Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

42
16
Low Cost
SAP icon
Sec9

This server provides AI agents with comprehensive SAP Mobile Development Kit (MDK) knowledge and tools to assist in MDK application development, offering project-aware context, templates, and access to MDK CLI tools.

Setup Requirements

  • ⚠️Requires an external LLM Provider (e.g., SAP AI Core) for AI agent functionality, which may be a paid service and requires separate setup/credentials.
  • ⚠️Requires global installation of Node.js and Yeoman CLI (`yo@4.3.1`).
  • ⚠️Full functionality, especially code generation tools, requires integration with SAP Mobile Services, necessitating the Cloud Foundry CLI and the Mobile Development Kit extension for VS Code to generate `.service.metadata` files.
Verified SafeView Analysis
The server uses `execSync` for various CLI operations (e.g., `yo`, `mdkcli`, `open`). However, it implements comprehensive input validation and sanitization (`validateAndSanitizePath`, `validateCommandArgs`) to prevent command injection and directory traversal attacks. Paths are restricted to the current working directory and project root, and arguments are checked for dangerous characters. This significantly mitigates the inherent risks of executing external commands, making it robust against common exploitation vectors.
Updated: 2025-12-09GitHub
42
15
High Cost
southleft icon

company-docs-mcp

by southleft

Sec8

Transforms organizational documentation into an AI-powered knowledge base for semantic search, Q&A via chat interface, Claude Desktop, and Slack integration.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid for embeddings and chat completions).
  • ⚠️Requires Supabase account and database setup for content and vector storage.
  • ⚠️The Slack bot's AI prompt is aggressively configured to generate 'extremely long, comprehensive responses' (minimum 3000 words), which can lead to very high OpenAI token usage and costs per query.
Verified SafeView Analysis
The server correctly implements Slack request signature verification. Secrets management is well-documented, advising against committing sensitive data and promoting Cloudflare Worker secrets. CORS is broadly set to '*' which could be a risk if exposed publicly without additional authentication. The use of Supabase Service Role Key is noted in ingestion scripts and could be a risk if not securely managed.
Updated: 2025-11-23GitHub
42
25
Medium Cost
PradeepaRW icon

project-nova

by PradeepaRW

Sec8

Facilitates seamless integration of Paperless-NGX document management with AI agents and n8n via an SSE-based Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires a running Paperless-NGX instance with an API token.
  • ⚠️Requires Docker and Docker Compose installed on the host system.
  • ⚠️Requires a running n8n server with `N8N_COMMUNITY_PACKAGES_ALLOW_TOOL_USAGE=true` environment variable enabled.
  • ⚠️The default `docker-compose.yml` uses an external Docker network named `demo`, which may need to be pre-created or configured on the host.
Verified SafeView Analysis
The solution promotes the use of environment variables for sensitive data like `PAPERLESS_TOKEN` and advises against committing them to version control. It also recommends network segmentation and resource limits. However, the `docker-compose.yml`'s reliance on an `external` Docker network named `demo` requires careful pre-configuration and security management of that network outside of this specific setup. The underlying `paperless-mcp` package's security is assumed to be sound, as its source code is not provided for analysis. Logs in `start.sh` are stated to exclude sensitive data, but this needs to be verified in practice.
Updated: 2025-12-15GitHub
42
1
Low Cost
kukapay icon

backtrader-mcp

by kukapay

Sec2

An AI-accessible MCP server for Backtrader, enabling agents to run, analyze, and optimize trading strategies through natural language prompts.

Setup Requirements

  • ⚠️Requires Python 3.10+
  • ⚠️Requires 'uv' for dependency management (recommended)
  • ⚠️Requires MCP CLI installation (`uv run mcp install main.py`)
Review RequiredView Analysis
The `run_backtest` tool uses `exec(strategy_code, {}, local_ns)` to execute user-provided Python code directly. This is a critical security vulnerability as it allows arbitrary code execution. An attacker could inject malicious Python code (e.g., `import os; os.system('rm -rf /')`) leading to severe system compromise, data theft, or denial of service if the server is exposed to untrusted input. While the `exec` call uses empty globals, core built-ins and module imports are still accessible.
Updated: 2025-11-27GitHub
42
1
Medium Cost
hyperpolymath icon

poly-db-mcp

by hyperpolymath

Sec4

Unified MCP server that provides a single interface for natural language querying and management of 20 different databases, running on Deno and built with ReScript.

