Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

44
40
Medium Cost
jlucaso1 icon

whatsapp-mcp-ts

by jlucaso1

Sec8

Connects a personal WhatsApp account to an AI agent, enabling the agent to search messages and contacts, list chats, retrieve message history, and send messages via WhatsApp.

Setup Requirements

  • ⚠️Requires Node.js version 23.10.0 or higher.
  • ⚠️Requires an initial manual WhatsApp QR code scan for authentication, which can be time-sensitive.
  • ⚠️Initial message history synchronization can take significant time depending on your WhatsApp history size.
  • ⚠️Specific configuration JSON is required for the AI client (e.g., Claude Desktop, Cursor) to launch and connect to the MCP server.
Verified SafeView Analysis
The server stores all WhatsApp authentication credentials and message history locally in a SQLite database and authentication cache, which is good for privacy from the server's perspective. It communicates with the AI client via standard input/output (stdio), avoiding direct network exposure to the outside for the MCP protocol itself. No 'eval' or other direct dangerous dynamic code execution patterns were found. The primary security considerations are the security of the local machine storing sensitive WhatsApp data and the trustworthiness of the connected AI agent that will access this data via MCP tools.
Updated: 2025-12-06GitHub
44
2
High Cost
fortaine icon
Sec9

An AI-powered research server utilizing Gemini models for both quick web searches with citations and comprehensive multi-step deep research, including query clarification and follow-up capabilities.

Setup Requirements

  • ⚠️Requires a valid Google AI Studio `GEMINI_API_KEY` (Paid).
  • ⚠️Requires Python 3.12+.
  • ⚠️Deep research tasks (`research_deep`) can be long-running (3-20 minutes, up to 60 minutes for complex queries) and expensive ($2-5 per task, consuming ~250k-900k tokens).
Verified SafeView Analysis
The server relies on the `google.genai` client and `httpx` for network requests and URL resolution, which are standard and generally secure. It correctly mandates `GEMINI_API_KEY` via environment variables. There are no obvious signs of 'eval', obfuscation, or hardcoded secrets. The primary 'risk' is the dependency on external Google services and web scraping for citations, which is inherent to its function.
Updated: 2026-01-19GitHub
44
2
Low Cost
xiangweizeng icon

mcp-any-rest

by xiangweizeng

Sec2

An MCP (Micro-service Composition Protocol) server that dynamically configures and exposes APIs defined using ZML (ZenTao Markup Language), acting as an API gateway for ZenTao or similar APIs.

Setup Requirements

  • ⚠️Requires `config` directory (or specified via `--config-dir`) containing `config.json`, `modules.json`, and a `presets` subdirectory. These files are central to the server's configuration, including upstream API authentication details and module enablement.
  • ⚠️Requires `zml` directory (relative to config dir, or configurable) for ZML definition files: Dynamic modules are defined in `.zml` files located in this directory.
  • ⚠️Disables SSL certificate validation for all upstream API calls by default: All connections to upstream APIs will bypass SSL certificate checks, which is a significant security risk for production environments.
Review RequiredView Analysis
1. Critical: Web Configuration Server Lacks Authentication/Authorization: The /config endpoints exposed by WebServer in src/config/web.rs (e.g., /config, /config/presets, /config/modules, /config/server) do not appear to implement any authentication or authorization. This means anyone with network access to the server (default 127.0.0.1:8082) can read, modify, and delete all server configurations, including sensitive upstream API credentials, module enablement, and server settings, allowing arbitrary control over the gateway. 2. High: Disables SSL Certificate Validation: `danger_accept_invalid_certs(true)` is explicitly used in `reqwest` clients (`src/services/auth_service/auth_factory.rs`, `src/services/auth_service/unified_auth_service.rs`). This is a severe vulnerability as it allows for trivial man-in-the-middle attacks, compromising the confidentiality and integrity of communication with upstream APIs. This should never be enabled in production. 3. Sensitive Data in Configuration Files: Authentication credentials (tokens, API keys, usernames/passwords) can be stored directly in `config.json` or module configuration files. Without encryption at rest or secure access controls for these files, they are vulnerable to local compromise. 4. Error Message Disclosure: Login failure messages in `LoginAuthStrategyImpl` can expose internal details (`Login failed with status {}: {}`) potentially aiding attackers.
Updated: 2025-11-27GitHub
44
40
Medium Cost
aws-powertools icon

powertools-mcp

by aws-powertools

Sec9

This MCP server provides search and retrieval capabilities for the Powertools for AWS Lambda documentation, assisting LLM agents in finding relevant information across multiple runtimes.

