Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

53
97
Medium Cost
imbenrabi icon
Sec9

Enables AI assistants to access and analyze comprehensive financial data, stock information, company fundamentals, and market insights from Financial Modeling Prep.

Setup Requirements

  • ⚠️Requires a Financial Modeling Prep API Key (Paid API subscription often required for higher usage and advanced endpoints).
Verified SafeView Analysis
The server explicitly handles API keys via environment variables or session configuration, which are not hardcoded. It uses a dedicated HTTP client (`axios`) with `try-catch` blocks for API calls, preventing raw error leakage. API keys are sent as query parameters to the FMP API, which is standard for that service. Extensive registry testing suite suggests a focus on secure deployment and configuration validation.
Updated: 2026-01-15GitHub
53
104
Medium Cost
mvilanova icon
Sec8

Connects AI models (Claude, ChatGPT) with the Intervals.icu API to retrieve and manage athlete fitness data, including activities, events, and wellness metrics.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires an Intervals.icu API Key and Athlete ID, to be set in environment variables (e.g., .env file).
  • ⚠️Specific `mcp install` command is required for Claude Desktop integration.
Verified SafeView Analysis
The server uses environment variables for sensitive API keys, which is a good practice. It utilizes `httpx` for API communication and `FastMCP` for transport. No obvious hardcoded secrets or 'eval' statements were found. The main network risks arise from deployment choices, such as exposing the SSE transport publicly without additional authentication, as noted for ChatGPT integration, which requires careful handling outside the server's direct code.
Updated: 2025-12-01GitHub
53
29
Medium Cost
hypothesi icon

mcp-server-tauri

by hypothesi

Sec5

Enables AI assistants to build, test, and debug Tauri v2 applications by providing tools for UI automation, IPC monitoring, and backend state inspection.

Setup Requirements

  • ⚠️Requires an existing Tauri v2 application (not compatible with Tauri v1 or other frameworks).
  • ⚠️Requires explicit configuration of `withGlobalTauri: true` in `src-tauri/tauri.conf.json` for webview communication.
  • ⚠️Installation of `tauri-plugin-mcp-bridge` Rust crate and its registration in `src-tauri/src/main.rs` or `lib.rs` is mandatory.
Verified SafeView Analysis
The server's core functionality relies on executing arbitrary JavaScript (`window.eval()`) within the Tauri webview and exposing a WebSocket server that binds to all network interfaces (`0.0.0.0`) by default. These features are fundamental for UI automation and IPC interaction, but they introduce significant security risks if the server or the AI assistant interacting with it is compromised or misconfigured. While intended, users must be aware that an untrusted AI or malicious script could execute arbitrary code on their system or expose their application to remote access. The default binding to `0.0.0.0` should be reviewed and potentially restricted to `127.0.0.1` for local-only use cases.
Updated: 2026-01-15GitHub
53
128
Low Cost
minipuft icon

claude-prompts

by minipuft

Sec4

This server provides a hot-reloadable prompt engine with chains, quality gates, and structured reasoning for AI assistants, enhancing control over Claude's behavior in prompt workflows.

Setup Requirements

  • ⚠️Requires Node.js (v18-24) and npm for development and build.
  • ⚠️Requires Python 3 installed, as several core hooks are Python scripts.
  • ⚠️Requires Git for checkpoint functionality and development workflow (Husky hooks).
  • ⚠️If semantic analysis or LLM-based gates are enabled, an LLM API Key (e.g., `ANTHROPIC_API_KEY`, `OPENAI_API_KEY`, `GEMINI_API_KEY`) is required, which may be a paid service.
Review RequiredView Analysis
The server features allow for arbitrary code execution via user-defined scripts/tools (script-executor.ts) and shell verification commands (shell-verify-executor.ts) within prompts and gates. While internal safeguards like `SAFE_ENV_ALLOWLIST` are present to prevent credential leakage to subprocesses, these features inherently enable execution of arbitrary commands on the host machine. This poses a critical security risk if the server processes untrusted inputs (e.g., a malicious LLM-generated command) or runs in an unsandboxed environment. Users must exercise extreme caution and ensure all prompts and tools are fully trusted and audited, or operate the server within a secure, isolated sandbox.
Updated: 2026-01-18GitHub
53
84
Medium Cost
eunomia-bpf icon

schedcp

by eunomia-bpf

Sec3

Develop, evaluate, and dynamically manage custom eBPF-based CPU schedulers for Linux, particularly focusing on optimizing long-tail and memory-intensive workloads (like AI/ML, I/O, distributed processing).

