Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

47
60
Low Cost
grafana icon

loki-mcp

by grafana

Sec9

A Go-based server implementation for the Model Context Protocol (MCP) enabling AI agents to query Grafana Loki log data.

Setup Requirements

  • ⚠️Requires a running Grafana Loki instance for log data.
  • ⚠️Requires an MCP-compatible client (e.g., Claude Desktop, Cursor, n8n, or the provided `loki-mcp-client`) to interact with the server.
  • ⚠️Relies heavily on environment variables for configuration, especially for Loki connection details and authentication, which need careful management.
Verified SafeView Analysis
The server correctly retrieves sensitive authentication details (URL, Org ID, Username, Password, Token) from environment variables or tool arguments, rather than hardcoding. It uses standard HTTP headers for authentication (Bearer token or Basic Auth). The `README` includes a critical security note advising caution against exposing credentials in logs or config files. All URL construction uses `url.PathEscape` to prevent injection. No 'eval' or malicious patterns were found. The primary security consideration for operators is the secure management of the environment variables used to pass credentials.
Updated: 2025-12-04GitHub
47
59
Low Cost
mcp-wp icon

mcp-server

by mcp-wp

Sec7

This plugin implements a Model Context Protocol (MCP) server for WordPress, exposing WordPress's data and functionality through its REST API to AI clients.

Setup Requirements

  • ⚠️Requires PHP 8.2+
  • ⚠️Requires WordPress 6.7+
  • ⚠️Composer dependencies must be installed (`logiscape/mcp-sdk-php`)
Verified SafeView Analysis
The server leverages WordPress's authentication mechanisms (user login or application passwords) for API access, which is a strong security practice. It uses `logiscape/mcp-sdk-php` for JSON-RPC message handling, delegating core protocol parsing security to the SDK. The `RestController` includes `Access-Control-Allow-Origin: *` header, noted as a 'workaround for MCP Inspector', which can be a security risk (e.g., CSRF vulnerability) if not strictly controlled or intended for production. The `MediaManager::upload_to_media_library` function accepts a `$media_path` parameter directly, which could be a vulnerability if an MCP tool exposes this functionality without robust sanitization of the path. The `RestApi::rest_callable` function dynamically constructs REST API routes and dispatches requests, relying on WordPress's internal API validation for safety.
Updated: 2025-12-01GitHub
47
59
High Cost
wise-vision icon

ros2_mcp

by wise-vision

Sec6

Enables AI tooling to connect with ROS 2 nodes, topics, and services using the Model Context Protocol (MCP) for robotics development and debugging.

Setup Requirements

  • ⚠️Requires ROS 2 (Humble or later) installed on the host or within the Docker container.
  • ⚠️Requires Docker installed and running for standard deployment.
  • ⚠️Interaction requires an MCP-compatible client (e.g., Visual Studio Code Copilot, Claude Desktop, WARP).
  • ⚠️Custom messages and prompts require specific local folder setup and `colcon build` if not using pre-built Docker images.
Verified SafeView Analysis
The server dynamically loads Python modules for custom prompts using `importlib.import_module` from paths specified by environment variables (`MCP_PROMPTS_PATH`) or CLI arguments. If `MCP_PROMPTS_LOCAL` is enabled and `MCP_PROMPTS_PATH` points to an untrusted directory or module, this could lead to arbitrary code execution. Users must exercise extreme caution when configuring custom prompt paths. Additionally, template rendering for prompts uses `str.format`, which could be susceptible to information disclosure if malicious templates are introduced.
Updated: 2025-12-10GitHub
47
24
Medium Cost
dalehurley icon

php-mcp-sdk

by dalehurley

Sec9

A PHP SDK for building Model Context Protocol (MCP) servers that expose AI capabilities (tools, prompts, sampling) and data resources to clients, facilitating AI agent orchestration and structured human-AI interaction.

Setup Requirements

  • ⚠️Requires PHP 8.1+ and Composer for dependency management.
  • ⚠️Leverages the Amp framework for asynchronous operations, which might require a learning curve for developers unfamiliar with async PHP.
  • ⚠️If using file-based `Root` resources, URIs must explicitly start with `file://`.
  • ⚠️Production deployments for HTTP/WebSocket transports would require proper web server setup (e.g., Nginx/Apache) and TLS configuration.
Verified SafeView Analysis
The SDK demonstrates a strong focus on security, employing robust input validation using `InvalidArgumentException` and `JsonSchemaValidator`, structured error handling (`McpError`), and network security features in its transport layers (`allowedHosts`, `allowedOrigins`, `enableDnsRebindingProtection` for HTTP/WebSocket). The OAuth implementation includes client authentication, token verification, PKCE support (configurable for proxy scenarios), and metadata endpoints, showing a good understanding of OAuth best practices. While complex OAuth flows always carry inherent configuration risks, the SDK provides the necessary primitives to implement them securely. No `eval()` or direct code injection vulnerabilities were found. URI validation for `Root` objects also adds a layer of safety.
Updated: 2025-11-25GitHub
47
58
Medium Cost
yuna0x0 icon

anilist-mcp

by yuna0x0

Sec8

An MCP server that interfaces with the AniList API, allowing LLM clients to access and interact with anime, manga, character, staff, and user data.