Setup Requirements

  • ⚠️Requires Node.js (version 18+ for runtime, 24 for full support as per README).
  • ⚠️Project is experimental and under active development; APIs and features may change frequently without notice.
  • ⚠️Requires local disk write access for caching documentation.
Verified SafeView Analysis
The server strictly enforces requests to the 'docs.aws.amazon.com' domain for documentation fetching, mitigating external network risks. Input parameters for tools are rigorously validated using Zod schemas. No hardcoded secrets or 'eval' usage were found.
Updated: 2026-01-16GitHub
44
33
Medium Cost
ozgureyilmaz icon

polymarket-mcp

by ozgureyilmaz

Sec9

Integrate Polymarket prediction market data into external applications, particularly AI agents like Claude Desktop, providing real-time market insights and tools.

Setup Requirements

  • ⚠️Requires Rust toolchain (Rust 1.70+) to install and build.
  • ⚠️Manual editing of `~/Library/Application Support/Claude/claude_desktop_config.json` (or equivalent) is required for Claude Desktop integration.
  • ⚠️A Polymarket API Key, while optional for basic usage, may be required for higher rate limits or advanced access.
Verified SafeView Analysis
The project is written in Rust, which offers strong memory safety guarantees. Configuration handles API keys as optional and redacts them in debug output. Network requests include retry and basic rate-limiting logic. JSON input from stdin (for MCP server mode) is parsed into strongly typed structures, preventing common injection vulnerabilities. Dependencies are managed, with specific security fixes (RUSTSEC-2025-0047, RUSTSEC-2025-0055) noted in Cargo.toml. No direct 'eval' or malicious patterns were found. A high score is given due to robust Rust practices, but external API interaction and complex JSON deserialization always carry an inherent, minimal risk.
Updated: 2026-01-11GitHub
44
63
Medium Cost
rashidazarang icon

airtable-mcp

by rashidazarang

Sec9

Provides a Model Context Protocol (MCP) server for Airtable, enabling AI agents to perform full CRUD operations, schema management, webhooks, batch operations, and AI-powered analytics through natural language interactions.

Setup Requirements

  • ⚠️Requires an Airtable Personal Access Token (PAT) with appropriate scopes.
  • ⚠️Requires Node.js 14 or later installed locally.
  • ⚠️Initial setup may require providing an Airtable Base ID, though it can be discovered dynamically using the 'list_bases' tool.
Verified SafeView Analysis
The server demonstrates strong security practices including explicit input sanitization and HTML escaping to prevent XSS and formula injection. It implements rate limiting, robust error handling to avoid leaking internal API details, and has built-in governance features like allow-lists for bases/tables and PII masking policies. OAuth2 with PKCE is supported, and recent changelogs (v3.2.1-v3.2.4) highlight active fixes for critical XSS and command injection vulnerabilities, indicating a strong commitment to security. No hardcoded secrets or code obfuscation were found.
Updated: 2026-01-07GitHub
44
45
Low Cost
VeriTeknik icon

pluggedin-mcp

by VeriTeknik

Sec9

Acts as a unified Model Context Protocol (MCP) hub for AI agents, providing tools, knowledge (RAG), and memory (clipboard) by aggregating multiple downstream MCP servers and internal capabilities.

Setup Requirements

  • ⚠️Requires Node.js 18+ (v20+ recommended) due to engine requirements in package.json.
  • ⚠️Requires a Plugged.in API Key (obtainable from plugged.in/api-keys) for most functionalities, including RAG queries, document management, notifications, and access to dynamic MCP tools.
  • ⚠️Relies on the `plugged.in App` for managing and fetching configurations of dynamic MCP servers, meaning external setup in the web application is necessary for these tools to appear.
Verified SafeView Analysis
The codebase demonstrates a strong focus on security, with extensive input validation and sanitization (including HTML/XSS prevention via `sanitize-html`), URL validation (SSRF protection), and header injection prevention. It uses `child_process.execFile` with a strict command allowlist and argument sanitization for safe process execution. API key authentication utilizes timing-safe comparison, and lazy authentication allows tool discovery without a key while securing execution. Rate limiting is implemented for tool and API calls, and error messages are sanitized to prevent information disclosure. No hardcoded secrets were found; API keys are expected from environment variables.
Updated: 2026-01-13GitHub
44
66
Low Cost
aashari icon
Sec9

Provides a production-ready foundation for developing custom Model Context Protocol (MCP) servers in TypeScript to connect AI assistants with external APIs and data sources, exemplified by an IP geolocation tool.