Setup Requirements

  • ⚠️Requires Linux kernel 6.0+ with `sched_ext` support enabled (specific kernel configuration options like `CONFIG_BPF=y`, `CONFIG_SCHED_CLASS_EXT=y` are needed).
  • ⚠️Requires a full development toolchain including `clang`, `libbpf`, and `bpftool` for compiling eBPF programs.
  • ⚠️Extensive Python (e.g., `torch`, `pandas`, `psutil`) and C++ (e.g., `ffmpeg`, `libgit2`) dependencies are required for various workload benchmarks, making setup complex.
  • ⚠️The core server and CLI are written in Rust, requiring Rust toolchain (cargo) for building from source.
  • ⚠️Requires `sudo` privileges for loading and unloading eBPF schedulers, which is a significant operational requirement.
Review RequiredView Analysis
The server component (MCP) allows remote creation and compilation of new eBPF schedulers from provided source code. This is a critical remote code execution vulnerability if the input source code is not thoroughly sanitized and verified in a robust sandbox environment. Compiling and loading eBPF programs grants kernel-level privileges. While eBPF programs are subject to kernel verifier safety checks, logical flaws in custom schedulers could still lead to denial-of-service or unintended resource allocation that impacts system stability or fairness. The use of `LD_PRELOAD` in certain workload scripts (`ktransformers`) presents a high risk for arbitrary code injection, although this appears to be part of a specific workload's optimization rather than the core scheduler management. Running `sudo` commands for scheduler management (as indicated in `schedcp-cli run`) is inherent to kernel-level operations but elevates the risk if the `mcp` server or its client (`schedcp-cli`) is compromised.
Updated: 2026-01-17GitHub
53
83
Medium Cost
skanga icon

DBchat

by skanga

Sec9

Transforms a database into an intelligent conversational partner, enabling natural language queries, instant answers, and data visualizations via MCP clients.

Setup Requirements

  • ⚠️Requires Java Runtime Environment (JRE) installed locally.
  • ⚠️Requires the appropriate JDBC driver JAR for your target database to be in the classpath (e.g., MySQL, PostgreSQL).
  • ⚠️Needs network access and credentials to connect to the target database.
  • ⚠️Designed for interaction with Model Context Protocol (MCP) clients like Claude Desktop or Gemini-CLI, requiring client-side setup.
Verified SafeView Analysis
The server implements extensive security measures: input sanitization (SecurityUtils) for values and identifiers, strict query validation in 'selectOnly' mode blocking DDL/DML, parameterized query support (PreparedStatement) to prevent SQL injection, enforcement of max SQL length and max rows limits, and robust security warnings in all responses to clients. It logs critical security events for auditing. While CORS 'Access-Control-Allow-Origin: *' is set by default for local client integration, which is acceptable for a local MCP server, it would be a vulnerability in a public-facing deployment.
Updated: 2026-01-19GitHub
53
30
Medium Cost
SamMorrowDrums icon

remarkable-mcp

by SamMorrowDrums

Sec7

Integrates a reMarkable tablet as a 'second brain' for AI assistants, allowing AI tools to read, search, and process handwritten notes via OCR.

Setup Requirements

  • ⚠️Requires 'Developer Mode' enabled on reMarkable tablet for SSH access (this factory resets the device).
  • ⚠️SSH access requires the reMarkable to be connected via USB, or configured for WiFi network access.
  • ⚠️Handwriting OCR is best with a Google Vision API Key (paid after 1,000 free requests/month), or falls back to Tesseract OCR which has 'poor for handwriting' results.
  • ⚠️Cloud API mode (alternative to SSH) requires a reMarkable Connect subscription.
  • ⚠️Password-based SSH authentication (not recommended) requires `sshpass` to be installed on the host system.
Verified SafeView Analysis
The server uses `subprocess.run` to interact with SSH and local `rmc`/`inkscape` binaries, which inherently carries some risk. However, arguments appear to be safely quoted and `shell=True` is not used. User-provided paths are passed directly, but typically resolve against the reMarkable filesystem. The `REMARKABLE_SSH_PASSWORD` environment variable, while optional, allows plain-text password usage via `sshpass`, which is insecure and explicitly warned against in the documentation. Authentication tokens (`REMARKABLE_TOKEN`, `GOOGLE_VISION_API_KEY`) are expected via environment variables or a local file (`~/.rmapi`), which is standard practice. All tools are explicitly read-only, limiting potential for data modification or deletion.
Updated: 2026-01-19GitHub
53
117
Medium Cost
sammcj icon

mcp-devtools

by sammcj

Sec9

A high-performance MCP server providing a unified interface to essential developer tools, featuring OAuth 2.0/2.1 authorization and a multi-layered security framework.

