Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

45
40
Low Cost
Azure-Samples icon

mcp-container-ts

by Azure-Samples

Sec8

An MCP server providing secure, role-based access to external tools (like a TODO list) for Large Language Models via Streamable HTTP, with built-in observability.

Setup Requirements

  • ⚠️Requires Node.js (v23 LTS or new LTS versions).
  • ⚠️Requires a generated JWT_TOKEN (for both server and client authentication), typically created via `npm run generate-token`. This token is stored in a `.env` file, which requires secure handling in production.
  • ⚠️If exposing a local server to remote AI clients (e.g., Azure AI Foundry, OpenAI), a tunneling service like `devtunnel` is required.
  • ⚠️Uses an in-memory SQLite database, meaning all data is lost upon server restart.
Verified SafeView Analysis
The server implements robust JWT-based authentication and role-based access control (RBAC) to secure API endpoints and tools. It uses `helmet` for common security headers and `express-rate-limit` to mitigate brute-force attacks. OpenTelemetry is integrated for detailed logging and tracing, which aids in security monitoring. The primary concern is that the `validationMiddleware` for JSON-RPC request body validation is commented out by default in `src/server-middlewares.ts`, potentially allowing malformed requests to bypass initial structural validation. While individual tool handlers use Zod for argument validation, a top-level JSON-RPC validation layer would enhance overall robustness. The `generate-token.ts` script explicitly warns about its demo nature and advises against using generated `.env` tokens directly in production.
Updated: 2025-12-04GitHub
45
44
Medium Cost
yuna0x0 icon

hackmd-mcp

by yuna0x0

Sec7

The server provides an interface for LLM clients to access and manage HackMD notes, teams, user profiles, and reading history through the HackMD API.

Setup Requirements

  • ⚠️Requires a personal HackMD API Token, which must be created and securely provided.
  • ⚠️Requires Node.js 18+ to run.
  • ⚠️If self-hosting via HTTP transport, the endpoint must be secured by the user to prevent unauthorized access to your HackMD API token.
Verified SafeView Analysis
The server handles sensitive HackMD API tokens via environment variables or HTTP headers. It includes a feature to restrict allowed HackMD API URLs, which is a good security practice. However, if self-hosting the HTTP transport with a pre-configured token, the README explicitly warns that the endpoint must be protected with authentication, otherwise anyone can access the server using the configured token. There is also a point where base64-encoded config from query parameters is JSON parsed, which, while mitigated by subsequent schema validation, could potentially be a vector for malformed data attacks if not robustly handled by the underlying MCP SDK.
Updated: 2025-11-28GitHub
45
27
Medium Cost
rhblind icon
Sec7

Exposes Emacs functionality as standardized tools to Large Language Models (LLMs) via the Model Context Protocol (MCP) over Unix domain sockets.

Setup Requirements

  • ⚠️Requires a running Emacs instance and integration of the Elisp files into the Emacs configuration.
  • ⚠️The `socat` utility is a mandatory dependency for some client integrations (e.g., Claude Desktop, shell wrappers).
  • ⚠️Users must understand and appropriately configure the server's extensive security model to prevent unintended or malicious LLM actions, especially concerning arbitrary Elisp execution.
Verified SafeView Analysis
The server's core functionality, `eval-elisp`, allows execution of arbitrary Emacs Lisp. This is an inherently high-risk operation. However, the project implements extensive security measures: a comprehensive permission system with user prompts for dangerous functions (e.g., `delete-file`, `shell-command`) and sensitive file access, input validation (JSON Schema, code injection prevention, path traversal), execution limits (timeouts, memory monitoring), and audit logging. While these mitigations are robust and configurable (paranoid, permissive, whitelist modes), the fundamental capability to execute arbitrary code means a bypass in the security layer could lead to serious vulnerabilities. Users must diligently review security configurations and audit logs.
Updated: 2025-12-11GitHub
45
44
Medium Cost
WhenMoon-afk icon

claude-memory-mcp

by WhenMoon-afk

Sec9

Provides a local, persistent, and searchable memory store for Claude Desktop and other MCP-compatible AI assistants.

