Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

45
42
Medium Cost
groq icon
Sec9

Provides a Model Context Protocol (MCP) server for interacting with Groq models, enabling clients to access Groq's compound/meta models with real-time information retrieval and code execution capabilities.

Setup Requirements

  • ⚠️Requires Node.js >= 18.0.0.
  • ⚠️A Groq API key must be set in the GROQ_API_KEY environment variable.
  • ⚠️A Redis instance URL (REDIS_URL) is recommended for SSE transport, especially when self-hosting or deploying on platforms like Vercel.
Verified SafeView Analysis
The server primarily acts as a proxy to the Groq API. It takes user questions and parameters, then passes them to the Groq chat completions endpoint. The 'ask_with_code_execution' tool name refers to the *Groq model's internal capability* to use code execution, not code execution on the local server itself. No 'eval' or direct arbitrary code execution is present. Sensitive API keys (GROQ_API_KEY) and Redis URLs are correctly handled via environment variables, not hardcoded. The use of '@vercel/mcp-adapter' suggests deployment on secure platforms like Vercel, further leveraging platform security features. Standard error handling includes process exit on fatal errors, which is not a security vulnerability.
Updated: 2025-12-13GitHub
45
34
Medium Cost
tomtom-international icon

tomtom-mcp

by tomtom-international

Sec9

The TomTom MCP Server provides seamless access to TomTom's location services (search, routing, traffic, maps) for integration into AI workflows and development environments.

Setup Requirements

  • ⚠️Requires Node.js 22.x for dynamic map functionality (other tools may work with older/newer versions).
  • ⚠️Requires a TomTom API Key, which may incur costs based on usage.
  • ⚠️The Dynamic Map Tool requires additional OS-level native dependencies (e.g., Homebrew packages on macOS, `libcurl4-openssl-dev` on Ubuntu/Debian, Visual Studio/MSYS2 on Windows) and specific npm packages (`@maplibre/maplibre-gl-native`, `canvas`) which can be challenging to install outside of a Docker environment.
  • ⚠️Dynamic map tool is disabled by default and must be explicitly enabled via `ENABLE_DYNAMIC_MAPS=true`.
Verified SafeView Analysis
The server demonstrates robust security practices: it explicitly handles API keys via environment variables or session context, masking them in logs. CORS is configurable in HTTP mode, allowing control over allowed origins and headers. There are no apparent hardcoded secrets or malicious patterns like 'eval'. Interaction with native map rendering libraries is via controlled data inputs, minimizing obvious injection risks. The primary network risks are standard API rate limits and potential misconfiguration of CORS policies.
Updated: 2025-12-10GitHub
45
35
Low Cost
inai-sandy icon

inAI-wiki

by inai-sandy

Sec10

A comprehensive, open-source knowledge hub and 'Wikipedia of AI' that curates and indexes AI news, applications, agents, models, and technical resources.

Setup Requirements

  • ⚠️This repository is a documentation project (Jekyll static site), not an executable server or an MCP server itself.
  • ⚠️For local preview, Jekyll (Ruby-based static site generator) must be installed.
  • ⚠️Contributing requires familiarity with GitHub's fork-and-pull-request workflow.
Verified SafeView Analysis
The provided source code consists of Markdown documentation files (e.g., README, CONTRIBUTING, daily news summaries) and Jekyll configuration for a static website. It does not contain executable server-side code, network listeners, or dynamic processing that would introduce traditional server-side security vulnerabilities. The project itself *indexes* 'MCP Servers' as a category of AI resources, but does not *implement* an MCP server in the provided codebase. Therefore, from the perspective of running it as an executable server, direct security risks from its own code are minimal. If hosted as a static site, standard web server security practices would apply.
Updated: 2025-12-15GitHub
45
29
Medium Cost
Azure-Samples icon
Sec9

Host Python-based Model Context Protocol (MCP) servers on Azure Functions as custom handlers to enable serverless deployment of AI agent tools.

Setup Requirements

  • ⚠️Requires an Azure subscription with permissions to create Microsoft Entra applications.
  • ⚠️Requires Azure Developer CLI (v1.17.2+) and Azure Functions Core Tools (v4.5.0+) to be installed.
  • ⚠️The 'Microsoft.App' resource provider must be manually registered in Azure before deployment.
Verified SafeView Analysis
The server uses standard libraries (httpx, azure.identity) for network requests and authentication. On-Behalf-Of (OBO) flow is implemented for secure token exchange with Microsoft Graph, relying on environment variables for sensitive configurations. No 'eval' or obvious malicious patterns found. The 'DefaultAuthorizationLevel' in host.json is 'anonymous', but the server logic implements its own authorization (Microsoft Entra ID integration) as part of the MCP specification, which is crucial for its secure operation.
Updated: 2025-11-27GitHub
45
49
Medium Cost
IzumiSy icon
Sec9

This server stores and retrieves knowledge graph data using DuckDB as a persistent memory backend for AI agents, enabling structured and fuzzy searching of entities, relations, and observations.

