Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

49
56
Medium Cost
UI5 icon
Sec7

Provides an interface for AI agents to assist with UI5 application development, including scaffolding, linting, API reference lookup, and manifest validation.

Setup Requirements

  • ⚠️Requires Node.js v20.17.0, v22.9.0 or higher.
  • ⚠️Requires npm v8.0.0 or higher.
  • ⚠️Requires an MCP client (e.g., VS Code with MCP extension, Cline).
  • ⚠️Connecting to OData V4 services outside of 'localhost' or 'services.odata.org' requires configuring the 'UI5_MCP_SERVER_ALLOWED_ODATA_DOMAINS' environment variable.
Verified SafeView Analysis
The server executes external commands (npm install, git init) via 'execa' and fetches resources from external URLs (UI5 CDN, npm registry, OData services). Input validation and an OData domain allow list are in place to mitigate risks. However, executing external commands and fetching untrusted content from the internet always carries inherent security risks if inputs are not carefully controlled or external resources are compromised. Explicit environment variables can disable structured content or resources in responses, and adjust logging verbosity.
Updated: 2026-01-19GitHub
49
80
Medium Cost
Power-Agent icon

PowerMCP

by Power-Agent

Sec5

Facilitating AI (LLM) interaction with various power system simulation and analysis software for tasks like power flow, dynamic simulation, contingency analysis, and optimization.

Setup Requirements

  • ⚠️The PSSE server requires Python 2.7, which is an end-of-life version and difficult to manage/install alongside modern Python environments.
  • ⚠️The ANDES server has a hardcoded `STORE_DIR` path in `andes_mcp.py` that *must* be changed to a valid local directory before use.
  • ⚠️Requires installation of specific commercial/open-source power system software (e.g., PSSE, PowerWorld, LTSpice, PyPSA, Egret, pandapower, ANDES) and their respective Python APIs or compatibility layers (e.g., Wine for LTSpice on Linux/macOS).
  • ⚠️MCPHost or an MCP-compatible LLM client (e.g., Claude Desktop, Cursor) is required to interact with the server.
Review RequiredView Analysis
The server architecture relies on `subprocess` calls to interact with external power system software (e.g., PSSE, LTSpice, PowerWorld). While necessary for its function, this always introduces a potential for command injection if inputs are not thoroughly sanitized, though some input validation is present for file paths. A significant security risk lies with the `PSSE` integration, which explicitly requires and uses Python 2.7, an end-of-life version with known security vulnerabilities. Additionally, `ANDES/andes_mcp.py` contains a hardcoded `STORE_DIR` (e.g., `C:\Users\ibm\Documents\GitHub\PowerMCP\ANDES`), which is insecure and highly platform-dependent, necessitating manual modification by the user and potentially leading to unexpected file access issues if not correctly set.
Updated: 2026-01-14GitHub
49
39
High Cost
JochenYang icon

luma-mcp

by JochenYang

Sec8

Provides multi-model vision understanding capabilities to AI assistants that lack native image understanding.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0
  • ⚠️Requires an API Key for at least one vision model provider (Zhipu, SiliconFlow, Aliyun, Volcengine); DeepSeek-OCR (SiliconFlow) is free, others are paid.
  • ⚠️The `sharp` image processing library might require native build tools depending on the system, though `npm install` typically handles it.
Verified SafeView Analysis
The server uses environment variables for API keys, which is good practice. Logging is redirected to stderr and a local file, preventing stdout pollution. Image processing relies on `sharp`, a widely used library. Local file access is limited to specified image paths and log files. However, `validateImageSource` does not explicitly validate the size of remote image URLs or Data URIs before passing them to external AI models. This could potentially lead to higher costs or performance issues if very large images from untrusted sources are processed by the upstream LLMs.
Updated: 2026-01-06GitHub
49
77
Medium Cost
vantage-sh icon

vantage-mcp-server

by vantage-sh

Sec9

Enable natural language exploration of cloud costs via Model Context Protocol (MCP) clients.

Setup Requirements

  • ⚠️Requires a Vantage API Token with access to at least one connected cloud provider (AWS, Azure, Google Cloud, etc.).
  • ⚠️Deployment in remote (HTTP) mode as a Cloudflare Worker requires a Cloudflare account and the Wrangler CLI.
  • ⚠️OAuth authentication in remote mode requires extensive Auth0 configuration (Client ID, Secret, Domain, Scopes, Audience, Callback URL).
Verified SafeView Analysis
The server utilizes Zod for robust input validation on all tool arguments, significantly reducing injection vulnerabilities. Secrets are managed via environment variables (e.g., VANTAGE_TOKEN, AUTH0_CLIENT_ID) rather than being hardcoded. The OAuth flow implements CSRF protection and PKCE. API calls are directed to a configurable VANTAGE_API_HOST and include User-Agent headers for traceability. Error handling distinguishes between internal errors and user-facing MCPUserError messages.
Updated: 2026-01-14GitHub
49
44
High Cost
esaio icon
Sec9

Integrate AI assistants with esa.io for comprehensive document management, enabling programmatic reading, creation, updating, and organization of posts, comments, and team information.