Setup Requirements

  • ⚠️Requires Node.js 18+ to run.
  • ⚠️After installation, Claude Desktop must be completely restarted for the tools to appear.
  • ⚠️The `sqljs` database driver is a stub and will throw an error if explicitly configured; only `better-sqlite3` is currently functional (default).
Verified SafeView Analysis
The server runs locally and communicates via stdio, reducing external network attack surface. It uses parameterized SQLite queries (better-sqlite3) to prevent SQL injection. There are no explicit uses of 'eval' or other highly dangerous dynamic code execution patterns. File system access is limited to a designated database file and Claude Desktop configuration, which is expected for its functionality. The primary dependency better-sqlite3 runs native code, but is a well-vetted dependency. The overall security posture for a local tool appears robust.
Updated: 2025-12-14GitHub
45
30
Medium Cost
mapbox icon
Sec9

Provides AI assistants with direct access to Mapbox developer APIs for geospatial data visualization, map styling, token management, and user feedback processing, helping developers build Mapbox applications more efficiently.

Setup Requirements

  • ⚠️A valid `MAPBOX_ACCESS_TOKEN` environment variable is mandatory for most tools.
  • ⚠️Each tool requires specific Mapbox access token scopes (e.g., `styles:read`, `styles:write`, `tokens:read`). Incorrect scopes will lead to authentication failures.
  • ⚠️The server requires Node.js version 22 or higher for local execution. Docker is required for using Jaeger tracing or inspecting Docker builds.
Verified SafeView Analysis
The server securely handles `MAPBOX_ACCESS_TOKEN` via environment variables and validates all tool inputs using Zod schemas to mitigate common injection risks. External HTTP requests are managed through a robust `HttpPipeline`. Public Mapbox access tokens (pk.*) are embedded in URLs generated by `geojson_preview_tool`, `preview_style_tool`, and `style_comparison_tool` for client-side visualization, which is standard for these APIs but means the token is publicly exposed in the generated URLs. There are no `eval` or similar dangerous patterns detected. The parsing of `OTEL_EXPORTER_OTLP_HEADERS` from environment variables, if controlled by a malicious actor, could pose a risk, but this is an operational configuration, not exposed to runtime user input.
Updated: 2025-12-04GitHub
45
43
Low Cost
Azure-Samples icon
Sec9

Provides a remote Model Context Protocol (MCP) server implemented with Azure Functions in TypeScript, enabling AI agents like GitHub Copilot to interact with custom tools and data storage.

Setup Requirements

  • ⚠️Node.js 18+ required
  • ⚠️Azure Functions Core Tools >= 4.0.7030 required
  • ⚠️Docker required for local storage emulation (Azurite) if snippet storage is used
  • ⚠️Azure Developer CLI (azd) required for cloud deployment
Verified SafeView Analysis
The server uses Azure Functions, which inherently provides security features like HTTPS and system keys. It also supports integrating with OAuth via EasyAuth and API Management, and network isolation with VNET. No 'eval' or other obvious malicious patterns are present in the provided source code. Local development uses a storage emulator (`UseDevelopmentStorage=true`) to avoid hardcoding production secrets.
Updated: 2025-11-26GitHub
45
5
Medium Cost
mitchchristow icon

unity-mcp

by mitchchristow

Sec8

Enables an AI assistant to directly control and interact with the Unity Editor for game development tasks.

Setup Requirements

  • ⚠️Requires Node.js 18+ installed.
  • ⚠️Requires the Unity Editor to be running with the `org.christowm.unity.mcp` package installed and its internal HTTP/WebSocket servers active on ports 17890/17891.
  • ⚠️Antigravity IDE requires global MCP configuration using absolute paths to the `gateway/index.js` file, not project-specific or relative paths.
Verified SafeView Analysis
The Node.js gateway acts as a local proxy between the IDE and the Unity Editor. It connects to the Unity Editor's RPC server and WebSocket server, both hardcoded to localhost (127.0.0.1:17890 for HTTP RPC, 127.0.0.1:17891 for WebSocket events). This local-only network interaction significantly reduces external attack surface. No 'eval' or direct execution of arbitrary code from user input is observed in the provided gateway code. Tool inputs are defined via schemas, and parameters are mapped to specific Unity RPC methods, limiting arbitrary command injection on the Node.js side. The primary security considerations would be the robustness and input sanitization of the Unity Editor's internal MCP server implementation (not provided in this source code).
Updated: 2025-12-07GitHub
45
31
Medium Cost
timescale icon
Sec9

Provides a Model Context Protocol (MCP) interface to the GitHub API, enabling LLMs to access focused development tools and information.

