Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

41
25
Low Cost
alexwohletz icon

language-server-mcp

by alexwohletz

Sec3

Provides language support features like hover information, code completion, and diagnostics for code editing through the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires specific language servers (e.g., `typescript-language-server`, `pyright`) to be pre-installed on the system.
  • ⚠️Requires configuring language server commands and arguments via environment variables (e.g., `TYPESCRIPT_SERVER='{"command": "typescript-language-server", "args": ["--stdio"]}'`) before running.
  • ⚠️Tools require an accurate `projectRoot` parameter for correct language server operation, which can be challenging for an agent to determine consistently.
Review RequiredView Analysis
The server dynamically spawns external language server processes based on configurations read from environment variables (e.g., `process.env.TYPESCRIPT_SERVER`). If an attacker can control these environment variables, they could inject arbitrary shell commands to be executed by the `child_process.spawn` call, leading to remote code execution. While the README implies user configuration for local development, in an automated or untrusted AI agent context, this presents a significant command injection vulnerability. Uses of `eval` found in coverage report utility files are not part of the core server's runtime logic.
Updated: 2025-11-26GitHub
41
15
High Cost
TheInformationLab icon

tableau_mcp_starter_kit

by TheInformationLab

Sec7

Provides a powerful AI integration for Tableau Server/Cloud, enabling natural language querying and interaction with Tableau data via a web interface or dashboard extension.

Setup Requirements

  • ⚠️Requires Tableau Server Version 2025.1+ or Tableau Cloud.
  • ⚠️Requires Python 3.12+ and Node.js (tested with 22.15.0 LTS) with npm installed.
  • ⚠️Requires an OpenAI API Key (paid service) and Tableau Personal Access Token (PAT) for default operation.
  • ⚠️The `TABLEAU_MCP_FILEPATH` environment variable must be manually set to the local build path of the `tableau-mcp` repository (or `tableau-mcp-experimental` for dashboard extension mode).
Verified SafeView Analysis
The default configuration sends data from Tableau to an external AI model (OpenAI). The README explicitly warns about this data egress risk and recommends using a local AI model for sensitive data. Personal Access Tokens (PATs) for Tableau are stored in the .env file, which is protected by .gitignore, but still requires secure handling. The `TABLEAU_MCP_FILEPATH` points to a local Node.js build, whose integrity depends on the upstream `tableau-mcp` (and `tableau-mcp-experimental`) repositories and secure build practices.
Updated: 2025-12-01GitHub
41
2
Low Cost
thepearl icon
Sec8

MCP server for cleaning up unused assets (images, colors, data) in Xcode iOS/macOS projects, generating interactive HTML reports.

Setup Requirements

  • ⚠️Requires macOS 13.0+
  • ⚠️Requires Swift 6.0+
  • ⚠️Requires an MCP client (e.g., Claude Code, VS Code extension)
  • ⚠️XIB/Storyboard asset references are not detected, potentially leading to false positives (assets marked unused but are actually used)
  • ⚠️Objective-C files are not scanned for asset usage
Verified SafeView Analysis
The server's primary functions involve reading and deleting files within a specified Xcode project directory. File deletion (`removeItem`) is performed on paths derived from parsed `.xcassets` within the `project_path` supplied by the user. Critical safety features like `dry_run` and automatic `create_backup` are implemented. There are no obvious code injection vectors via `eval` or direct `shell_exec` on user input. Paths are primarily handled by `FileManager` and `URL` objects. The use of `StdioTransport` limits network attack surfaces. Reading potentially sensitive files within the `project_path` is inherent to its purpose.
Updated: 2025-11-26GitHub
41
27
Medium Cost
ivelin-web icon

tempo-mcp-server

by ivelin-web

Sec9

Manages Tempo worklogs in Jira via a Model Context Protocol (MCP) server, allowing time tracking and worklog operations through MCP-compatible clients.

Setup Requirements

  • ⚠️Requires Node.js 18+ (LTS recommended).
  • ⚠️Requires manual generation of Tempo API Token and Jira API Token with appropriate permissions.
  • ⚠️JIRA_EMAIL is mandatory for Basic Authentication, necessitating careful configuration of JIRA_AUTH_TYPE.
  • ⚠️JIRA_TEMPO_ACCOUNT_CUSTOM_FIELD_ID is required if Tempo mandates account linking to Jira issues, requiring manual lookup of the custom field ID.
Verified SafeView Analysis
The server uses Zod for robust input validation on all tool parameters and environment variables, mitigating common injection risks. Sensitive API tokens and credentials are strictly sourced from environment variables, preventing hardcoding. Authentication for Jira supports both basic (email:token) and bearer (OAuth 2.0) methods securely. Error handling logs details internally and returns user-friendly messages to the client, limiting information exposure. No 'eval' or obvious obfuscation patterns were found.
Updated: 2025-12-04GitHub
41
24
High Cost
klapaudius icon

symfony-mcp-server

by klapaudius

Sec8

Build intelligent AI agents by transforming Symfony applications into Model Context Protocol (MCP) servers, enabling LLMs to interact with application logic via tools, prompts, and resources.