Setup Requirements

  • ⚠️Requires Node.js 18+.
  • ⚠️Requires an AniList API Token for authenticated operations (e.g., favouriting, updating lists, posting activities, getting authorized user info). Obtaining this token involves multiple steps on the AniList website.
  • ⚠️Uses pnpm as the package manager for local development.
Verified SafeView Analysis
AniList API token (ANILIST_TOKEN) is handled securely via environment variables or HTTP headers, and it is marked as sensitive/secret in configuration files (smithery.yaml, server.json). The `requireAuth` utility correctly enforces authentication for sensitive operations. Configuration inputs are validated using Zod. The server includes a caution in the README about protecting HTTP endpoints. A minor concern is the default broad CORS origin (`*`) which should be restricted in production deployments, though it is configurable via `CORS_ORIGIN` environment variable. No 'eval', obfuscation, or malicious patterns were detected.
Updated: 2025-11-28GitHub
47
74
High Cost
kunwarVivek icon
Sec9

AI-powered GitHub Project Management, including automated roadmap generation, sprint planning, issue triaging, task breakdown, and comprehensive project workflow automation.

Setup Requirements

  • ⚠️Requires Node.js 18.x or higher and TypeScript runtime (`ts-node` or `npm run dev`).
  • ⚠️Critical: Requires a valid GitHub Personal Access Token (GITHUB_TOKEN) with appropriate permissions (e.g., `repo`, `project`) set as an environment variable or CLI argument.
  • ⚠️Critical for AI features: Requires API keys for at least one AI provider (ANTHROPIC_API_KEY, OPENAI_API_KEY, GOOGLE_API_KEY, or PERPLEXITY_API_KEY) for AI-powered functionalities (e.g., PRD generation, task analysis, issue triaging).
Verified SafeView Analysis
Sensitive configurations (GitHub token, AI API keys, webhook secret) are correctly loaded from environment variables or CLI arguments, not hardcoded. The webhook handler uses `crypto.timingSafeEqual` for secure signature validation. Comprehensive error handling with retries helps API resilience. No obvious malicious patterns or unsafe code execution (`eval`) detected in the provided snippets.
Updated: 2025-11-24GitHub
47
70
Medium Cost

oxylabs-mcp

by oxylabs

Sec7

This project likely functions as a Minecraft server proxy or management tool, potentially for large-scale data collection or automation.

Setup Requirements

  • ⚠️Requires Docker for containerized deployment.
  • ⚠️Configuration via `server.json` and `smithery.yaml` files is likely necessary.
  • ⚠️May require an existing Minecraft server to proxy traffic to.
Review RequiredView Analysis
No source code available for static analysis; potential network risks inherent to a server/proxy application. The `README.md` is missing, hindering full understanding of intended security posture.
Updated: 2025-11-18GitHub
47
5
Low Cost
shinokada icon
Sec9

Provides Flowbite-Svelte documentation and component information to an MCP client (LLM) via a set of exposed tools.

Setup Requirements

  • ⚠️Requires 'pnpm' package manager for installation and scripts.
  • ⚠️Initial setup requires internet access (`pnpm run copy:llm`) to download documentation data.
  • ⚠️The `generateComponentRegistry.ts` script (used for `pnpm run gen:registry`) contains a hardcoded absolute path (`/Users/shinichiokada/Flowbite/flowbite-svelte/src/lib`) that users will need to manually update to their local Flowbite-Svelte repository to regenerate `components.json`. If `components.json` is provided in the repo, this script isn't strictly necessary unless you need to update the registry.
Verified SafeView Analysis
The server's core functionality relies on reading local, pre-fetched documentation files, reducing runtime network risks. Path validation (`isValidFilePath`) is explicitly implemented to prevent path traversal, absolute path access, and invalid characters, which is a strong security measure for file access. The fetching of external data (`copyLlmData.ts`) is a build/setup step, not a runtime operation, and this script also uses the robust path validation.
Updated: 2025-11-27GitHub
47
30
Medium Cost
vasylenko icon
Sec9

Enables AI assistants like Claude to search, create, read, and modify notes in the local Bear Notes application on macOS, enhancing personal knowledge management workflows with complete privacy.

