Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

42
27
Medium Cost
Sec7

An MCP server to interact with an InfluxDB instance, providing access to resources, tools for data management, and prompt templates for common queries and data formats.

Setup Requirements

  • ⚠️Requires a running InfluxDB instance to connect to.
  • ⚠️The `INFLUXDB_TOKEN` environment variable is mandatory for authentication with InfluxDB.
  • ⚠️If InfluxDB is not at `http://localhost:8086`, the `INFLUXDB_URL` environment variable must be set.
Verified SafeView Analysis
The server requires an `INFLUXDB_TOKEN` which must be securely managed as an environment variable. If run with the `--http` option, it exposes an HTTP server on a specified port (default 3000), which could pose a network risk if exposed publicly without proper security measures. The server makes outbound connections to the InfluxDB instance, whose security depends on the InfluxDB setup itself.
Updated: 2025-11-17GitHub
42
37
High Cost
jango-blockchained icon

advanced-homeassistant-mcp

by jango-blockchained

Sec8

A Model Context Protocol (MCP) server that enables AI assistants to seamlessly interact with Home Assistant for natural language smart home control.

Setup Requirements

  • ⚠️Requires an existing Home Assistant instance with a long-lived access token configured via environment variables.
  • ⚠️Bun runtime (v1.0.26+) is highly recommended/required for local development and running, although Docker is also an option.
  • ⚠️Docker is required for advanced speech features, specifically the Fast-Whisper container for Speech-to-Text, and potentially GPU support for optimized performance.
  • ⚠️An Anthropic API Key (a paid service) is required for the AI-powered voice command parser (using Claude) to function, otherwise, it falls back to pattern matching.
Verified SafeView Analysis
The server implements good security practices including rate limiting, input sanitization against XSS/injection, JWT authentication for API access, and comprehensive security headers (e.g., Helmet). Sensitive credentials like Home Assistant tokens and AI API keys are managed through environment variables. A potential concern is the default wide-open CORS (`Access-Control-Allow-Origin: *`) in some HTTP server files, though a configurable `corsOrigin` is present in the main `index.ts` file.
Updated: 2025-12-07GitHub
42
28
Low Cost
Robotti-io icon
Sec8

This MCP server provides a toolkit of security-focused prompts and instructions to guide GitHub Copilot towards secure coding practices, helping developers identify and mitigate security risks.

Setup Requirements

  • ⚠️Requires Node.js version >=22.0.0
  • ⚠️Requires a .env file for configuration, or environment variables set directly
  • ⚠️If SSL is enabled, requires a valid PFX certificate file and passphrase configured via environment variables
Verified SafeView Analysis
The server uses an Express.js application and delegates core Model Context Protocol (MCP) handling to the `@modelcontextprotocol/sdk`. Input validation for retrieving prompts (`get_prompt` tool) uses `zod` and `z.enum(Object.keys(prompts))` which prevents path traversal and arbitrary file reads, a strong security practice. Configuration for sensitive data like AMQP credentials and SSL PFX passphrases are sourced from environment variables, which is appropriate. The `reqInfo` middleware logs the full `req.body`, which could expose sensitive data in logs if the logger is enabled and misconfigured. However, console and AMQP logging are disabled by default. No `eval` or other direct code execution vulnerabilities were found in the provided server code.
Updated: 2025-12-02GitHub
42
14
Low Cost
vercel-labs icon
Sec8

This server acts as a Model Context Protocol (MCP) tool to assist developers in migrating projects from AI SDK 4.x to AI SDK 5.0, primarily designed for use with Cursor or other compatible MCP clients.

Setup Requirements

  • ⚠️Requires an MCP-compatible client like Cursor to utilize its tools effectively.
  • ⚠️Local development requires `pnpm` and a Node.js runtime environment.
Verified SafeView Analysis
The server's primary function involves generating markdown checklists and searching local documentation. It does not use `eval` or process untrusted code on the server side. The `create-checklist` tool instructs the *client* to run a `curl` command to download content, meaning the server itself is not executing arbitrary commands. The search tools construct regular expressions from user queries, which can introduce a minor ReDoS (Regular Expression Denial of Service) risk if not carefully handled, but the implementation appears to mitigate this by splitting queries into individual words before regex creation, reducing the likelihood of complex, exploitable patterns. No hardcoded secrets were found; environment variables are used for configuration.
Updated: 2025-12-12GitHub
42
11
Medium Cost
Wael-Rd icon

