Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

43
56
Medium Cost
mikepenz icon

adbfriend

by mikepenz

Sec8

Manages Android devices via ADB, with an MCP server to integrate ADB functionalities into AI tools.

Setup Requirements

  • ⚠️Requires ADB server to be running or `ANDROID_HOME` environment variable to be configured correctly for ADB to be found.
  • ⚠️File system operations are restricted to default allowed paths (`/sdcard/Download/` on device, `~/adbfriend` on host) unless configured otherwise via environment variables.
  • ⚠️The `check-adb-speed` tool is only supported on MacOS X.
Verified SafeView Analysis
The project demonstrates good security practices by explicitly defining and enforcing `allowed_paths` on the Android device and `host_allowed_paths` on the host system, mitigating arbitrary file access. It also uses string escaping functions (`escapeForSync`, `escapeForMD5`) to help prevent common shell injection vulnerabilities when executing ADB shell commands. However, many core operations rely on `ShellCommandRequest`, which, if input sanitization were flawed or if an AI agent crafted a highly sophisticated malicious input to a tool, could still pose a risk. No hardcoded secrets or 'eval' statements were found. The inherent power of ADB operations (e.g., uninstalling apps, modifying system settings) means careful use in a controlled environment is always recommended.
Updated: 2025-11-25GitHub
43
25
Low Cost
github-samples icon

turn-based-game-mcp

by github-samples

Sec9

To demonstrate the Model Context Protocol (MCP) by providing an AI opponent for turn-based games like Tic-Tac-Toe and Rock Paper Scissors.

Setup Requirements

  • ⚠️Requires building the 'shared' package before any other packages due to inter-dependencies.
  • ⚠️Requires an MCP-compatible client (e.g., VS Code Copilot, Claude) to interact with the AI server as intended.
Verified SafeView Analysis
The MCP server demonstrates a strong focus on security, particularly in preventing AI from 'cheating' by accessing the human player's current moves. This is achieved through data sanitization on dedicated API endpoints (e.g., `/api/games/rock-paper-scissors/mcp`). Database interactions (SQLite) utilize parameterized queries, effectively mitigating SQL injection vulnerabilities. Comprehensive input validation is implemented at both the API route level and for MCP tool arguments. No 'eval' statements or hardcoded secrets were identified. The default local development setup uses HTTP; production deployments would necessitate HTTPS and appropriate network security configurations.
Updated: 2025-12-12GitHub
43
29
Medium Cost

mcp-server

by HuaweiCloudDeveloper

Sec7

Enables AI assistants to manage Huawei Cloud resources via a Model Context Protocol server for conversational AI workflows.

Setup Requirements

  • ⚠️Requires Huawei Cloud Access Key (AK) and Secret Key (SK) configured as environment variables (HUAWEI_ACCESS_KEY, HUAWEI_SECRET_KEY).
  • ⚠️Requires Python 3.10+ installed on the system.
  • ⚠️Each Huawei Cloud service (e.g., ECS, VPC) corresponds to a distinct MCP server that needs to be run individually or specifically targeted.
Verified SafeView Analysis
Requires sensitive Huawei Cloud API keys (AK/SK) as environment variables. The server acts as a proxy for AI models to manage cloud resources, requiring careful consideration of access control for both the server and the interacting AI models. Standard network security practices (firewall, access control) are crucial if exposed beyond localhost.
Updated: 2025-11-18GitHub
43
8
Low Cost
florinel-chis icon

magento-graphql-docs-mcp

by florinel-chis

Sec8

Provides tools to search and retrieve Magento 2 GraphQL API documentation from local markdown files, aiding development and coding agents.

Setup Requirements

  • ⚠️Requires local cloning of the AdobeDocs/commerce-webapi repository for documentation source.
  • ⚠️Python 3.10 or higher is required.
  • ⚠️The documentation path (`MAGENTO_GRAPHQL_DOCS_PATH`) must be explicitly configured via environment variable, symlink, or by cloning the documentation repo as a sibling directory.
Verified SafeView Analysis
The server primarily processes local markdown files and uses `stdio` by default. An optional HTTP/SSE transport can be configured, which if bound to `0.0.0.0` (configurable), would expose the server on the network. The `docker/entrypoint.sh` performs a `git clone` of the AdobeDocs repository, which relies on the integrity of that upstream source. No obvious malicious patterns like `eval` or direct code execution from arbitrary content are present. The extraction of GraphQL elements uses regex, not a full parser, which is generally safer than executing unknown schemas.
Updated: 2025-11-24GitHub
43
16
Medium Cost

devduck

by cagataycali

Sec6

This project serves as a GitHub Action or an agent-based system designed for automating development workflows, potentially integrating with AWS using OIDC for authentication.