Setup Requirements

  • ⚠️Requires Deno runtime environment.
  • ⚠️Requires external database servers (e.g., PostgreSQL, MongoDB, etc.) to be running and accessible for specific adapter functionality.
  • ⚠️Requires configuring environment variables for each desired database connection (e.g., POSTGRES_HOST, MONGODB_URL).
  • ⚠️DuckDB adapter is a stub and requires a running DuckDB HTTP API (`DUCKDB_HTTP_URL`) for full functionality.
Review RequiredView Analysis
The PostgreSQL adapter (pg_query, pg_select, pg_insert, pg_update, pg_delete, pg_json_query, pg_create_table) uses `conn.unsafe(query)` directly with user-provided string inputs without apparent sanitization. This is a critical SQL injection vulnerability. While other adapters generally use parameterized queries or client SDKs (which are safer), this single direct injection point significantly compromises the server's security if interacting with PostgreSQL via untrusted input. Deno's broad permissions (--allow-net, --allow-read, --allow-write, --allow-env, --unstable-kv) are necessary but also mean a vulnerability can have wider impact. Hardcoded default credentials for some databases are present but are intended to be overridden by environment variables.
Updated: 2025-12-14GitHub
42
1
High Cost
TiKcoc icon

orkel

by TiKcoc

Sec9

Generating AI-powered creative content including images, 3D models, and procedural environments using generative AI frameworks like Stable Diffusion, TripoSR, and Infinigen.

Setup Requirements

  • ⚠️Requires AMD GPU with ROCm support for optimal performance and compatibility (explicitly mentioned for SDNext and TripoSR).
  • ⚠️Significant disk space (hundreds of GBs) and RAM required for AI models and dependencies.
  • ⚠️Specific Python versions might be preferred or required (e.g., Python 3.11 for Infinigen setup option).
Verified SafeView Analysis
Setup scripts use standard package management (pip, docker pull from official registries) and do not contain obvious 'eval', obfuscation, or hardcoded secrets. The primary security consideration would be the integrity and safety of the upstream `infinigen`, `sdnext`, and `TripoSR` project dependencies themselves, which are not detailed in this source.
Updated: 2025-11-28GitHub
42
23
High Cost
botingw icon
Sec4

Provides a RAG and Knowledge Graph powered backend for grounding AI coding assistants in the LangGraph ecosystem, improving code generation accuracy and reducing hallucinations.

Setup Requirements

  • ⚠️Requires OpenAI API Key (Paid Service) for embeddings and LLM interactions.
  • ⚠️Requires a Supabase Project (PostgreSQL with pgvector) URL and Service Role Key.
  • ⚠️Requires a Neo4j Graph Database instance (AuraDB or local desktop) URI, User, and Password.
  • ⚠️Requires Docker (recommended) or Python 3.12+ with `uv` for local development setup.
  • ⚠️Specific `NEO4J_URI` configuration is required based on whether Neo4j is running on the host (for Docker) or locally (for local development).
  • ⚠️Database SSL certificate validation (`rejectUnauthorized: false`) is disabled by default in production mode, which is a security risk.
Review RequiredView Analysis
Critical: Admin authentication uses direct plaintext password comparison (from environment variable) with no rate limiting, vulnerable to brute-force attacks. Database SSL (`rejectUnauthorized: false`) is insecure in production, risking Man-in-the-Middle (MITM) attacks. High Risk: Python tools (`llm_api.py` for LLM interaction, `web_scraper.py` for web scraping) expose potential local file exfiltration (via image encoding or generic file read prompts) and arbitrary URL fetching if AI agents are maliciously prompted. Minor: Content Security Policy (CSP) and Cross-Origin Embedder Policy are disabled in development mode for the Express API, requiring hardening for production. Logging of environment variable keys at startup in `llm_api.py` is a minor information leak.
Updated: 2025-11-29GitHub
42
19
High Cost
divar-ir icon

zoekt-mcp

by divar-ir

Sec8

Provides code search and content fetching capabilities using Zoekt, designed for integration with AI assistants and LLMs.