Setup Requirements

  • ⚠️Requires Node.js (version 22.x recommended)
  • ⚠️Stores data in a local DuckDB file, typically in ~/.local/share/duckdb-memory-server/knowledge-graph.data
  • ⚠️Designed to be used with an MCP client (e.g., Claude Desktop)
Verified SafeView Analysis
The server uses StdioServerTransport, communicating over standard I/O, which reduces direct network exposure. Database operations are performed using parameterized SQL queries, mitigating SQL injection risks. No 'eval' or obvious obfuscation is present. The database file path is configurable via an environment variable or defaults to a user-local directory, which is a standard practice for local application data. No hardcoded secrets were found.
Updated: 2025-12-08GitHub
45
17
Low Cost
Michael-Obele icon

shadcn-svelte-mcp

by Michael-Obele

Sec8

This MCP server provides real-time access to shadcn-svelte component documentation, Lucide Svelte icon search, and developer utilities by scraping the official website, making the information available to AI code editors and assistants.

Setup Requirements

  • ⚠️Requires Node.js version 20.9.0 or higher.
  • ⚠️Requires an OpenAI API Key (often a paid service) for the AI agent.
  • ⚠️Bun package manager is recommended for installation and running.
Verified SafeView Analysis
The server has no hardcoded secrets and handles API keys via environment variables. It relies on web scraping using Crawlee (Playwright), which runs a headless browser and executes external JavaScript. While targeting a trusted source (shadcn-svelte.com), the Playwright crawler is configured with `--no-sandbox`, a common necessity in containerized deployments but which bypasses Chromium's OS-level sandbox and could increase risk in less controlled environments if the target website were compromised. No 'eval' or malicious patterns were found in the provided source code.
Updated: 2025-12-14GitHub
45
49
Low Cost
rulego icon

rulego-server

by rulego

Sec4

A lightweight, high-performance, and modular platform for building and orchestrating automated workflows, including iPaaS, API integration, AI orchestration, and IoT rule processing.

Setup Requirements

  • ⚠️User authentication is disabled by default and requires explicit configuration (`require_auth=true`, `jwt_secret_key`, and `users` definitions) for secure operation.
  • ⚠️The example `config.conf` contains default `admin` credentials and `jwt_secret_key` that must be changed in any production environment to prevent unauthorized access.
  • ⚠️Specific Go build tags (`-tags "with_extend,with_ai,with_ci,with_iot,with_etl,use_fasthttp"`) are required during compilation to include optional component libraries; missing these tags will result in a deployment with fewer features.
  • ⚠️The UI requires a separate build step, and the output `ui` directory must be renamed to `editor` and placed in the server's root directory for the web interface to function correctly.
Review RequiredView Analysis
The server's core functionality involves executing user-defined scripts (JavaScript, Lua) and command-line tools (`exec` component). While the `exec` component is restricted by a `cmd_white_list`, these capabilities are inherently high-risk and require strong sandboxing and strict control. The provided `config.conf` example contains default admin credentials (`admin=admin`) and example API keys/JWT secret, which pose severe authentication vulnerabilities if left unchanged in a production environment. User authentication is disabled by default (`require_auth=false`), meaning all API operations are unauthenticated by default, which is extremely dangerous and must be explicitly enabled and configured.
Updated: 2025-12-14GitHub
44
34
Medium Cost
freema icon
Sec8

Extracts UI component information and design system metadata (HTML, styles, props, dependencies, theme tokens) from Storybook instances for AI agent use.

Setup Requirements

  • ⚠️Requires `STORYBOOK_URL` environment variable set to a running Storybook instance (e.g., `http://localhost:6006`).
  • ⚠️Requires Chrome/Chromium installed for Puppeteer to function (automatically handled in Docker, but needs manual setup otherwise).
  • ⚠️Requires Node.js version 18+ to run.
  • ⚠️Must run `npm install && npm run build` before starting the server.
Verified SafeView Analysis
The server uses Puppeteer (headless Chrome) for dynamic content rendering, which is configured with several security-hardening arguments (e.g., --no-sandbox, --disable-web-security). Network requests for Storybook content are primarily directed to the configured `STORYBOOK_URL`. The `get_external_css` tool includes a critical security check (`isDomainAllowed`) to ensure that external CSS URLs are restricted to the same domain as the Storybook, preventing arbitrary external file fetches. The setup script uses `execSync` but only for local build and environment detection purposes, not runtime operations. Overall, a good effort has been made to mitigate common risks for a tool interacting with external web content, but inherent risks of running external processes and interacting with untrusted web content (if the Storybook itself is compromised) remain.
Updated: 2025-12-02GitHub
44
69
Medium Cost
Power-Agent icon

PowerMCP

by Power-Agent

Sec7

Provides a collection of Model Context Protocol (MCP) servers for various power system software, enabling Large Language Models (LLMs) to interact with them for analysis, simulation, and control.