Setup Requirements

  • ⚠️Requires a proper web server setup (Nginx + PHP-FPM or Apache + PHP-FPM), cannot use `symfony server:start`.
  • ⚠️Requires an external message broker (Redis or Symfony Cache) for its adapter system.
  • ⚠️The 'Sampling' feature (mid-execution LLM calls) will incur costs from external LLM providers (e.g., Claude, OpenAI).
  • ⚠️OAuth2 authentication is recommended for production, implying it's not provided out-of-the-box by the bundle.
Verified SafeView Analysis
The server prioritizes security by avoiding STDIO, using JSON-RPC, and including parameter validation for tools. It supports secure transports (SSE, StreamableHTTP). However, security relies heavily on correct infrastructure setup (e.g., Nginx/PHP-FPM, proper handling of `connection_aborted()`) and secure implementation of custom tools, prompts, and resources. OAuth2 authentication is recommended for production environments but not included by default.
Updated: 2025-12-15GitHub
41
22
Medium Cost
mytechnotalent icon

MalwareBazaar_MCP

by mytechnotalent

Sec8

An AI-driven MCP server interfacing with Malware Bazaar for real-time threat intelligence and sample metadata, supporting cybersecurity research workflows.

Setup Requirements

  • ⚠️Requires MalwareBazaar API Key (free registration on abuse.ch).
  • ⚠️Requires `uv` package manager for virtual environment setup and script execution.
  • ⚠️Downloads malware samples (password 'infected') directly to the current working directory (os.getcwd()).
Verified SafeView Analysis
The server's explicit purpose is to retrieve and potentially download malware samples from MalwareBazaar. Downloaded files are saved to the current working directory, which requires users to be mindful of where they run the server and to handle downloaded files with extreme caution (they are password-protected with 'infected'). API keys are loaded securely from environment variables. No 'eval', obfuscation, or other highly dangerous code patterns are observed in the provided source.
Updated: 2025-11-26GitHub
41
37
Medium Cost
boykush icon

scraps

by boykush

Sec9

Integrates a Markdown-based knowledge hub with AI assistants, enabling natural language search and lookup capabilities.

Setup Requirements

  • ⚠️Requires Git command-line tool to be installed and available in PATH for certain features.
  • ⚠️A 'Config.toml' file must be present in the project root for configuration loading.
Verified SafeView Analysis
The MCP server communicates exclusively via standard input/output (stdin/stdout), which minimizes external network attack surface. It processes Markdown files from a designated directory and uses well-regarded libraries (pulldown-cmark, fuzzy-matcher, serde) for parsing, searching, and serialization. Request parameters are validated using schemars to deny unknown fields. The primary security consideration would be potential vulnerabilities within the Markdown parsing or file I/O if processing highly untrusted and maliciously crafted input files, but no obvious direct code execution or 'eval' patterns are present in the provided code.
Updated: 2025-12-13GitHub
41
20
Medium Cost
StacklokLabs icon

gofetch

by StacklokLabs

Sec9

An MCP server written in Go that retrieves and processes web content, designed for efficiency and enhanced security compared to a Python counterpart.

Setup Requirements

  • ⚠️Go 1.24+ required for building from source.
  • ⚠️Task CLI required for build automation (e.g., `task build`).
  • ⚠️Docker or Podman required for running as a container or using ToolHive.
Verified SafeView Analysis
The Go language implementation and explicit attention to container security (non-root, distroless, signing), `robots.txt` compliance, and configurable user agents significantly reduce common security risks. There are no apparent `eval` or command injection vulnerabilities. The use of a `max_length` parameter for content extraction helps mitigate risks related to processing excessively large web pages, preventing potential resource exhaustion, though fetching a 1MB text body might still be resource-intensive depending on server load. A formal security audit would confirm parsing library robustness.
Updated: 2025-12-13GitHub
41
14
Medium Cost
adambdooley icon

foundry-vtt-mcp

by adambdooley

Sec8

Integrates Foundry VTT with Claude Desktop, enabling AI-powered campaign management, character/compendium interaction, content creation, and map generation with system-specific support for DSA5, D&D5e, and PF2e.