Setup Requirements

  • ⚠️Requires Node.js (>=18.x).
  • ⚠️Extended IP data functionality requires an 'IPAPI_API_TOKEN' (optional for basic data).
  • ⚠️Cannot lookup private (e.g., 192.168.x.x) or reserved IP addresses.
Verified SafeView Analysis
The server uses standard Node.js and TypeScript practices, with no 'eval' or obvious malicious patterns detected. API keys (IPAPI_API_TOKEN) are loaded from environment variables or a global config file, preventing hardcoding. External API calls are made via standard `fetch`. Large API responses are logged to `/tmp/mcp/<project-name>/` with truncation, a designed feature, but users should be aware of local file storage of potentially sensitive data.
Updated: 2026-01-07GitHub
44
30
Medium Cost
Artmann icon
Sec9

Enables AI assistants and agents to search various package registries (NPM, Cargo, NuGet, PyPI, Go) and retrieve up-to-date package information.

Setup Requirements

  • ⚠️Requires Node.js 18+ or Bun runtime to execute.
  • ⚠️Requires an active internet connection to access package registries.
  • ⚠️The default `npx` command might use `npm` to install and run if `bun` is not globally available.
Verified SafeView Analysis
The server uses `zod` for input validation, which helps prevent malformed inputs. Network requests to external package registries are performed with a 10-second timeout, mitigating potential hangs. No hardcoded secrets or 'eval' statements were found. The tool interacts with well-known public APIs of package registries, which are generally trusted. Communication with the MCP client is via standard I/O.
Updated: 2025-12-02GitHub
44
44
Low Cost
Azure-Samples icon
Sec8

Provides a remote Model Context Protocol (MCP) server using Azure Functions to host tools for AI agents, specifically for managing code snippets and simple greetings.

Setup Requirements

  • ⚠️Docker required locally for Azurite (Azure Storage Emulator) if using snippet storage.
  • ⚠️Azure Functions Core Tools must be installed.
  • ⚠️Azure account and subscription are needed for cloud deployment using `azd`.
Verified SafeView Analysis
The server is built on Azure Functions, which provides a managed and secure execution environment. Remote access is secured by design using system keys (e.g., `mcp_extension`) and HTTPS, with options for OAuth and network isolation mentioned in the README. The code uses Azure Blob Storage bindings where snippet names are dynamically incorporated into blob paths. While Azure Blob Storage generally handles paths robustly, improper sanitization of user-provided `snippetname` could theoretically lead to unexpected blob interactions if not mitigated by the Azure Functions runtime or MCP framework.
Updated: 2026-01-15GitHub
44
72
Low Cost
loonghao icon
Sec9

An MCP server that enables AI assistants to send various message types, files, and images to WeCom (WeChat Work) groups, supporting single or multiple bot configurations.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️A WeCom Bot Webhook URL is mandatory, obtained from WeCom group settings, and must be configured via environment variables (e.g., WECOM_WEBHOOK_URL).
  • ⚠️Requires specific JSON configuration within your MCP client (e.g., Claude Desktop, VSCode Cline) to specify the server command and environment variables, typically using `uvx` for execution.
Verified SafeView Analysis
The server demonstrates good security practices: - Webhook URLs are validated to start with 'http://' or 'https://'. - Environment variables are used for sensitive information (webhook URLs), preventing hardcoding. - Image downloads from URLs validate HTTP status and content type, mitigating some risks related to fetching arbitrary content. - File operations check for file existence and type before processing. - Temporary files are used for downloaded images. - Relies on 'notify-bridge' for actual WeCom API interaction, delegating external API security concerns. - No obvious use of 'eval', 'exec', or other direct code execution from untrusted input was found in the provided source.
Updated: 2026-01-07GitHub
44
37
High Cost
danielsogl icon
Sec8

Provides comprehensive web performance, accessibility, SEO, and security auditing and analysis using Google Lighthouse for LLMs and AI agents.

Setup Requirements

  • ⚠️Requires Node.js 22.0.0 or newer
  • ⚠️Requires Chrome/Chromium browser to be installed on the system where the server runs
  • ⚠️Requires an MCP client (e.g., VS Code, Cursor, Claude Desktop) to interact with the server, as it is not a standalone web service
Verified SafeView Analysis
The server's core function involves making external network requests to user-provided URLs for auditing, which carries inherent risks. Basic URL validation (HTTP/S protocol check) is implemented in schemas to prevent invalid protocols, but it does not protect against potential Server-Side Request Forgery (SSRF) if the server is deployed in an environment with access to internal networks. The SECURITY.md documentation explicitly advises running the server in isolated network environments and validating URLs to mitigate these risks. No obvious 'eval' or hardcoded secrets were found in the provided source code.
Updated: 2026-01-19GitHub
PreviousPage 72 of 760Next