Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

47
63
Low Cost
mcpdotdirect icon

template-mcp-server

by mcpdotdirect

Sec9

Provides a CLI tool and template to quickly get started building a Model Context Protocol (MCP) server using FastMCP, supporting both stdio and HTTP transports.

Setup Requirements

  • ⚠️The default scripts in `package.json` (e.g., `npm start`, `npm run dev`) are configured to use Bun as the JavaScript runtime, requiring Bun to be installed in the execution environment.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Peer dependencies such as 'typescript', '@valibot/to-json-schema', and 'effect' need to be installed separately in the consuming project if not handled automatically by the package manager.
Verified SafeView Analysis
The server implementation relies on the FastMCP framework for protocol handling and uses Zod for robust input parameter validation in tools, which is a good practice for preventing injection attacks. The `create-mcp-server` CLI script performs file system operations typical of a project generator but includes checks (e.g., verifying directory emptiness) to prevent unintended overwrites. No hardcoded secrets, 'eval', or direct command injection vulnerabilities were found in the provided source code. Potential risks are primarily dependent on how FastMCP internally handles argument validation for prompts/resources and any custom logic introduced by the user beyond the template.
Updated: 2025-11-26GitHub
47
10
High Cost

llms

by matteocervelli

Sec8

A centralized configuration and documentation management system for LLMs, providing tools for building skills, commands, agents, prompts, and managing MCP servers across multiple LLM providers.

Setup Requirements

  • ⚠️Requires Python 3.11+.
  • ⚠️Requires API keys for LLM providers (e.g., Anthropic, OpenAI), which are paid services.
  • ⚠️Uses `uv` for dependency management, which needs to be installed if not already present.
Verified SafeView Analysis
The system interacts with external LLM APIs (Anthropic, OpenAI) which requires secure handling of API keys (e.g., via `.claude/settings.local.json` which is gitignored). It executes local scripts and development hooks. The project itself explicitly integrates security assessments and checks within its `FEATURE-IMPLEMENTER` workflow, which is a positive indicator for the code it generates, but users should be mindful of running any multi-agent system that can execute code.
Updated: 2025-11-17GitHub
47
47
Medium Cost
jenkinsci icon

mcp-server-plugin

by jenkinsci

Sec8

The MCP Server Plugin for Jenkins enables Jenkins to act as a Model Context Protocol server, providing context, tools, and capabilities to MCP clients like LLM-powered applications or IDEs.

Setup Requirements

  • ⚠️Requires Jenkins (version 2.479 or higher) to be pre-installed and running.
  • ⚠️Requires Jenkins API Token and HTTP Basic Authentication for client access.
  • ⚠️File parameters are not supported via MCP (require file uploads).
Verified SafeView Analysis
The plugin relies on Jenkins' built-in authentication mechanisms (API tokens with Basic Auth) for access control. It implements origin header validation, though it's not enforced by default to facilitate AI agent usage, but can be enabled via system properties. Reflection is used for tool invocation and parameter handling, but in a controlled manner, deserializing arguments based on declared method parameter types and invoking pre-defined tools on trusted extension instances, mitigating arbitrary code execution risks. No hardcoded secrets or obvious malicious patterns were found. Adheres to standard Jenkins plugin security practices.
Updated: 2025-12-11GitHub
47
48
Medium Cost
greirson icon

mcp-todoist

by greirson

Sec9

Manage Todoist tasks, projects, labels, subtasks, and comments through natural language via an MCP server integration with Claude.

Setup Requirements

  • ⚠️Requires a Todoist API Token, which must be obtained from Todoist app settings.
  • ⚠️Requires restarting Claude Desktop after adding or updating the MCP server configuration.
Verified SafeView Analysis
The server implements robust input validation and sanitization, including detection and removal of malicious patterns (XSS, SQL injection). It strictly validates URLs and whitelists file attachment MIME types. API tokens are handled securely via environment variables and checked at startup. A dry-run mode is available for safe testing of operations without making real changes. The `content_contains` filter in bulk operations correctly rejects empty or whitespace-only strings, preventing unintended broad matches (fixed Issue #34).
Updated: 2025-12-01GitHub
47
9
Low Cost
For-Sunny icon
Sec9

Production-grade GPU-accelerated vector memory for AI applications, providing secure and high-performance vector search.