gns3-mcp-server

by Wael-Rd

Sec9

Automated creation, management, and simulation of GNS3 network topologies driven by AI via the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a running GNS3 Server instance (default: http://localhost:3080).
  • ⚠️Requires Python 3.10+ (as specified in `pyproject.toml`).
  • ⚠️Requires the Gemini CLI to interact with the server's MCP tools.
Verified SafeView Analysis
The server uses `httpx` for GNS3 API communication, supports username/password authentication, and environment variables for sensitive data. No `eval` or obvious malicious patterns are present in the provided source. The option to disable SSL verification (`GNS3_VERIFY_SSL='false'`) could be a security risk if used improperly, but it's an explicit configuration choice.
Updated: 2025-12-12GitHub
42
17
Low Cost
marcindulak icon

stt-mcp-server-linux

by marcindulak

Sec4

Provides local push-to-talk speech-to-text transcription for Linux, injecting transcribed text into a Tmux session for applications like Claude Code.

Setup Requirements

  • ⚠️Requires Linux operating system due to `/dev` device dependencies.
  • ⚠️Requires Docker Engine and Tmux to be installed.
  • ⚠️Whisper model needs to be downloaded manually using `scripts/download_whisper_model.sh`.
  • ⚠️The use of `eval` in shell scripts can pose a command injection risk if environment variables are not securely controlled.
Review RequiredView Analysis
The `scripts/restart_mcp_server.sh` script uses `eval` to execute the dynamically constructed Docker command. While the Python code (`TmuxOutputHandler`) implements text sanitization, the `eval` itself is a significant security risk if the environment variables used to build the `DOCKER_CMD` are not fully trusted or are maliciously crafted. The Docker container also requires extensive access to host devices (`/dev/input`, `/dev/snd`) and volume mounts, granting it significant privileges on the host system. This necessitates careful understanding and trust in the project and its execution environment.
Updated: 2025-12-07GitHub
41
26
Medium Cost

academia_mcp

by IlyaGusev

Sec7

Provides a server for searching, fetching, analyzing, and reporting on scientific papers and datasets using various APIs and optional LLM-powered tools.

Setup Requirements

  • ⚠️Requires Python 3.12+
  • ⚠️Requires API keys for LLM tools (OPENROUTER_API_KEY) and web search tools (e.g., EXA_API_KEY, TAVILY_API_KEY), which may incur costs.
  • ⚠️Requires a full LaTeX distribution (texlive, pdflatex, latexmk) to be installed on the system for LaTeX compilation and PDF processing tools.
Verified SafeView Analysis
The server interacts with multiple external APIs and can execute system commands (pdflatex, latexmk) for LaTeX compilation and PDF processing. Requires managing API keys for various third-party services. These are common for research tools but represent potential attack surfaces if not configured securely or if arbitrary LaTeX input is processed without proper sanitization.
Updated: 2025-11-17GitHub
41
5
Low Cost
tairqaldy icon

codearchitect-mcp

by tairqaldy

Sec9

Automatically saves and retrieves AI conversation sessions from IDEs (Cursor, VS Code) to provide context continuity and build a searchable knowledge base for developers.

Setup Requirements

  • ⚠️Requires Node.js v18+.
  • ⚠️Requires manual export of chat from IDE to `~/.codearchitect/exports/` before `store_session` can auto-detect it.
  • ⚠️Requires `npx` to be executable and configured correctly within the IDE's MCP server settings.
Verified SafeView Analysis
The server uses `validatePath` to prevent directory traversal attacks by ensuring all file operations occur strictly within designated, fixed base directories (`~/.codearchitect/sessions/` and `~/.codearchitect/exports/`) or explicitly provided `projectDir` paths, which are also validated. No `eval` or obvious obfuscation was found. Communication is via the Model Context Protocol (likely IPC/stdio), reducing direct network attack surface. File system access is carefully managed within the user's home directory.
Updated: 2025-12-01GitHub
41
11
Low Cost
stacklok icon
Sec7

Centralized metadata hub for Model Context Protocol (MCP) server governance and discovery within an enterprise, aggregating various data sources into a unified catalog.