Setup Requirements

  • ⚠️Requires Python environment setup and dependencies from `requirements.txt`.
  • ⚠️Requires an AWS account with OIDC configured for authentication.
  • ⚠️Designed to run within a GitHub Actions environment if used as an action.
Review RequiredView Analysis
The presence of `agent_runner.py` and `action.yml` suggests code execution capabilities, and `setup-aws-oidc.sh` implies handling sensitive AWS credentials. Without code review, potential risks include arbitrary code execution vulnerabilities and improper credential management, especially in a CI/CD context.
Updated: 2025-11-18GitHub
43
36
Medium Cost
Rootly-AI-Labs icon

Rootly-MCP-server

by Rootly-AI-Labs

Sec9

Integrate Rootly incident management API capabilities with AI agents and MCP-compatible editors to streamline incident resolution.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires `uv` package manager for dependency management and execution (`uv sync --dev` and `uv run pytest`).
  • ⚠️Requires a `ROOTLY_API_TOKEN` environment variable; a Global API Key is recommended for full functionality.
Verified SafeView Analysis
The server loads `ROOTLY_API_TOKEN` from environment variables, which is a good practice to prevent hardcoding secrets. It uses `requests` and `httpx` for external API calls with timeouts. Parameter sanitization is implemented to prevent invalid inputs. The `SWAGGER_URL` is hardcoded but points to a public OpenAPI specification, not a secret. The `_filter_openapi_spec` function actively cleans up and simplifies the OpenAPI spec, reducing potential attack surface related to complex schemas and limiting exposed endpoints.
Updated: 2025-12-10GitHub
43
4
Low Cost
marconae icon

spec-oxide

by marconae

Sec9

Enables spec-driven development for AI-assisted coding, optimized for Claude Code, using a built-in MCP server for structured interaction.

Setup Requirements

  • ⚠️Requires Claude Code for the AI-assisted workflow (client-side dependency for AI interaction).
  • ⚠️Requires Serena MCP for semantic code operations (requires `uv` and potentially a separate `uvx` install).
  • ⚠️Requires Context7 MCP for documentation lookups.
  • ⚠️Requires `jq` to be installed for the `setup.sh` script to function correctly.
  • ⚠️Windows users must run the `setup.sh` script in WSL (Windows Subsystem for Linux).
Verified SafeView Analysis
The core `spox` binary is written in Rust, which inherently reduces risks associated with runtime code execution like `eval`. File system operations are generally scoped to the project directory. The `setup.sh` script does involve downloading and executing external tools (`uvx` for Serena) from GitHub, which is a common setup practice but relies on the integrity of the remote repositories. However, this is a user-initiated setup step, not a runtime vulnerability of the `spox` binary itself. Critically, the included agent instructions (`CLAUDE.md`, `spox-implementer.md`, `spox-verifier.md`, `spox-reviewer.md`, `propose.md`, `implement.md`, `archive.md`) contain extensive, explicit 'Guardrails' and 'Mandatory Rules' emphasizing 'Evidence before claims', prohibiting AI agents from performing write operations to Git, and enforcing test-driven development. These strong internal guardrails significantly enhance the safety when used with AI models by strictly controlling behavior and requiring explicit command execution for verification.
Updated: 2025-12-12GitHub
43
11
Low Cost
dieselftw icon

wdk-mcp

by dieselftw

Sec2

A local-first server providing seed and wallet management, balance reads, and transaction sending for cryptocurrency development, optionally exposed via ngrok for remote LLMs.

Setup Requirements

  • ⚠️Requires the Bun runtime environment.
  • ⚠️Sensitive wallet data (including seed phrases) and API keys are stored unencrypted in a local JSON file (`wdk-data.json`), posing a significant security risk for actual asset management.
  • ⚠️The codebase explicitly uses `wdk-wallet-solana`, indicating a focus on Solana chain operations, despite the README's statement 'EVM/ETH-focused flows only', which may be a point of confusion or a future development intent.
Review RequiredView Analysis
The primary critical security risk is that the `wdk-data.json` data store is explicitly noted as 'not encrypted at rest (yet)'. This means sensitive information like seed phrases and API keys are stored in plain JSON, making them vulnerable if the local machine is compromised. The `encrypt` and `decrypt` stubs in `WalletConfigManager` confirm this is a known, unaddressed issue. While intended for local development, this flaw exposes users to high risk if not adequately secured by other means. Users should be aware of this significant data-at-rest vulnerability. No hardcoded secrets were found in the provided code, but `NGROK_AUTHTOKEN` is read from environment variables, which is a standard practice.
Updated: 2025-11-27GitHub
43
36
Medium Cost
panther-labs icon

mcp-panther

by panther-labs

Sec9

Panther's Model Context Protocol (MCP) server enables developers to write and tune security detections from their IDE, interactively query security logs using natural language, and triage, comment, and resolve alerts within the Panther platform.