Setup Requirements

  • ⚠️Requires an NVIDIA GPU with CUDA support for optimal sub-2ms performance (CPU-only mode is slower).
  • ⚠️A separate Python tether service (e.g., 'tether_faiss_complete.py' from the RESEARCH_TOOLS directory) must be running and accessible via TCP socket on a specified host and port (e.g., localhost:9997).
  • ⚠️A secure 32-character hex 'TETHER_SECRET' must be generated and consistently configured as an environment variable for both the Node.js MCP server and the Python tether for authentication to succeed.
Verified SafeView Analysis
Implements robust HMAC-SHA256 authentication for communication, replay protection via timestamp validation (MAX_TIMESTAMP_DRIFT), and input validation with Zod schemas. Error responses are sanitized (stack traces are suppressed). Relies on a securely generated 'TETHER_SECRET' environment variable for authentication, which is critical for preventing unauthorized access to the underlying Faiss tether. Communication with the Python tether is via TCP socket, making network security important.
Updated: 2025-12-05GitHub
47
56
Medium Cost
barryyip0625 icon

mcp-discord

by barryyip0625

Sec9

An MCP server that enables AI assistants to interact with the Discord platform by providing tools for communication, channel management, and server information retrieval.

Setup Requirements

  • ⚠️Requires a Discord bot token from the Discord Developer Portal.
  • ⚠️Specific privileged intents (Message Content, Server Members, Presence) must be enabled in the Discord Developer Portal for the bot application.
  • ⚠️The Discord bot must be explicitly added to any target Discord servers it needs to interact with, and granted appropriate permissions (Administrator recommended, or specific custom permissions).
Verified SafeView Analysis
The server utilizes Zod for robust input validation, mitigating common injection risks. Discord API interactions are handled via the official discord.js library, which is a well-maintained and secure client. Error handling is centralized to prevent sensitive information leaks. There are no direct uses of 'eval' or unconstrained 'child_process' execution that would pose immediate code execution risks. The primary security considerations revolve around proper configuration of the Discord bot token and enabling appropriate (and minimal) privileged intents and server permissions, which are external to the application's code logic but critical for secure deployment.
Updated: 2025-12-02GitHub
47
38
Medium Cost
ssakone icon

pb_mcp_server

by ssakone

Sec8

Provides an MCP interface for AI assistants to interact with PocketBase databases for data management, authentication, and administrative tasks.

Setup Requirements

  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Requires a running PocketBase instance accessible at the configured URL (default: http://127.0.0.1:8090).
  • ⚠️Many administrative and user management operations require PocketBase admin credentials for full functionality.
Verified SafeView Analysis
The server uses environment variables for sensitive configuration (PocketBase URL, admin credentials), which is good practice. It implements session management and explicit authentication checks for privileged operations. A robust testing suite (including property-based tests) significantly enhances reliability and security posture. The 'send_custom_request' tool is very powerful, allowing raw HTTP requests to any PocketBase API endpoint, potentially with admin privileges. While flexible, this tool poses a significant risk if the MCP server itself is exposed publicly or used in an untrusted environment, as a compromised client could perform arbitrary actions on the PocketBase instance. However, in its intended local/trusted MCP client deployment, this is a feature rather than a vulnerability.
Updated: 2025-11-29GitHub
47
63
Medium Cost
Vortiago icon

mcp-outline

by Vortiago

Sec8

A Model Context Protocol server for interacting with Outline document management, enabling AI assistants to search, read, create, edit, and manage documents, collections, and comments.

Setup Requirements

  • ⚠️Requires an Outline account and API Key (`OUTLINE_API_KEY`) from Outline's web UI.
  • ⚠️Requires Python 3.10+ for non-Docker installations.
  • ⚠️For self-hosted Outline instances, Docker is typically required to set up the Outline platform itself (including PostgreSQL, Redis, and Dex).
Verified SafeView Analysis
API key is loaded from environment variables (`OUTLINE_API_KEY`) and used as a Bearer token. Input values for tools are parsed and validated by Pydantic (via FastMCP). Conditional registration of tools based on environment variables (`OUTLINE_READ_ONLY`, `OUTLINE_DISABLE_DELETE`, `OUTLINE_DISABLE_AI_TOOLS`) provides some access control. No direct use of `eval()` or similar dangerous functions detected. The `_sanitize_value` utility function attempts to clean API keys and URLs. Security relies on proper management of the `OUTLINE_API_KEY` by the user and the underlying security of the Outline API itself.
Updated: 2025-12-10GitHub
47
62
Low Cost
aashari icon
Sec9

Provides a TypeScript boilerplate for developing custom Model Context Protocol (MCP) servers, with an IP geolocation tool as an example.

