Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

42
27
Medium Cost
phughesmcr icon

deno-mcp-template

by phughesmcr

Sec8

A comprehensive template for building Model Context Protocol (MCP) servers using Deno, providing examples for prompts, resources, and tools.

Setup Requirements

  • ⚠️Requires Deno runtime to be installed.
  • ⚠️The default `deno run -A` command grants all permissions, which is too broad for production environments and needs to be narrowed down.
  • ⚠️The `KvEventStore` used for session resumability is not production-ready and should be replaced for any production deployment requiring robust state management.
  • ⚠️For DNS rebinding protection or specific CORS control, `ALLOWED_ORIGINS` and `ALLOWED_HOSTS` must be explicitly configured, as the default behavior can be permissive.
  • ⚠️Compiling to a Desktop Extension (DXT) requires `dxt` to be installed globally (`npm install -g @anthropic-ai/dxt`).
Verified SafeView Analysis
The server implements good security practices including CORS, rate limiting, security headers, request timeouts, and DNS rebinding protection. Input validation is performed using Zod and custom validators. However, the default Deno execution with `-A` (all permissions) is too broad for production and requires fine-tuning. The `KvEventStore` for session resumability is explicitly marked as 'not suitable for production use' in the README, indicating a potential weakness for persistent/scalable state management or security if not replaced. CORS protection is configurable but will allow all origins if no allowed origins are specified, which can be a security risk if not explicitly set.
Updated: 2025-11-25GitHub
42
23
Medium Cost
tolkonepiu icon

best-of-mcp-servers

by tolkonepiu

Sec10

This repository serves as a curated and ranked list of Model Context Protocol (MCP) servers, updated weekly, to help users discover relevant projects.

Setup Requirements

  • ⚠️To generate or update the list locally, it requires using the external 'best-of-generator' tool, which is not part of this repository's source code and may have its own dependencies (e.g., Python, Docker, specific GitHub Action setup).
Verified SafeView Analysis
This repository is a static curated list of other open-source projects. Its source code consists primarily of Markdown and YAML configuration files, used to generate the list's documentation. There are no executable server-side components, 'eval' statements, obfuscated code, or hardcoded secrets directly within this repository's provided source code. Therefore, there are no inherent security risks from 'running' this repository as a server. The security concerns would lie with the individual MCP servers *listed* in this repository, which are external projects.
Updated: 2026-01-19GitHub
42
27
Medium Cost

midi-mcp-server

by tubone24

Sec9

An MCP server that enables AI models to generate MIDI files from text-based music data, allowing programmatic creation of musical compositions.

Setup Requirements

  • ⚠️Requires Node.js runtime to build and execute.
  • ⚠️Requires an MCP client (e.g., Cline) for interaction.
  • ⚠️Configuration requires specifying the absolute path to the 'build/index.js' file within the MCP client.
Verified SafeView Analysis
The server runs locally and communicates via stdio, significantly limiting network-based risks. Input parameters, particularly `output_path`, could pose local file system risks if not carefully handled internally, but the sandbox environment (local execution, no network exposure) mitigates the severity. No 'eval' or obfuscation is apparent.
Updated: 2025-11-17GitHub
42
24
Medium Cost
JamesANZ icon
Sec9

Provides real-time prediction market data from Polymarket, PredictIt, and Kalshi for AI coding environments.

Setup Requirements

  • ⚠️Requires Node.js 18+ and npm to run.
  • ⚠️The automatic Claude Desktop setup script is macOS-specific and may require manual configuration on other operating systems or if Claude Desktop is not installed in the default location.
Verified SafeView Analysis
The server uses `superagent` for fetching data from known external APIs (Polymarket, PredictIt, Kalshi). Input validation for the `keyword` parameter is implemented using `zod` with a max length of 50 characters, and the keyword is URL-encoded before being used in API requests. No `eval` or arbitrary code execution from user input is apparent. Error handling is present for API failures. The `postinstall` script attempts to configure Claude Desktop by writing to a local JSON file, which is a local action and not a server-side vulnerability.
Updated: 2026-01-16GitHub
42
55
Low Cost
openSVM icon
Sec8

A Solana MCP (Multi-Chain Protocol) server that acts as a proxy for Solana RPC requests, offering enhanced capabilities like caching, metrics, and local sBPF program testing and management.

