Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

43
34
Medium Cost
isdaniel icon
Sec9

Provides current and historical weather, air quality, and timezone information via an MCP server, integrating with the Open-Meteo API.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️For HTTP modes (SSE or Streamable HTTP), `starlette` and `uvicorn` dependencies are required (though typically installed with `pip install mcp_weather_server` for basic setup, specific instructions recommend explicit install for HTTP modes).
  • ⚠️Relies on `tzdata` for comprehensive timezone support, which might have platform-specific installation considerations, especially on Windows.
Verified SafeView Analysis
The server uses `httpx` for external API calls, `starlette` and `uvicorn` for HTTP modes, which are standard and robust libraries. No hardcoded API keys are visible; the server explicitly states it uses free Open-Meteo APIs requiring no keys. Input validation for tool arguments is present via `validate_required_args`. CORS is enabled for HTTP modes. No `eval` or blatant obfuscation detected.
Updated: 2025-12-13GitHub
43
31
Medium Cost
aikts icon
Sec7

This server acts as a Model Context Protocol (MCP) interface, enabling AI assistants to securely interact with the Yandex Tracker API for managing issues, queues, users, and various other project management functionalities.

Setup Requirements

  • ⚠️Requires Python 3.12+ for execution.
  • ⚠️Requires 'uv' to be installed globally for direct command execution.
  • ⚠️Requires either a Yandex Tracker OAuth token, IAM token, or service account credentials for authentication.
  • ⚠️Requires either a Yandex Cloud Organization ID or a Yandex 360 Organization ID.
  • ⚠️If OAuth 2.0 is enabled, the server must be publicly accessible for callback URLs and requires Yandex OAuth application credentials.
Verified SafeView Analysis
The server primarily relies on environment variables for sensitive data (tokens, client secrets), which is good practice. It supports various authentication methods including OAuth 2.0 with PKCE for enhanced security. However, when configured for OAuth, the server explicitly requires a publicly accessible URL for callbacks, which introduces a network exposure point that must be properly secured. Redis caching, if enabled, also requires a secure Redis instance. Overall, robust authentication mechanisms are in place, but network exposure in HTTP/OAuth modes requires careful deployment.
Updated: 2025-12-06GitHub
43
42
Low Cost
promplate icon

hmr

by promplate

Sec7

Provides hot module reloading (HMR) for MCP (Model Context Protocol) and FastMCP servers, allowing code changes to take effect instantly without restarting the server or dropping client connections.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️When using `fastapi-reloader` middleware, it must be placed before any compression middleware (e.g., `GZipMiddleware`).
  • ⚠️For programmatic `mcp_server` usage, the target module must not be imported yet when `mcp_server(target)` is called, or hot-reloading will not function correctly.
  • ⚠️If using `fastapi-reloader` standalone (without `uvicorn-hmr`), you must manually call `send_reload_signal()` during the ASGI server's shutdown process.
Verified SafeView Analysis
The core hot module reloading functionality involves recompiling and re-executing Python code from modified files at runtime. While this is the intended and necessary behavior for a development tool, it implies a high security risk if used in production environments or if untrusted code can be introduced into the watched file system, as it allows arbitrary code execution. The `fastapi-reloader` component injects a client-side JavaScript snippet for browser refresh, which appears benign.
Updated: 2025-12-15GitHub
43
20
Medium Cost
cboxdk icon

statamic-mcp

by cboxdk

Sec7

Provides AI assistants with structured access to Statamic CMS content management capabilities through a router-based architecture.

Setup Requirements

  • ⚠️Requires PHP 8.3+
  • ⚠️Requires Laravel 11+ / 12+
  • ⚠️Requires Statamic 5.65+ / 6.0+
  • ⚠️Recommended to install Laravel Boost for the best AI-assisted development experience.
  • ⚠️Requires an AI agent (Claude Code, Cursor, Cline, or manual configuration) for interaction.
Verified SafeView Analysis
The authentication middleware uses Basic Auth and a custom Base64-encoded token (functionally similar to Basic Auth), which relies on HTTPS for secure transport. The `BaseStatamicTool::validateAndSanitizeArguments` is intentionally permissive for 'Claude compatibility', performing only basic null byte checks and deferring deeper input validation to underlying Statamic APIs. This approach could be a vulnerability if a downstream Statamic component has insufficient validation for specific field types or data structures when processing AI-generated input. The `AssetsRouter::createAsset` and `AssetsRouter::uploadAsset` methods allow uploading file content (either base64 encoded or from a local path) by creating temporary files and using `Illuminate\Http\UploadedFile`. While `mime_content_type` is used, it does not guarantee protection against all forms of malicious file uploads (e.g., PHP web shells). If an attacker can control or jailbreak the AI's input, this could lead to remote code execution. Other parts of the system, such as `PathValidator` and Statamic's blueprint-based field validation in `ContentRouter`, demonstrate strong security practices for their respective domains. Configuration settings are protected with whitelisting in `SystemRouter` to prevent arbitrary changes.
Updated: 2025-12-14GitHub
43
31
Low Cost

iceberg-mcp

by morristai

Sec8

Serves as an MCP server providing metadata about Apache Iceberg catalogs.