Setup Requirements

  • ⚠️Requires Node.js >=18.x for execution.
  • ⚠️An 'IPAPI_API_TOKEN' environment variable is needed to access extended IP data features; basic IP lookup functionality works without it using the free tier.
  • ⚠️The project's modern module resolution (NodeNext with ESM-only dependencies) might require specific environment setups or tooling configurations for local development and debugging outside of the provided npm scripts.
Verified SafeView Analysis
The server demonstrates good security practices by loading API tokens from environment variables/configuration instead of hardcoding. It uses standard HTTP client libraries (fetch) with proper error handling for network requests. JMESPath filtering is employed, which is a query language designed for safe data extraction and not arbitrary code execution like 'eval'. There are no observed obfuscation or obvious malicious patterns. Test utilities use child_process.spawn for internal testing purposes with controlled inputs. Overall, the design prioritizes secure operation.
Updated: 2025-12-08GitHub
47
42
Low Cost
KemingHe icon
Sec9

Provides up-to-date Python package manager documentation to AI agents, cross-referencing official docs for pip, conda, poetry, uv, pixi, and pdm.

Setup Requirements

  • ⚠️Requires Docker to be installed and running.
  • ⚠️Requires adding configuration to your IDE's 'mcp.json'.
Verified SafeView Analysis
The server primarily functions as a search interface over pre-indexed documentation. It uses Tantivy for search, which is a library for information retrieval, not code execution. No direct use of 'eval' or arbitrary code execution mechanisms is apparent in the provided Python source summaries. Network risks are limited to outbound connections for documentation updates (which occur weekly, not on user request) and serving search results via standard I/O. There are no exposed APIs beyond stdin/stdout, reducing external attack surface. No hardcoded secrets were found. The primary risk would stem from vulnerabilities in the Tantivy library or the FastMCP framework itself, rather than the application logic.
Updated: 2025-12-09GitHub
47
15
High Cost
palewire icon

datawrapper-mcp

by palewire

Sec9

A Model Context Protocol (MCP) server that enables AI assistants to create Datawrapper charts for data visualization.

Setup Requirements

  • ⚠️Requires a Datawrapper API Access Token (paid service likely, check Datawrapper pricing).
  • ⚠️Requires Python 3.10 or newer if not using Docker.
  • ⚠️Docker is recommended for deployment and requires Docker daemon to be running.
Verified SafeView Analysis
The server uses Pydantic for strong input validation, which helps prevent malformed configurations. API tokens are securely handled via environment variables and marked as secrets. Data loading from file paths uses standard library functions and `os.path.isfile` for existence checks, and raw CSV strings are explicitly rejected to prevent potential injection vulnerabilities. No 'eval' or direct 'os.system' calls were found.
Updated: 2025-12-10GitHub
47
71
Medium Cost
RamXX icon

mcp-tavily

by RamXX

Sec9

Provides AI-powered web search, answer generation, and news search capabilities to LLMs via the Tavily API for research, fact-finding, and gathering detailed information.

Setup Requirements

  • ⚠️Requires a Tavily API key (Tavily is a paid service).
  • ⚠️Requires Python 3.11 or later.
Verified SafeView Analysis
The Tavily API key is securely managed via environment variables or command-line arguments, not hardcoded. Input validation for parameters is implemented using Pydantic models. Domain list parsing uses `json.loads` within a controlled context, with fallbacks for non-JSON strings, which appears safe. The server interacts via MCP's `stdio_server`, avoiding direct network exposure. External API calls to Tavily are a core function and handled responsibly.
Updated: 2025-11-25GitHub
PreviousPage 62 of 647Next