Setup Requirements

  • ⚠️Requires a running Zoekt search server instance.
  • ⚠️Requires Python 3.13+.
  • ⚠️Requires ZOEKT_API_URL environment variable to be set.
Verified SafeView Analysis
The server's primary function is to proxy and format requests to a user-configured Zoekt instance. Its security largely depends on the trustworthiness and proper configuration of the external Zoekt instance. No direct code execution vulnerabilities (e.g., eval) or hardcoded secrets were found in the provided source.
Updated: 2025-11-25GitHub
42
25
Medium Cost
dtyq icon

php-mcp

by dtyq

Sec8

Facilitates communication and integration between LLM applications and external data sources or tools by implementing the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires PHP 8.3+
  • ⚠️Composer dependencies must be installed.
  • ⚠️Process execution permissions are needed for StdioTransport to spawn child processes.
  • ⚠️`pcntl` extension is recommended for robust signal handling with StdioTransport.
  • ⚠️`mbstring` extension is required for UTF-8 validation.
  • ⚠️If using Hyperf integration with RedisSessionManager, a Redis server is required.
Verified SafeView Analysis
The server demonstrates robust message validation (UTF-8, JSON-RPC 2.0 structure, MCP stdio format) and uses interfaces for authentication and session management, promoting a secure design. Session IDs are generated cryptographically. Text content is sanitized to remove control characters. Potential risks include insecure implementations of custom tools, prompts, or resource handlers registered by the user, and possible path traversal/SSRF vulnerabilities if user-provided URIs are not meticulously validated by custom resource handlers leveraging `file_get_contents` or similar. The `Access-Control-Allow-Origin: *` header in HttpTransport exposes the API to all origins, which is standard for public APIs but should be noted.
Updated: 2025-12-12GitHub
42
26
Low Cost
clerk icon

mcp-tools

by clerk

Sec8

Facilitates the integration of Model Context Protocol (MCP) into AI applications, enabling secure, consent-based access to private user data via OAuth on both client and server sides.

Setup Requirements

  • ⚠️Requires Clerk API keys (CLERK_PUBLISHABLE_KEY, CLERK_SECRET_KEY, NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY) for Clerk authentication.
  • ⚠️Requires a persistent database (Redis, Postgres, or SQLite) for client-side MCP session management in production environments; the file system store (`fsStore`) is intended for local development only.
  • ⚠️Requires Node.js version 18 or higher.
Verified SafeView Analysis
The library employs standard OAuth and secure coding practices for handling authentication and data persistence. It relies on environment variables for sensitive keys and configurable persistent stores (Redis, Postgres, SQLite) for session data. `JSON.parse` is used for deserialization of internally stored data, which is generally safe within a controlled environment. The primary security considerations for implementers are the secure configuration and management of these persistent stores and API keys. No 'eval' or obvious malicious patterns were found in the provided source code.
Updated: 2025-12-12GitHub
42
24
Medium Cost

dev-assist

by googleworkspace

Sec6

This project is a monorepo offering developer assistance, likely leveraging AI/LLMs to streamline development workflows and automate tasks.

Setup Requirements

  • ⚠️Requires `pnpm` (Node.js package manager) to install dependencies and run local scripts.
  • ⚠️Likely requires configuration for an LLM backend (e.g., API key for OpenAI/Anthropic, or a locally running LLM service like Ollama) due to `smithery.yaml`.
  • ⚠️Docker may be required for containerized deployment or development environment setup due to `Dockerfile`.
Verified SafeView Analysis
Potential network risks due to LLM API calls indicated by `smithery.yaml`. Requires careful review of dependencies for supply chain vulnerabilities, and permissions/actions of custom scripts in the `scripts` directory. The absence of a `README` makes a comprehensive security assessment challenging.
Updated: 2025-11-18GitHub
42
1
Medium Cost
MerzoukeMansouri icon

adeo-mozaic-mcp

by MerzoukeMansouri

Sec9

Exposes the Mozaic Design System's tokens, components, and documentation to AI assistants via an MCP server for query and code generation.

Setup Requirements

  • ⚠️Requires Node.js v25.0.0 or higher.
  • ⚠️Requires running `pnpm build` first to compile TypeScript and build the local SQLite database (`data/mozaic.db`), which indexes all design system data. The server will not function without this database.
  • ⚠️The build process clones Git repositories (`mozaic-design-system`, `mozaic-vue`, `mozaic-react`); Git must be installed and configured with appropriate access (e.g., SSH keys for `git@github.com` URLs listed in `build-index.ts`).
Verified SafeView Analysis
The server primarily communicates via `stdio` (standard input/output), which significantly limits its direct network attack surface. Build scripts (`scripts/build-index.ts`) execute external commands (`git clone`, `npm install`) to fetch source repositories and build the local SQLite database. While `execSync` is powerful, its usage is confined to a developer-initiated build process on predefined, trusted URLs (ADEO's GitHub repositories), not exposed to arbitrary user input at runtime. All database interactions (`better-sqlite3`) use parameterized queries, preventing SQL injection vulnerabilities. No hardcoded secrets or 'eval' calls were identified in the provided runtime source code.
Updated: 2025-12-14GitHub
PreviousPage 78 of 647Next