Setup Requirements

  • ⚠️Requires `ESA_ACCESS_TOKEN` environment variable with specific API scopes (`read write` or granular permissions like `admin:comment read:post`) for esa.io API authentication. PAT v2 is recommended.
  • ⚠️Requires Node.js runtime version `>=20.19.4` as specified in the `package.json` engines field.
  • ⚠️If not using Docker, ensure `npx` (and a compatible Node.js installation) is correctly set up and accessible in your system's PATH, as indicated in the README's npx example.
Verified SafeView Analysis
The server securely handles credentials by requiring the `ESA_ACCESS_TOKEN` via environment variables. Input validation is robustly implemented using Zod schemas for all tool parameters, significantly reducing common injection vulnerabilities. Attachment handling (`esa_get_attachment`) is implemented with security in mind, offering base64 encoding only for small, supported image types and returning signed URLs for other files or larger images, thus avoiding direct file serving risks. No usage of `eval`, code obfuscation, or other direct malicious patterns were detected. Minor logging is done via `console.error`, which is acceptable but could be replaced with a more structured logging solution for high-volume production environments.
Updated: 2026-01-16GitHub
49
71
Medium Cost
ztxtxwd icon
Sec8

Remote Model Context Protocol (MCP) server for integrating AI clients with Feishu functionalities, leveraging Feishu OAuth for secure user authentication and Cloudflare Workers for global distribution.

Setup Requirements

  • ⚠️Requires a Cloudflare account for deployment.
  • ⚠️Requires a Feishu Open Platform account to create an application and configure OAuth.
  • ⚠️Requires the `wrangler` CLI for deployment and managing secrets/KV namespaces.
  • ⚠️Requires Node.js 18+ and npm for local development.
Verified SafeView Analysis
The server uses standard OAuth 2.1 practices with Feishu, securely handles client secrets via environment variables, and encrypts/signs cookies using a provided encryption key. Secrets are loaded from the Cloudflare Workers `env` object. Custom handlers utilize `userAccessToken` for making API calls on behalf of the user, which is expected. A third-party service `https://svg-to-png.tapeless.eu.org` is used for SVG conversion, which introduces an external dependency for certain media handling functionalities. Manual rate limiting is implemented for some document patch operations.
Updated: 2026-01-15GitHub
49
79
Low Cost
cswkim icon
Sec9

MCP Server for the Discogs API, enabling music catalog operations, search functionality, and more.

Setup Requirements

  • ⚠️Requires a Discogs Personal Access Token (DISCOGS_PERSONAL_ACCESS_TOKEN) for API access, which must be set in an environment variable.
  • ⚠️Requires Node.js (v20.x.x recommended, v18.x.x compatible) to run locally.
  • ⚠️The default `per_page` for API responses is set to 5 to accommodate clients with limited context windows, potentially requiring explicit overrides for more data.
Verified SafeView Analysis
The server demonstrates strong security practices including extensive input validation using Zod schemas for all tool parameters, which mitigates common injection vulnerabilities. Custom error handling prevents excessive information disclosure. The `DISCOGS_PERSONAL_ACCESS_TOKEN` is mandated via environment variables and users are explicitly warned against sharing it. Network host binding is configurable, allowing restriction to localhost. The project actively manages dependencies, as evidenced by explicit `pnpm` overrides for known vulnerabilities in `glob`, `hono`, `js-yaml`, and `qs`. The use of a forked `dotenv` is noted to prevent stdout logging conflicts, indicating a functional, non-malicious purpose. While an older `node-fetch` version is present in dependencies, the server's core `DiscogsService` leverages the native `fetch` API in Node.js (which uses `undici` in Node.js 18+), reducing reliance on the potentially vulnerable `node-fetch` package.
Updated: 2026-01-17GitHub
49
76
Medium Cost
grafana icon

loki-mcp

by grafana

Sec8

A Go-based server that implements the Model Context Protocol (MCP) to integrate Grafana Loki log querying capabilities with AI agents like Claude Desktop or n8n.

Setup Requirements

  • ⚠️Requires Go 1.16+ to build and run from source.
  • ⚠️Requires an accessible Grafana Loki instance (e.g., via Docker Compose) to query log data.
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop, n8n, or the provided `loki-mcp-client`) to interact with the server.
Verified SafeView Analysis
The server uses standard Go libraries for HTTP requests and URL parsing, which correctly handles parameter escaping and mitigates common injection vulnerabilities. It retrieves sensitive credentials (Loki URL, authentication details, organization ID) from environment variables or request parameters, adhering to best practices for secret management. The README explicitly warns users about securing these credentials. No 'eval' or other dangerous dynamic code execution patterns were found. The primary security consideration for users is the safe handling of their `LOKI_USERNAME`, `LOKI_PASSWORD`, or `LOKI_TOKEN` environment variables outside of the application.
Updated: 2026-01-19GitHub
49
18
High Cost
possible055 icon

relace-mcp

by possible055

Sec9

Provides AI-powered code editing and intelligent codebase exploration using a Language Server Protocol (LSP) interface.