Setup Requirements

  • ⚠️Requires Rust toolchain and Solana CLI installed.
  • ⚠️Network RPC URLs (e.g., SOLANA_RPC_URL) must be configured in `config.json` or environment variables.
  • ⚠️The x402 payment protocol feature, if enabled, requires configuration of a `facilitator_base_url` and network-specific payment details.
Verified SafeView Analysis
The server includes robust input validation, URL sanitization, and HTTPS enforcement for external RPC calls. Sensitive information is redacted in logs. The most critical aspect, sBPF program execution, is performed within an in-memory `liteSVM` sandbox, which significantly mitigates direct code execution risks on the host. A security scanner for sBPF binaries is also provided, indicating a proactive security posture. However, as with any system executing untrusted code, extreme caution is always advised.
Updated: 2026-01-08GitHub
42
42
Medium Cost
kesslerio icon

attio-mcp-server

by kesslerio

Sec9

Provides an edge-compatible core library for building Attio Model Context Protocol (MCP) servers, enabling AI agents to interact with the Attio CRM via defined tools and a flexible HTTP client, including comprehensive data management and validation.

Setup Requirements

  • ⚠️Requires an Attio API Key or OAuth Access Token (must be set via `ATTIO_API_KEY` or `ATTIO_ACCESS_TOKEN` environment variables).
  • ⚠️For advanced phone validation configurations, direct handler invocation is required instead of using the tool registry for custom country settings.
  • ⚠️The server runtime explicitly requires Node.js (due to usage of `perf_hooks`), which might be a point of confusion given the `core` library's advertisement of broader 'edge-compatibility' across non-Node.js environments.
Verified SafeView Analysis
The server demonstrates strong security practices including extensive input validation (JSON schema, field-specific, UUID, email, phone, domain), robust error handling with redaction of sensitive data in logs, and mandatory use of environment variables for API keys/tokens. It also implements DoS protection mechanisms for batch operations and does not use 'eval' or obfuscated code. Any residual risks are inherent to external API integrations.
Updated: 2026-01-07GitHub
42
1
Medium Cost
KashifHanif628 icon
Sec8

This repository provides instructions for connecting Figma designs to the Gemini CLI to enable AI-powered code generation from design contexts.

Setup Requirements

  • ⚠️Requires Figma Personal Access Token (PAT)
  • ⚠️Requires Gemini CLI to be installed globally
  • ⚠️Figma design files must be publicly shared ('Anyone with the link can view')
Verified SafeView Analysis
The provided source code consists solely of README files, offering no server-side code to audit for common vulnerabilities like 'eval' or obfuscation. The security assessment is based on the instructions for integrating with the Figma MCP server via the Gemini CLI, which uses standard bearer token authentication. Users must securely manage their Figma Personal Access Token.
Updated: 2025-11-27GitHub
42
1
Medium Cost
yasg1988 icon

mcp-beget

by yasg1988

Sec9

Manages Beget hosting services (sites, domains, databases, FTP, Cron, DNS, backups, mail) via Claude Code.

Setup Requirements

  • ⚠️Requires Beget hosting account login and password.
  • ⚠️Requires Python 3.10 or higher.
  • ⚠️Requires configuration within Claude Code's `~/.claude/settings.json` file.
Verified SafeView Analysis
Credentials (BEGET_LOGIN, BEGET_PASSWORD) are loaded from environment variables, which is a good practice. The server makes standard HTTPS requests to the official Beget API endpoint. No 'eval', 'exec', or direct arbitrary code execution from user input is present in the provided source code. Security primarily depends on the user's secure handling of environment variables and the Beget API's own security measures.
Updated: 2025-11-28GitHub
42
1
Medium Cost
Sec6

Manages Docker containers and compose projects in a homelab environment via an MCP client like Claude.