Setup Requirements

  • ⚠️Requires Go 1.23+ for building from source.
  • ⚠️PostgreSQL 16+ is required for database backend operation.
  • ⚠️Database password management relies on a `pgpass` file with strict `chmod 600` permissions, which can be a common setup friction point.
  • ⚠️Production deployments require an OAuth 2.0/OIDC identity provider (e.g., Okta, Auth0, Azure AD) for authentication.
Verified SafeView Analysis
The server's documentation emphasizes security best practices, including OAuth 2.0/OIDC by default, granular access control, and the use of PostgreSQL's `pgpass` file for secure database credential management. It supports a two-user security model for database operations and migrations. However, the `docker/postgres-init.sh` script, used for Docker Compose initialization, hardcodes default passwords (`app_password`, `migration_password`). While `pgpass` is the recommended production mechanism, this hardcoding in a setup script is a potential vulnerability if not properly managed or if the script is used in less secure environments. The code itself does not show obvious signs of 'eval'-like patterns or obfuscation.
Updated: 2025-12-12GitHub
41
22
Low Cost
dswbx icon

jsonv-ts

by dswbx

Sec9

Provides a type-safe JSON Schema builder and validator in TypeScript, with integrated Hono middleware for OpenAPI generation and request validation, and an MCP (Model Context Protocol) server/client for agent-based interactions.

Setup Requirements

  • ⚠️Requires Bun runtime for direct execution of provided examples and test suite.
  • ⚠️`hono` is used for HTTP transport and OpenAPI integration, and must be installed if these features are utilized.
  • ⚠️MCP Client's `fetch` method may require polyfilling or specific Node.js configuration if not running in Bun or a browser environment.
Verified SafeView Analysis
The library primarily enhances security through robust JSON schema validation and type-safety. No direct use of `eval` or obvious code injection vectors were found within the MCP-related source code. The `RegExp` constructor is used for pattern validation, which is a potential ReDoS vector if patterns are derived from unsanitized user input, but in typical usage, patterns are developer-defined in the schema. Logging mechanisms could potentially expose sensitive data if not configured appropriately at the application layer.
Updated: 2025-12-02GitHub
41
24
Low Cost
portone-io icon

mcp-server

by portone-io

Sec2

An MCP (Model Context Protocol) server designed for PortOne users to provide official documentation, developer center, and help center content to Large Language Models (LLMs) for accurate information and to assist with integration and user queries, including some console functionalities like channel listing, test channel addition, sub-store lookup, and payment history lookup.

Setup Requirements

  • ⚠️Requires Node.js 22.6.0 or higher to run the server.
  • ⚠️Console login via browser is required to use PortOne console functionalities (e.g., list channels, add test channel, list stores, get payments) due to an OAuth authentication flow.
  • ⚠️When using Claude Desktop, a known issue may require disabling the 'Use embedded Node.js for MCP' option and restarting if Node.js 22.6.0+ is installed locally.
Review RequiredView Analysis
The `regexSearchPortoneDocs` tool (and `calculateBm25Scores` which it uses) directly constructs `RegExp` objects from user-provided `query` input (`new RegExp(query, 'gi')`) without apparent sanitization. This makes the server vulnerable to Regular Expression Denial of Service (ReDoS) attacks, where a maliciously crafted regex pattern could consume excessive CPU resources and make the server unresponsive. While no obvious hardcoded secrets or arbitrary code execution vulnerabilities are present, the ReDoS vulnerability is critical for a publicly accessible service or one integrated with an AI agent where input might be less constrained.
Updated: 2025-12-02GitHub
41
26
High Cost
vgiri2015 icon
Sec2

Optimizes Apache Spark code for performance using an AI model (Claude) via a client-server architecture, including performance analysis and comparison.

Setup Requirements

  • ⚠️Requires a paid Anthropic API Key (`ANTHROPIC_API_KEY`).
  • ⚠️Requires a Python environment with PySpark, which typically means Java needs to be installed for Spark to run.
Review RequiredView Analysis
CRITICAL: The `run_optimized.py` script uses `exec(open(code_path).read())` to execute both original and AI-optimized Spark code files. This allows arbitrary code execution if `spark_code_input.py` or the AI-generated `optimized_spark_code.py` contain malicious code. This makes the system extremely unsafe to run with untrusted inputs or AI models without robust sandboxing. API keys are handled via environment variables, which is good practice.
Updated: 2025-12-05GitHub
PreviousPage 82 of 647Next