Setup Requirements

  • ⚠️Requires Bear Notes app to be installed (macOS only).
  • ⚠️Requires Claude Desktop to be installed.
  • ⚠️Requires Node.js runtime version >= 22.5.0.
  • ⚠️Node.js must be run with the `--experimental-sqlite` flag enabled.
Verified SafeView Analysis
The server is explicitly designed for local-only operations, with no external network connections for data transfer, significantly reducing data leakage risks. It interacts with the Bear Notes local SQLite database for read operations and uses Bear's X-callback-URL API for write operations, both of which are local inter-application communication mechanisms. SQL queries use parameterized statements to prevent SQL injection, and user inputs for X-callback-URL are properly URL-encoded to mitigate command injection. No 'eval' or intentional obfuscation is present. The use of `--experimental-sqlite` directly from Node.js avoids third-party binaries, addressing a specific supply chain risk. While no system is entirely foolproof, the architecture and implementation demonstrate a strong focus on security and privacy.
Updated: 2025-12-04GitHub
47
55
Medium Cost
pulsemcp icon

mcp-servers

by pulsemcp

Sec9

An MCP server providing create, read, update, and delete (CRUD) operations for cloud storage, specifically Google Cloud Storage, with capabilities for file listing and intelligent access control.

Setup Requirements

  • ⚠️Requires a configured Google Cloud Storage bucket.
  • ⚠️Google Cloud Platform credentials (e.g., service account key file, or `GCS_CLIENT_EMAIL` and `GCS_PRIVATE_KEY`) must be properly set in environment variables.
  • ⚠️A startup health check verifies GCS bucket connectivity, which will cause the server to exit if misconfigured.
Verified SafeView Analysis
The server includes explicit path validation (validateLocalFilePath) to prevent path traversal attacks and block access to sensitive system directories when dealing with local files. Credentials are managed via environment variables, with clear instructions for secure handling and exclusion of secret files from version control. No 'eval' or obvious malicious patterns are present. Network interactions are limited to Google Cloud Storage using the official and vetted SDK.
Updated: 2025-12-15GitHub
47
33
Medium Cost
timescale icon
Sec8

This server acts as a wrapper around the Linear API, providing focused tools to Language Models (LLMs) for interacting with project management data like issues, users, and projects.

Setup Requirements

  • ⚠️Requires a `LINEAR_API_KEY` environment variable for authentication with the Linear API.
  • ⚠️A local build step (`npm i` then `npm run build`) is necessary before running the server.
  • ⚠️Integration with an LLM agent (e.g., Claude Desktop, MCP Inspector) requires specific configuration as outlined in the README.
Verified SafeView Analysis
The server correctly requires the Linear API key via an environment variable, preventing hardcoding. Input validation is handled using Zod schemas in the API factories, which is a good practice to mitigate common injection vulnerabilities. Data retrieval from the Linear API and subsequent filtering (`.includes()` for keywords) is done safely without dynamic query construction from user input. There are no apparent uses of `eval`, obfuscation, or direct shell command execution from user-controlled inputs. Network requests are made to the Linear API, as expected for its functionality. The use of `@tigerdata/mcp-boilerplate` and `@modelcontextprotocol/sdk` suggests leveraging established patterns, which contributes to a more secure foundation.
Updated: 2025-12-10GitHub
47
11
High Cost
koki7o icon

mcp-framework

by koki7o

Sec7

A Rust framework implementing the Model Context Protocol for building production-ready MCP servers, clients, and intelligent AI agents that integrate with LLMs for tool use and browser automation.

Setup Requirements

  • ⚠️Requires Rust 1.70+ to be installed.
  • ⚠️Requires ANTHROPIC_API_KEY or OPENAI_API_KEY environment variables (paid services) to be set (e.g., in a `.env` file) for AI agent examples.
  • ⚠️Requires Playwright MCP (`npm install -g @playwright/mcp@latest`) and a browser installation (`npx playwright install firefox`) for browser automation examples.
Verified SafeView Analysis
The `stdio` connector utilizes `std::process::Command` to spawn subprocesses. While the provided examples use trusted commands (e.g., `npx @playwright/mcp`), custom or untrusted command strings passed to `McpClient::new` or `MCPServerConfig::from_command` can lead to arbitrary command execution. Developers must ensure that inputs configuring `stdio` connections are validated and originate from trusted sources. The web-based Inspector (debug UI) binds to `127.0.0.1:8123` by default, limiting external network exposure. However, it exposes API endpoints (`/api/call-tool`) that allow interactive execution of registered tools, which could be abused by a local user or another process if tools have unintended side effects or vulnerabilities. Hardcoded API keys or sensitive credentials are not present; the framework correctly uses environment variables.
Updated: 2025-12-05GitHub
PreviousPage 61 of 647Next