Setup Requirements

  • ⚠️Many advanced tools (e.g., filesystem, docprocessing, agent tools) are disabled by default and require explicit enablement via 'ENABLE_ADDITIONAL_TOOLS'.
  • ⚠️Specific tools like 'code_rename' and 'document_processing' require external dependencies like Language Server Protocol (LSP) servers (e.g., gopls, pyright) or Python 3.10+ with the Docling library ('pip install docling').
  • ⚠️Agent tools (Claude, Codex, Gemini, Copilot, Kiro) require their respective command-line interfaces to be installed and authenticated separately.
  • ⚠️Several tools (Internet Search, Package Docs, GitHub) require API keys or tokens for full functionality, which are configured via environment variables.
Verified SafeView Analysis
The project demonstrates a strong focus on security, implementing a comprehensive, configurable security framework (`docs/security.md`) with explicit access controls, content analysis, and an override system. It utilizes security helper functions for safer HTTP and file operations, and actively sanitizes sensitive data in observability traces. Agent tools and filesystem access are explicitly disabled by default and require careful user configuration due to their inherent risks, which are well-documented. Potentially dangerous functions in tools like Excel are blocked. The primary risks stem from potential user misconfiguration or failure to follow documented security best practices.
Updated: 2026-01-18GitHub
53
56
High Cost
saidsurucu icon

ihale-mcp

by saidsurucu

Sec3

Provides an MCP server to access Turkish public tender data (EKAP v2) and official government announcements (ilan.gov.tr) for LLM applications and other clients.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer (as per `pyproject.toml`).
  • ⚠️Relies on `uv` for easy installation of Python packages, which needs to be installed separately.
  • ⚠️Windows users may need Microsoft Visual C++ Redistributable for Python package compatibility.
  • ⚠️Legacy EKAP endpoints for Direct Procurement might require session cookies; the client attempts to 'warm-up' to acquire them, but this could lead to intermittent issues or require manual cookie provision in some cases.
Review RequiredView Analysis
The `ihale_client.py` explicitly disables SSL certificate verification (`ssl_context.check_hostname = False`, `ssl_context.verify_mode = ssl.CERT_NONE`) for HTTP requests to EKAP. This is a critical security vulnerability, making the client susceptible to Man-in-the-Middle (MitM) attacks where an attacker could intercept or tamper with communication. It also attempts 'warm-up' requests to obtain session cookies, which combined with disabled SSL verification, amplifies risks. There are no obvious hardcoded secrets, obfuscation, or other malicious patterns in the provided code, but the SSL issue is severe.
Updated: 2025-11-27GitHub
52
144
High Cost
xiesx123 icon

CreatorBox

by xiesx123

Sec2

A comprehensive AI-powered toolbox for video editing, dubbing, and content creation, including features like video inpainting, subtitle extraction, vocal separation, and text-to-speech.

Setup Requirements

  • ⚠️External VPN/Proxy required for installation and operation to access online resources and APIs.
  • ⚠️Avoid installation paths with non-ASCII (e.g., Chinese) characters or spaces to prevent unexpected issues.
  • ⚠️Multiple external API keys (e.g., OpenAI, Gemini, AzureTTS, Elevenlabs, Huggingface) are required for full functionality, some of which may incur costs.
Review RequiredView Analysis
The Python source code is heavily obfuscated using Pyarmor (as indicated by '# Pyarmor 9.1.2 (trial)' headers in many files). This makes it impossible to perform a reliable security audit for malicious code, backdoors, or vulnerabilities, severely reducing transparency and trust. Standard network calls (e.g., socket.io, HTTP POST) are present but their destinations and payloads are not verifiable. External API keys are handled via environment variables, which is good practice, but the obfuscation prevents verifying their secure handling within the application logic.
Updated: 2026-01-14GitHub
52
97
Medium Cost
cbcoutinho icon
Sec6

Transforms a Nextcloud instance into a semantic intelligence engine, providing AI agents and semantic search capabilities.

Setup Requirements

  • ⚠️Hardcoded `TOKEN_ENCRYPTION_KEY` in example Docker Compose files: MUST be replaced with a securely generated and managed key for production.
  • ⚠️Requires external dependencies for full functionality: Nextcloud, Redis, MariaDB (for Nextcloud itself), Qdrant (vector database), and an embedding model service (e.g., Ollama or cloud provider).
  • ⚠️OAuth2/OIDC authentication is 'experimental' and requires manual patching of a Nextcloud app (`user_oidc`), posing significant integration and security challenges.
Verified SafeView Analysis
The `docker-compose.yml` examples contain hardcoded sensitive credentials like `MYSQL_ROOT_PASSWORD`, `NEXTCLOUD_ADMIN_PASSWORD`, and critically, a `TOKEN_ENCRYPTION_KEY`. The hardcoded encryption key is a significant security vulnerability if used in a production environment, as it would compromise the security of all stored refresh tokens and app passwords. OAuth2/OIDC support is explicitly marked as 'experimental' and requires a manual patch to a Nextcloud app, indicating potential instability or incomplete security measures. Rate limiting is implemented for app password provisioning to mitigate brute-force attacks.
Updated: 2026-01-19GitHub
52
91
Medium Cost

remote-mcp-functions

by Azure-Samples

Sec1

Provides remote utilities or services for Minecraft Coder Pack (MCP) development environments.

Review RequiredView Analysis
No code or detailed documentation available for security audit (README truncated: 404 Not Found). Cannot assess for 'eval' usage, code obfuscation, or potential network risks.
Updated: 2025-11-18GitHub
PreviousPage 51 of 760Next