Setup Requirements

  • ⚠️Requires a Relace API Key (paid service) if using Relace as a provider or enabling cloud tools (`RELACE_CLOUD_TOOLS=1`).
  • ⚠️Relies on external system tools like `uv` (for dependency management/execution), `git`, and `ripgrep` (for efficient search). The `bash` tool is only available on Unix/macOS.
  • ⚠️Python 3.11+ is required for execution.
Verified SafeView Analysis
The server implements robust security measures, particularly for its 'bash' tool, which uses extensive blacklisting (e.g., `rm`, `sudo`, `curl`, `eval`, `exec`, pipes, redirects) and whitelisting for safe commands (e.g., `ls`, `cat`, `grep`, read-only `git` subcommands). Path validation prevents traversal attacks and access outside the designated base directory. Symlink following is blocked for dangerous commands. Network access is restricted to configured LLM/Relace API endpoints. File operations are generally confined and validated. While the 'bash' tool inherently introduces more risk, the implementation makes a strong effort to mitigate it, earning a high score.
Updated: 2026-01-19GitHub
49
71
High Cost
hridaya423 icon

conductor-tasks

by hridaya423

Sec7

Conductor Tasks acts as an intelligent AI-powered assistant for developers, streamlining the entire development lifecycle from task generation and planning (parsing PRDs, expanding tasks, generating implementation steps) to execution and code modification (generating diffs). It provides visual task management, integrates with various IDEs, and leverages multiple LLM providers for optimal results and cost efficiency.

Setup Requirements

  • ⚠️Requires Node.js >=18.0.0.
  • ⚠️Requires at least one LLM API key (e.g., OPENAI_API_KEY, ANTHROPIC_API_KEY) for AI features, which typically incur costs.
  • ⚠️For Ollama support, a local Ollama server must be running.
  • ⚠️For full IDE integration, an editor supporting Model Control Protocol (MCP) like Cursor is required.
Verified SafeView Analysis
The server uses environment variables for all API keys, avoiding hardcoded secrets. It performs extensive file system operations for task management, project analysis, and IDE configuration, which are handled with logging and error checking. The 'propose-diff' command can directly modify local files based on LLM-generated diffs; while this is a core function of an AI coding agent, it poses an inherent risk if the LLM generates malicious or unintended code changes. The 'originalHash' parameter for 'propose-diff' is a good mitigation against applying diffs to modified files, but it's optional and doesn't protect against malicious LLM output itself. No 'eval()' or obvious obfuscation was found in the provided code. Network calls are primarily secure HTTPS connections to LLM providers.
Updated: 2026-01-13GitHub
49
60
Medium Cost
docdyhr icon

mcp-wordpress

by docdyhr

Sec9

AI-driven SEO optimization and comprehensive management for WordPress sites via a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires an active WordPress instance accessible via REST API.
  • ⚠️Authentication (App Passwords, JWT, Basic, API Key) requires prior setup and configuration within WordPress.
  • ⚠️AI-driven SEO features (e.g., `seo.generate_meta`, content analysis) will incur costs from external Large Language Model (LLM) providers and require additional API keys/endpoints.
  • ⚠️Advanced features like multi-level caching (Redis) and background job processing (Action Scheduler) may require additional infrastructure or a companion WordPress plugin.
Verified SafeView Analysis
The server demonstrates a strong focus on security. It uses environment variables for sensitive data (e.g., WordPress credentials, JWT secrets) and includes explicit redaction for logs. Input validation is performed using Zod schemas and custom validators (`ParameterValidatorImpl`, `InputValidator`). It has a dedicated `src/security` directory with modules for AI-driven vulnerability scanning, automated remediation, code review, and security monitoring, indicating a proactive approach. Network-related code (`WordPressClient`, `ComposedRequestManager`) handles timeouts, retries, and rate limiting. The `validateAndSanitizeUrl` function prevents common URL-based attacks and private IP/localhost access in production. Potential risks are primarily tied to WordPress itself (plugin vulnerabilities) or misconfiguration, rather than inherent flaws in the server's code, but this is mitigated by robust configuration validation and security features.
Updated: 2026-01-16GitHub
49
55
Medium Cost
apache icon

echarts-mcp

by apache

Sec8

Generates Apache ECharts visualizations based on LLM-provided parameters and uploads them to a cloud storage service, returning the image URL.

Setup Requirements

  • ⚠️Requires a Baidu BCE (BOS) account and configuration for cloud image storage.
  • ⚠️Requires Node.js v18.12.0+ or >=v20.9.0 due to the 'canvas' dependency's engine requirements.
Verified SafeView Analysis
Input chart data undergoes basic structural validation (e.g., array checks). Cloud storage credentials (Baidu BOS) are correctly sourced from environment variables, which is good practice for secrets management. Image generation and temporary file handling for upload appear standard. No 'eval' or direct arbitrary command execution from user input was identified within the provided source code. A potential attack surface could exist if highly malicious ECharts 'data' could exploit the 'canvas' rendering engine, but this is a general library risk rather than a specific vulnerability in the server's input handling.
Updated: 2026-01-18GitHub
PreviousPage 58 of 760Next