Setup Requirements

  • ⚠️Requires a GitHub Personal Access Token (PAT) with 'repo,read:org,read:user,user:email' scopes.
  • ⚠️Requires the 'GITHUB_ORG' environment variable to be set for the target GitHub organization.
  • ⚠️Potential for high token usage with queries requesting extensive data (e.g., 'includeAllCommits' for many pull requests or broad 'searchRepoCode' queries).
Verified SafeView Analysis
The server correctly requires 'GITHUB_TOKEN' and 'GITHUB_ORG' to be set as environment variables, preventing hardcoded secrets. It utilizes `@octokit/plugin-throttling` to handle GitHub API rate limits gracefully, reducing the risk of accidental abuse or service interruptions. No 'eval' or obvious obfuscation found. External API calls are to GitHub, a trusted source, and responses are handled via Zod schemas for validation, which enhances data integrity and security.
Updated: 2025-12-10GitHub
45
27
Medium Cost
the-momentum icon

python-ai-kit

by the-momentum

Sec9

A Model Context Protocol (MCP) server built with FastMCP for integrating AI assistants with external data sources and tools, providing a structured way for agents to access custom functionalities.

Setup Requirements

  • ⚠️Requires API key for LLM provider (e.g., OpenAI, Anthropic) if the MCP tools or integrated agents use LLMs.
  • ⚠️Requires Python 3.12+.
  • ⚠️Uses `uv` for dependency management.
Verified SafeView Analysis
The project demonstrates strong security practices, including the use of Pydantic SecretStr for sensitive configurations and Fernet encryption scripts for API keys. It employs HMAC for secure token generation in SQLAdmin. No 'eval' or obvious hardcoded secrets were found in the provided source. The primary security consideration for the MCP server is proper deployment and access control if exposed to public networks, as its core function is to expose tools.
Updated: 2025-12-11GitHub
45
45
Low Cost
hostinger icon

api-mcp-server

by hostinger

Sec8

This server acts as a Model Context Protocol (MCP) gateway to manage Hostinger services including hosting, billing, DNS, domains, email marketing, and VPS instances.

Setup Requirements

  • ⚠️Requires Node.js v20.0.0 or higher.
  • ⚠️Requires a Hostinger API Token (API access may be part of a paid Hostinger plan).
Verified SafeView Analysis
The server uses environment variables for API tokens, which is good practice. Input validation is implemented for custom file-related tools (e.g., `hosting_importWordpressWebsite`, `hosting_deployJsApplication`) to check file existence, type, and format. File uploads are routed through Hostinger's pre-authenticated upload endpoints. CORS is configured to allow all origins ('*') for HTTP transport, which might be overly broad depending on the deployment context, but is acceptable for a general-purpose API provider. No direct `eval` or obvious command injection vulnerabilities were found in the provided code snippets. API calls include timeouts and handle non-2xx responses as errors.
Updated: 2025-12-04GitHub
45
4
Medium Cost
drutigliano19 icon
Sec3

This server provides AI agents with structured access to SUSE Observability data for intelligent troubleshooting and root cause analysis.

Setup Requirements

  • ⚠️Requires Go 1.23 or later for building.
  • ⚠️Requires access to a SUSE Observability instance and a valid API token.
  • ⚠️Disables TLS certificate verification, making it unsafe for production environments without code modification.
Review RequiredView Analysis
The client disables TLS certificate verification (`InsecureSkipVerify: true`) which is a critical security vulnerability, making connections susceptible to man-in-the-middle attacks. This makes the server unsafe for production environments or sensitive data without code modification. Additionally, the construction of STQL queries by string formatting Groovy scripts (`Topology.query('%s')`) presents a potential injection risk if the SUSE Observability backend's Groovy interpreter does not fully sanitize or sandbox the query string.
Updated: 2025-12-11GitHub
45
39
Medium Cost
freema icon

mcp-gsheets

by freema

Sec9

A Model Context Protocol (MCP) server for Google Sheets API integration, enabling reading, writing, and managing Google Sheets documents directly from MCP clients like Claude Code, Claude Desktop, or Cursor.

Setup Requirements

  • ⚠️Requires Node.js v18 or higher.
  • ⚠️Requires a Google Cloud Project with the Google Sheets API enabled.
  • ⚠️Requires a Google Service Account with JSON key file, or direct private key/email, and 'Editor' permissions on target spreadsheets.
Verified SafeView Analysis
The server demonstrates strong security practices, including explicit reliance on environment variables for sensitive Google Cloud credentials (avoiding hardcoding), comprehensive input validation using Zod and custom helpers, and robust error handling. No 'eval' or obfuscation was found. The interaction with Google Sheets API occurs over HTTPS, and local execution uses stdio, limiting direct network exposure. The `parseJsonInput` utility uses `JSON.parse`, which is safe for its intended use case of parsing configuration objects.
Updated: 2025-12-15GitHub
PreviousPage 67 of 647Next