Setup Requirements

  • ⚠️Requires Rust toolchain installed to build from source.
  • ⚠️AWS credentials (either profile or explicit keys) must be configured for AWS Glue catalog support.
  • ⚠️Manual editing of Claude Desktop's `claude_desktop_config.json` is required for integration.
Verified SafeView Analysis
The server handles connections to various data catalogs (REST, AWS Glue) and requires configuration with sensitive credentials (AWS access keys, secrets) for cloud providers. It exposes network endpoints for its operation. User is responsible for securing provided credentials and network environment. Logging to local files should be monitored for sensitive data.
Updated: 2025-11-17GitHub
43
74
Medium Cost
EBISPOT icon

ols4

by EBISPOT

Sec7

Serves biomedical ontology data via a REST API and an MCP server, primarily for data lookup and integration with LLMs.

Setup Requirements

  • ⚠️Requires Docker installed and running for local deployment.
  • ⚠️Requires a configuration file to specify ontologies to load (e.g., `OLS4_CONFIG=./dataload/configs/efo.json`).
  • ⚠️OpenAI API Key is optional but required for full embeddings functionality (`OPENAI_API_KEY`).
  • ⚠️Neo4j and Solr databases are core components that require local setup or deployment via Docker/Kubernetes.
Verified SafeView Analysis
The Neo4j database is configured with `NEO4J_AUTH=none` in the Docker Compose and Kubernetes deployments, disabling authentication. This is a significant security risk if the Neo4j port (7474 or 7687) is exposed externally without proper network segmentation and access control. The Solr client uses `ClientUtils.escapeQueryChars` to mitigate query injection risks. The API testing tool uses `--add-opens` which can expose internal Java APIs, but this is within the context of a test utility.
Updated: 2025-12-12GitHub
43
11
Low Cost
pavolloffay icon
Sec9

The OpenTelemetry Model Context Protocol (MCP) server enables LLMs to efficiently use the OpenTelemetry stack by providing tools to configure an OpenTelemetry collector and returning strict JSON schemas for collector components to ensure correct configuration.

Setup Requirements

  • ⚠️Requires a Go development environment for local installation (`go install`).
  • ⚠️The provided `claude mcp add` command refers to a client-side tool (`claude`) which is not part of this server's distribution.
Verified SafeView Analysis
The server's primary function is to validate OpenTelemetry Collector configurations by providing JSON schemas, which inherently reduces configuration errors. The codebase relies on the well-maintained OpenTelemetry Collector project. No direct use of 'eval' or obvious malicious patterns were found within the provided snippets. Potential risks would primarily stem from how the generated (validated) configurations are applied to a live OpenTelemetry Collector instance, rather than vulnerabilities in the MCP server itself. The project shows proactive security by addressing upstream vulnerabilities (e.g., `GHSA-c74f-6mfw-mm4v` for `configgrpc` in older versions of the upstream collector).
Updated: 2025-12-03GitHub
43
31
High Cost
qiniu icon
Sec3

Provides a Model Context Protocol (MCP) server that enables AI models to interact with Qiniu cloud services including storage, intelligent multimedia processing, CDN, and live streaming.

Setup Requirements

  • ⚠️Requires Python 3.12 or higher.
  • ⚠️Requires `uv` package manager for installation and execution.
  • ⚠️Requires Qiniu Cloud Access Key, Secret Key, Region Name, Endpoint URL, and a comma-separated list of configured buckets (or QINIU_LIVE_API_KEY for live streaming functionality) as environment variables.
  • ⚠️Users of Claude may encounter `Error: spawn uvx ENOENT` requiring the absolute path to `uvx` in the command.
Review RequiredView Analysis
CRITICAL: The `LiveStreamingService` in `src/mcp_server/core/live_streaming/live_streaming.py` explicitly prints HTTP request information, including the `Authorization` header containing API keys (either `QINIU_LIVE_API_KEY` or `QINIU_ACCESS_KEY`/`QINIU_SECRET_KEY`) directly to standard output. This is a severe security risk as it exposes sensitive credentials in logs or console output, which should never happen in a production environment. While environment variables are used for secrets, the service includes fallback placeholder values (e.g., `YOUR_QINIU_ACCESS_KEY`) if not configured, although this does not expose real secrets. No other malicious patterns, `eval` usage, or obvious obfuscation were found.
Updated: 2025-11-27GitHub
43
27
Low Cost
fastly icon

mcp

by fastly

Sec9

The Fastly MCP Server provides AI agents with secure, natural language access to Fastly services for CDN configuration, deployment, monitoring, and analysis.