Setup Requirements

  • ⚠️Requires local installation of various power system software (e.g., PowerWorld, LTSpice, PSSE, OpenDSS, PyPSA, Egret, ANDES).
  • ⚠️Python 3.10+ is required, but PSSE MCP server may require a Python 2.7 environment to run PSSE commands via subprocess.
  • ⚠️Paths to external executables (e.g., `LTSPICE_EXECUTABLE_PATH` in `PyLTSpice/ltspice_mcp.py`, PSSE paths in `PSSE/psse_mcp.py`) must be manually configured in the respective Python scripts.
  • ⚠️On macOS/Linux, Wine is required to run the Windows-based LTSpice executable.
  • ⚠️Specific LP solvers (e.g., Gurobi, Ipopt, HiGHS) are required for optimization tasks in PyPSA and Egret.
Verified SafeView Analysis
The servers frequently use `subprocess.run` (PSSE, PyLTSpice) or directly pass strings to external APIs (OpenDSS, PowerWorld scripts, ANDES, PyPSA, Egret). While these are necessary for interacting with external tools, they introduce a dependency on the security of the underlying power system software and the careful sanitization of LLM-generated inputs. There are no explicit hardcoded secrets (besides executable paths) or direct `eval` calls. The primary risk lies in potential injection of malicious commands via LLM input if not properly validated by the calling agent or the underlying tools.
Updated: 2025-11-19GitHub
44
40
Medium Cost
yepcode icon

mcp-server-js

by yepcode

Sec9

The YepCode MCP Server enables AI platforms to interact with YepCode's infrastructure, allowing them to run LLM-generated scripts and manage YepCode processes, schedules, variables, and storage as powerful AI tools.

Setup Requirements

  • ⚠️Requires Node.js version 18 or higher to run locally.
  • ⚠️A YepCode Cloud account is required to obtain an API token for authentication.
  • ⚠️The YEPCODE_API_TOKEN environment variable must be set for the server to authenticate with the YepCode platform.
Verified SafeView Analysis
The server uses `zod` for robust input schema validation, which is a strong security practice. Sensitive credentials (`YEPCODE_API_TOKEN`) are correctly handled via environment variables. Arbitrary code execution (`run_code` tool) is delegated to YepCode's secure and isolated cloud sandboxes, mitigating direct execution risks on the host running the MCP server. The overall architecture delegates the critical security aspect of code execution to a trusted third-party platform.
Updated: 2025-12-11GitHub
44
42
Medium Cost
ThingsPanel icon

thingspanel-mcp

by ThingsPanel

Sec8

Serves as a Model Context Protocol (MCP) server for the ThingsPanel IoT platform, enabling natural language interaction with IoT devices for querying information, monitoring status, controlling functions, and analyzing platform data.

Setup Requirements

  • ⚠️Requires Python 3.8 or higher.
  • ⚠️Requires a ThingsPanel account and API key.
  • ⚠️Requires a valid ThingsPanel Base URL for API communication.
Verified SafeView Analysis
The server correctly handles sensitive API keys by prioritizing environment variables, command-line arguments, and configuration files, avoiding hardcoding. It uses `httpx` for network requests with proper error handling (`raise_for_status`). User-provided control data is JSON-serialized before being sent to the ThingsPanel API, mitigating direct code injection risks within the client. The main security considerations are the trustworthiness of the configured ThingsPanel API base URL and the security practices around the API key on the user's end.
Updated: 2025-11-27GitHub
44
35
Medium Cost
kesslerio icon

attio-mcp-server

by kesslerio

Sec9

Edge-compatible core library and server for integrating with the Attio CRM API, providing a standardized interface for tool definitions, HTTP client, and data manipulation across various runtime environments. It simplifies CRM interactions for AI agents and other applications.

Setup Requirements

  • ⚠️Requires Attio API Key or OAuth Access Token: Authentication is mandatory via `ATTIO_API_KEY` or `ATTIO_ACCESS_TOKEN` environment variables.
  • ⚠️Node.js Runtime Environment: The server is built with TypeScript and uses `npm install`, necessitating a Node.js runtime.
  • ⚠️Configuration for Edge Runtimes: While 'Edge-compatible', specific environment variables and configurations might be needed for optimal deployment on platforms like Cloudflare Workers.
Verified SafeView Analysis
The codebase demonstrates a strong focus on security. It uses environment variables for sensitive API keys (`ATTIO_API_KEY`, `ATTIO_ACCESS_TOKEN`), implements comprehensive input validation (JSON schema, UUID, email, phone number formats) across various entry points, and sanitizes error messages and log payloads to prevent PII/sensitive data leakage. It leverages `fast-safe-stringify` to mitigate circular reference issues in JSON processing, and includes safeguards like batch size and payload validation to protect against Denial-of-Service (DoS) attacks. Custom error handling enhances robustness. No direct `eval` calls or obfuscation were observed. A full supply chain audit of all dependencies would be required for a perfect score, but within the provided source, practices are excellent.
Updated: 2025-12-15GitHub
PreviousPage 68 of 647Next