Setup Requirements

  • ⚠️Requires Claude Desktop with MCP support and a Claude Pro/Max Plan for AI functionality.
  • ⚠️AI map generation requires a GPU with at least 8GB VRAM (Apple Silicon only on Mac, CUDA on Windows).
  • ⚠️ComfyUI AI Map Generation component involves a significant download (~15GB) during installation.
  • ⚠️Foundry VTT v13 is a prerequisite.
Verified SafeView Analysis
The server functions as a local bridge between Foundry VTT and Claude Desktop. It relies on Foundry's GM-only access and configurable permissions for data access and modification. The `dpapi` and `binary-cookies` dependencies are used for specific Windows integration (e.g., Claude Desktop configuration), potentially accessing local user data (browser cookies for authentication configuration), which grants privileged local access. Command execution (`execSync`) is limited to build and installation scripts, not typical runtime operations involving untrusted user input. Input validation is performed using Zod schemas for tool arguments.
Updated: 2025-12-04GitHub
41
18
Medium Cost
epicweb-dev icon

mcp-auth

by epicweb-dev

Sec8

The MCP server acts as an AI agent client for the Epic Me journaling app, allowing users (via an AI) to create, read, update, and manage journal entries and tags, with suggestions powered by AI sampling.

Setup Requirements

  • ⚠️Requires a local OAuth/DB server (`EpicMeApp`) to be running on `http://localhost:7788` for full functionality (managed by the `epicshop` tooling for the workshop).
  • ⚠️Designed for Cloudflare Workers environment, requiring specific bindings like Durable Objects (`EPIC_ME_MCP_OBJECT`) and potentially KV/D1 for the associated `EpicMeApp`.
  • ⚠️AI-powered features (e.g., tag suggestions) rely on external LLM services (implicitly Workers AI or similar) and will incur token costs, especially with larger journal entries or numerous tags sent for analysis.
Verified SafeView Analysis
The system utilizes OAuth for authentication and authorization, including introspection for token validation. Input validation is performed using Zod schemas for API calls and AI prompt generation. The `EPIC_ME_AUTH_SERVER_URL` is hardcoded to `http://localhost:7788` for local development, which is insecure for production environments. In a production deployment, this URL must be configured via environment variables and use HTTPS. No direct 'eval' or malicious obfuscation patterns were observed. The overall architecture follows good security practices for an agent-based system, but the hardcoded local URL is a critical setup consideration for deployment.
Updated: 2025-12-13GitHub
41
18
Medium Cost
biocontext-ai icon

knowledgebase-mcp

by biocontext-ai

Sec5

Provides a standardized connection layer between AI systems and biomedical resources for agentic large language models.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️KEGG and Google Scholar tools are disabled by default in production deployments due to licensing and rate-limiting restrictions, respectively, requiring explicit environment variables to enable.
  • ⚠️Users are solely responsible for ensuring compliance with all applicable license terms and usage limits of the individual external biomedical APIs.
  • ⚠️Local setup using `uvx` (uv extender) is recommended, implying `uv` installation is a prerequisite.
Review RequiredView Analysis
The server enables Cross-Origin Resource Sharing (CORS) from all origins (`allow_origins=["*"]`) when run in PRODUCTION mode, which is a significant security risk for public deployments. While the comment notes to 'Be more restrictive in production', the default implementation is wide open. It relies on numerous external biomedical APIs, and users are explicitly responsible for adhering to their individual usage limits and licensing, adding a compliance burden. The dynamic fetching and parsing of OpenAPI schemas from external URLs, if configured in 'openapi/config.yaml', could introduce vulnerabilities if an attacker gained control over the config or could inject malicious schema URLs.
Updated: 2025-12-14GitHub
41
18
Medium Cost
ozgureyilmaz icon

polymarket-mcp

by ozgureyilmaz

Sec9

This server provides real-time Polymarket prediction market data and AI-powered insights through the Model Context Protocol (MCP) for integration with AI clients like Claude Desktop.

Setup Requirements

  • ⚠️Requires Rust 1.70+ to build from source.
  • ⚠️Primarily designed for integration with Claude Desktop, requiring manual JSON configuration in its settings file.
  • ⚠️Requires an internet connection to access the Polymarket API (no API key required for public data).
Verified SafeView Analysis
The project demonstrates robust security practices for a Rust application: no 'eval' or obfuscation is present, API keys are handled securely (not hardcoded, redacted in logs), and all network traffic uses HTTPS. It features retry logic with exponential backoff and jitter for API calls, and handles rate limiting. Configuration validation prevents invalid settings. Logs are directed to stderr to maintain clean MCP JSON output on stdout, preventing potential data interference.
Updated: 2025-11-26GitHub
PreviousPage 86 of 647Next