Setup Requirements

  • ⚠️Requires Fastly CLI to be installed in PATH or specified via FASTLY_CLI_PATH environment variable.
  • ⚠️Fastly CLI must be authenticated with a Fastly account (via `fastly profile create`, not FASTLY_API_TOKEN env var).
  • ⚠️Requires manual JSON configuration in AI assistant applications (e.g., Roo Code, Claude Desktop) to point to the `fastly-mcp` executable.
Verified SafeView Analysis
The project demonstrates robust, defense-in-depth security. It uses direct command execution (not shell) for the Fastly CLI, preventing command injection. Comprehensive input validation blocks shell metacharacters and directory traversal. Dangerous operations (delete, purge, create, update) require explicit `--user-reviewed` human confirmation. Sensitive commands like `auth-token` and `sso` are blocked by default, as are VCL upload/download commands. Optional PII sanitization and token encryption further protect sensitive data in outputs. A critical binary security check ensures the Fastly CLI executable is not compromised (e.g., world-writable permissions, untrusted symlinks). No hardcoded secrets were found; encryption keys are ephemeral. The project explicitly addresses prompt injection. However, like any system interacting with external CLIs and potentially exposing internal systems via HTTP, inherent risks exist if misconfigured or if underlying dependencies have undiscovered vulnerabilities.
Updated: 2025-12-03GitHub
43
45
Medium Cost
metoro-io icon

metoro-mcp-server

by metoro-io

Sec9

The Metoro MCP server enables large language models (LLMs) to interact with Kubernetes clusters by exposing Metoro's observability APIs, allowing AI to query and analyze cluster data.

Setup Requirements

  • ⚠️Requires Claude Desktop App to function as intended.
  • ⚠️Requires Golang to build the server executable.
  • ⚠️Requires a Metoro account and API token (or use the provided demo token with the demo API URL).
  • ⚠️Requires METORO_API_URL and METORO_AUTH_TOKEN environment variables to be set.
Verified SafeView Analysis
The server primarily acts as an API wrapper, relying on environment variables (METORO_API_URL, METORO_AUTH_TOKEN) for configuration, which is a good practice for secrets management. It enforces a 30-day time range limit in production environments to mitigate excessive data retrieval. The codebase shows no direct use of 'eval' or other arbitrary code execution patterns. Input/output are structured as JSON. Response sizes for logs are explicitly limited to 2000 characters per line, and large profile responses are checked, demonstrating an awareness of potential context overflow. A publicly provided demo token in the README is noted but doesn't expose a code vulnerability.
Updated: 2025-12-12GitHub
43
33
Medium Cost
fazer-ai icon

mcp-obsidian

by fazer-ai

Sec8

Facilitates LLM interaction with Obsidian vaults via the Local REST API plugin, enabling read/write operations and command execution.

Setup Requirements

  • ⚠️Requires Obsidian with the 'Local REST API' community plugin installed and configured.
  • ⚠️Requires an Obsidian API Key, set via environment variables (OBSIDIAN_API_KEY).
  • ⚠️Requires Bun runtime installed to run the server.
Verified SafeView Analysis
The server acts as a proxy to Obsidian's Local REST API. It uses environment variables for the API key (good practice) and validates tool arguments with Zod. Path sanitization is implemented for file operations. No 'eval' or direct code execution from user input is apparent. Security largely depends on the underlying Obsidian Local REST API plugin and protecting the API key. The 'search_json_logic' tool takes 'logic: z.unknown()'; while the server only proxies this to Obsidian, a vulnerability in Obsidian's JsonLogic engine could be an indirect risk.
Updated: 2025-12-03GitHub
43
28
Medium Cost
danielsogl icon
Sec8

Provides web performance, accessibility, SEO, and security auditing and analysis capabilities to LLMs and AI agents using Google Lighthouse via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires Node.js 22.0.0 or newer.
  • ⚠️Requires a Chrome/Chromium browser installed on the host system (automatically managed by Lighthouse, but the underlying browser needs to be present and compatible).
  • ⚠️An MCP client (e.g., VS Code, Cursor, Windsurf, Claude Desktop) is required to interact with the server.
Verified SafeView Analysis
The server's core functionality involves launching headless Chrome/Chromium instances and making network requests to user-provided URLs. The 'urlValidator' in 'src/schemas.ts' is a crucial mitigation, strictly enforcing HTTP/HTTPS protocols and rejecting malicious 'javascript:' schemes, reducing the risk of URL-based injection. The use of the '--no-sandbox' flag for Chrome is a common configuration for headless Chrome in containerized or CI/CD environments and is explicitly mentioned in the 'SECURITY.md' as a consideration requiring network isolation for secure deployment. Beyond standard Lighthouse operations, no direct 'eval' or unsanitized 'child_process' execution was identified. No hardcoded sensitive secrets or API keys are present in the provided source code.
Updated: 2025-12-15GitHub
PreviousPage 74 of 647Next