Setup Requirements

  • ⚠️Requires Docker to be installed and running on the host system.
  • ⚠️Requires access to the Docker socket (`/var/run/docker.sock`), which often necessitates elevated permissions (e.g., `root` or host `docker` group membership) and can be a common permission-related setup hurdle.
  • ⚠️Python 3.10+ is required if not running via Docker.
Verified SafeView Analysis
The server requires full access to the Docker daemon via `/var/run/docker.sock`, granting complete control over the host's Docker environment. The Docker Compose setup runs as `root` to facilitate this. The remote access mode (HTTP/SSE) operates without authentication by default, requiring careful exposure only on trusted networks or behind a reverse proxy with authentication for internet access. The README explicitly warns against insecure Docker socket permission adjustments (e.g., `chmod 666`). Users must be aware of and comfortable with the high privileges granted.
Updated: 2025-11-17GitHub
42
30
Low Cost
dtkmn icon
Sec9

Orchestrates OWASP ZAP security scanning actions (spider, active scan, OpenAPI import, reporting) via the Model Context Protocol, enabling AI agents like Claude Desktop or Cursor to perform security testing.

Setup Requirements

  • ⚠️Requires Docker and Docker Compose for local setup, or Kubernetes 1.23+ and Helm 3.8+ for cluster deployment.
  • ⚠️Requires generation and configuration of ZAP_API_KEY, MCP_API_KEY, and LOCAL_ZAP_WORKPLACE_FOLDER environment variables before starting.
  • ⚠️For JWT authentication (recommended for production), a 256-bit JWT_SECRET must be generated and configured.
Verified SafeView Analysis
The project demonstrates strong security practices: it implements flexible authentication modes (API Key, JWT with refresh and blacklist), enforces robust URL validation to prevent scanning of internal/private networks and localhost by default, and mandates strong secret keys for JWT. CSRF protection is intentionally disabled with clear justification, as it's an API-only server using header-based token authentication (not cookies), aligning with OWASP API security best practices. There are no hardcoded secrets in the source code; sensitive configurations are loaded via environment variables, with 'changeme' defaults for development. Explicit warnings are provided for using 'none' security mode in production.
Updated: 2026-01-19GitHub
42
16
Medium Cost
LinkupPlatform icon

linkup-mcp-server

by LinkupPlatform

Sec9

Provides web search and page fetching capabilities for AI assistants, enabling real-time information access through Linkup's API.

Setup Requirements

  • ⚠️Requires a Linkup API Key (obtained from app.linkup.so, may involve a paid plan depending on usage).
  • ⚠️Requires an MCP compatible client (e.g., Cursor, VSCode, Claude Code) for integration.
  • ⚠️JavaScript rendering for page fetching (`renderJs: true`) can significantly increase request time and resource usage.
Verified SafeView Analysis
The server's source code is clean, well-structured, and does not contain obvious malicious patterns or hardcoded secrets. It acts as an intermediary, forwarding requests to the external Linkup API using a user-provided API key. The primary security consideration relies on the user's secure handling of their Linkup API key and the inherent security of the external Linkup API itself. Responses are JSON-stringified, ensuring transparency without direct eval execution. No obfuscation detected.
Updated: 2026-01-19GitHub
42
12
Medium Cost
opentargets icon

platform-mcp

by opentargets

Sec8

Provides a Model Context Protocol (MCP) server for AI assistants to interact with the Open Targets Platform GraphQL API for drug discovery and target-disease associations.

Setup Requirements

  • ⚠️Requires Python 3.10+ for execution.
  • ⚠️Requires 'uv' package manager for local development and dependency management.
  • ⚠️Project is experimental; features, APIs, and documentation may change without notice.
  • ⚠️Requires access to the external Open Targets Platform API.
Verified SafeView Analysis
The server includes an optional 'jq filtering' feature that dynamically evaluates 'jq' expressions provided by the user (or LLM). While 'jq' itself is a JSON processing language and not Python 'eval', a maliciously crafted or highly inefficient 'jq_filter' could potentially be used to exploit server resources, leading to a Denial of Service. This feature is disabled by default, which mitigates the risk. The server implements adaptive rate limiting to prevent general abuse. No hardcoded sensitive credentials were found. The project is explicitly labeled 'experimental' and 'under active development'.
Updated: 2026-01-11GitHub
PreviousPage 78 of 760Next