Setup Requirements

  • ⚠️Requires PANTHER_API_TOKEN (Panther Labs API Key) with appropriate permissions, which is typically part of a paid Panther Labs subscription.
  • ⚠️Requires PANTHER_INSTANCE_URL (the URL of your Panther instance).
  • ⚠️Python 3.12+ is required for local development and UVX installation methods.
  • ⚠️Specific API permissions are needed for each tool to function; least-privilege tokens are highly recommended by the project's security policy.
Verified SafeView Analysis
The project demonstrates robust security practices: API tokens are loaded from environment variables (PANTHER_API_TOKEN) rather than being hardcoded. Input validation is performed using Pydantic Field annotations and custom validators, including specific SQL parsing and sanitization in `query_data_lake` to mitigate injection risks. Permissions are explicitly checked and annotated for each tool, indicating proper authorization enforcement. The `PANTHER_ALLOW_INSECURE_INSTANCE` environment variable exists to bypass SSL verification, which could be a risk if misused, but it requires an explicit override. Overall, the design prioritizes secure access and data handling.
Updated: 2025-12-12GitHub
43
23
Medium Cost
conorluddy icon

xc-mcp

by conorluddy

Sec8

Provides an intelligent MCP server for Xcode and iOS simulator workflows, optimized for AI agents to automate iOS development and testing tasks efficiently.

Setup Requirements

  • ⚠️Requires Node.js (18+ recommended) and npm/npx installed.
  • ⚠️Requires Xcode Command Line Tools to be installed and configured (`xcode-select --install`).
  • ⚠️Requires `idb` (Facebook IDB) and its `idb_companion` service to be installed and running (e.g., `brew install idb-companion`).
  • ⚠️Requires `sips` (macOS default image processing tool) for screenshot optimization.
Verified SafeView Analysis
The server executes external `xcrun simctl` and `idb` commands via `child_process.exec` and `child_process.spawn`. While comprehensive input validation and shell escaping (`isSafePath`, `isValidBundleId`, `isValidUdid`) are implemented to mitigate command injection, the inherent nature of wrapping powerful command-line tools poses a risk if these mitigations were bypassed or found to be incomplete. The server uses `StdioServerTransport`, limiting external network attack surface, and persistence is to local, user-controlled directories, reducing broader system compromise risk. No hardcoded secrets or 'eval' statements were found.
Updated: 2025-12-08GitHub
43
4
Medium Cost
roruizf icon
Sec8

Enables AI assistants to interact with OpenStudio building energy models for analysis, inspection, and manipulation.

Setup Requirements

  • ⚠️Requires Docker Desktop for host machine integration and OpenStudio SDK dependencies.
  • ⚠️Crucial Docker volume mounts (`-v C:\:/mnt/c` and `-v C:\PATH\TO\YOUR\openstudio-mcp-server:/workspace`) must be correctly configured for file access on Windows.
  • ⚠️Requires specific Claude Desktop configuration JSON to integrate the MCP server, including the correct Docker command arguments.
Verified SafeView Analysis
The server code itself does not contain obvious malicious patterns, hardcoded secrets, or use dangerous functions like 'eval'. Communication is via stdin/stdout, which is generally secure. The primary security consideration is the Docker volume mount configuration (`-v C:\:/mnt/c`), which grants the container read/write access to the entire host C: drive. While explicitly documented as a user-configured requirement, this represents a significant risk if a malicious image or code were ever introduced, as it could compromise the host system. Users should carefully verify Docker images and consider limiting volume access to specific, necessary directories.
Updated: 2025-12-15GitHub
43
22
Medium Cost
infobip icon

mcp

by infobip

Sec9

Build and integrate conversational AI agents with Infobip's omnichannel communication platform (e.g., SMS, WhatsApp) using the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires an Infobip account with an API key (potentially paid services).
  • ⚠️Requires an Azure OpenAI account (for C#, Python/JS Semantic Kernel/OpenAI Agents demos) or an AWS account with Bedrock access (for Java Spring AI/Python LangGraph demos), implying paid services.
  • ⚠️Specific API scopes ('sms:manage') must be assigned to your Infobip API key for full functionality.
  • ⚠️Requires .NET 9.0 SDK for the C# example, or Python 3.12+ (with `uv` for environment management) for Python examples, or Node.js with npm for the Javascript example.
Verified SafeView Analysis
The provided code consists of client examples that connect to Infobip's remote MCP servers and AI model providers (Azure OpenAI, AWS Bedrock). It relies on API keys for authentication, which are correctly handled via environment variables in the demo setups, preventing hardcoding. No 'eval' or malicious patterns were found in the truncated source code. The main security concern would be the proper management and securing of these environment variables outside of the application itself.
Updated: 2025-12-12GitHub
PreviousPage 73 of 647Next