚠️Requires manual Playwright Chromium installation via `playwright install chromium`
  • ⚠️The `bing_cn_detail` tool could expose the server to Server-Side Request Forgery (SSRF) if publicly accessible without proper input validation or firewall rules.
Verified SafeView Analysis
The `bing_cn_detail` tool allows fetching content from arbitrary URLs. If this MCP server is exposed to untrusted external input, it could be exploited for Server-Side Request Forgery (SSRF) to scan internal networks or access internal resources. The client-side `json.loads` on user input in `client.py` is a potential risk for the client environment, though Pydantic validation on the server side mitigates direct injection vulnerabilities for tool parameters. The `headless=False` mode and `slow_mo` for Playwright are not security risks but indicate a non-production-ready setup that might consume more resources or be unsuitable for server deployments without display environments.
Updated: 2025-12-06GitHub
PreviousPage 46 of 760Next