Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

41
2
Low Cost
AnandChowdhary icon
Sec8

An MCP server that allows AI assistants to manage GitHub Stars contributions and profile links through natural language interaction.

Setup Requirements

  • ⚠️Requires Node.js v18 or later
  • ⚠️Requires a GitHub Stars API token, obtained from stars.github.com/profile
Verified SafeView Analysis
No direct source code for the main application logic (`github-stars-contributions-mcp.mjs`) was provided, limiting a full deep dive. However, analysis of `package.json` and `package-lock.json` reveals standard, reputable dependencies, including `express-rate-limit` for API protection. Secrets (GitHub Stars Token) are configured via environment variables, which is a good security practice. No obvious malicious patterns, obfuscation, or hardcoded secrets were found in the provided files.
Updated: 2025-12-02GitHub
41
49
Low Cost
AterDev icon

ater.dry.cli

by AterDev

Sec8

A .NET-based development assistance tool that streamlines front-end and back-end service creation through code generation, LLM integration, and provides command-line, Web UI, and MCP server interfaces.

Setup Requirements

  • ⚠️Requires .NET SDK 10 (specifically 10.0.100-rc.2.25502.107 or later feature/prerelease version)
  • ⚠️Requires PowerShell 7.0 or higher for running development scripts
  • ⚠️Requires installation as a dotnet global tool via 'dotnet tool install --global perigon.cli' before running
Verified SafeView Analysis
The server runs locally, exposing ports 19160 (or 9160) for its Web UI and MCP Server. This limits direct external network exposure. No hardcoded secrets or obvious malicious patterns are visible in the provided code snippets. The mention of LLM technology could introduce prompt injection risks if not properly implemented, and user-defined Razor templates could be a vector for malicious code if a user intentionally uses them. However, for a local development tool, it appears reasonably secure.
Updated: 2026-01-19GitHub
41
2
Medium Cost
Shin-sibainu icon
Sec9

Analyze iOS/macOS app performance, sales, reviews, and TestFlight data via App Store Connect API.

Setup Requirements

  • ⚠️Requires manual setup of an App Store Connect API Key (Issuer ID, Key ID, .p8 file download - a one-time process).
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Requires specific environment variables for authentication: APP_STORE_CONNECT_ISSUER_ID, APP_STORE_CONNECT_KEY_ID, and either APP_STORE_CONNECT_PRIVATE_KEY_PATH (path to .p8 file) or APP_STORE_CONNECT_PRIVATE_KEY (content of .p8 file).
  • ⚠️The APP_STORE_CONNECT_VENDOR_NUMBER environment variable is required for sales and finance reports.
Verified SafeView Analysis
The server uses environment variables for sensitive API keys, employs Zod for robust input validation, and correctly handles API authentication including special cases like S3 signed URLs for analytics data without sending unnecessary headers. It utilizes standard and well-audited libraries for JWT generation and HTTP requests. No critical vulnerabilities like 'eval' or hardcoded secrets were identified.
Updated: 2025-11-30GitHub
41
24
Medium Cost
blockscout icon

mcp-server

by blockscout

Sec9

Provides AI agents and development tools with contextual, curated access to blockchain data (balances, tokens, NFTs, contract metadata, transactions, logs) across multiple EVM-compatible chains via Blockscout APIs.

Setup Requirements

  • ⚠️Requires Python 3.11+.
  • ⚠️Requires Docker for containerized deployment, or a local Python environment for direct installation.
  • ⚠️Requires network connectivity to Blockscout (and related Chainscout, BENS, Metadata) APIs.
  • ⚠️Client-side configuration is needed for AI platforms (e.g., ~/.gemini/settings.json for Gemini CLI, or Connector installation for Claude).
  • ⚠️Claude Connector integration requires a paid Claude plan.
Verified SafeView Analysis
The server is designed as a wrapper for external Blockscout APIs. It implements several safety measures: no direct 'eval()' or obfuscation found; external API calls include timeouts and retries; API keys are expected via environment variables ('BLOCKSCOUT_BS_API_KEY'), preventing hardcoding. The 'direct_api_call' tool provides access to a curated list of Blockscout endpoints, not arbitrary URLs, mitigating SSRF risks, and enforces a response size limit for AI clients (with an explicit bypass header for REST clients). 'read_contract' uses web3.py for read-only 'eth_call' operations with input validation. Anonymous telemetry data (tool name, args, client info, IP for geolocation) is collected by default but offers an opt-out. No personal data, secrets, or private keys are collected. Overall, the design shows a proactive approach to security in an external API integration context.
Updated: 2026-01-17GitHub
41
26
Medium Cost
vectara icon

vectara-mcp

by vectara

Sec9

Vectara MCP Server enables AI systems to interact seamlessly with Vectara's RAG platform for reduced hallucination, functioning as an open standard Model Context Protocol server.

Setup Requirements

  • ⚠️Requires `VECTARA_API_KEY` environment variable for Vectara API access.
  • ⚠️Requires `VECTARA_CORPUS_KEYS` environment variable (comma-separated) for RAG queries.
  • ⚠️Requires Python 3.11 or higher.
  • ⚠️For local development with Claude Desktop, `STDIO` transport must be explicitly enabled and configured in Claude's `mcpServers` settings.
Verified SafeView Analysis
The server demonstrates a strong 'secure by default' approach. It includes comprehensive documentation on security best practices (`SECURITY.md`), enforces bearer token authentication by default for HTTP/SSE transports, and warns explicitly against disabling authentication or using STDIO transport in production. It utilizes secure SSL contexts for API calls, runs as a non-root user in Docker, and supports CORS configuration and rate limiting. No direct 'eval' or obvious malicious patterns were found.
Updated: 2025-12-05GitHub
41
16
Low Cost
SAP icon
Sec8

Provides AI agents with comprehensive SAP Mobile Development Kit (MDK) knowledge and tools to assist in MDK application development, including project creation, artifact generation (pages, actions, i18n, rules), project management (build, deploy, validate, migrate), and documentation access.

Setup Requirements

  • ⚠️Requires Yeoman (`yo@4.3.1`) to be installed globally for MDK project or entity generation.
  • ⚠️Manual creation of an `AGENTS.md` file is highly recommended for proper AI agent guidance and to ensure optimal project interaction.
  • ⚠️Integration with SAP Mobile Services (including installing the VS Code MDK extension, Cloud Foundry CLI, and generating a `.service.metadata` file via the Mobile App Editor) is required for OData-related project creation and generation tools to function.
Verified SafeView Analysis
The server employs robust security measures, particularly for executing external commands and parsing user-provided data. It uses Zod for input validation, sanitizes file paths (`validateAndSanitizePath`), and whitelists executable commands and their arguments (`validateCommandArgs`) to prevent command injection and directory traversal. XML and JSON parsing include protections against XXE, entity expansion, and size/nesting depth limits (`safeXmlParse`, `safeJsonParse`). However, the inherent use of `execSync` to run external system commands, while heavily fortified, still presents an elevated risk surface that prevents a perfect score.
Updated: 2026-01-19GitHub
41
26
Medium Cost
martin-papy icon

qdrant-loader

by martin-papy

Sec8

A Model Context Protocol (MCP) server that provides advanced Retrieval-Augmented Generation (RAG) capabilities to AI development tools by bridging a QDrant knowledge base for intelligent, context-aware search.

Setup Requirements

  • ⚠️Requires a QDrant instance (local or cloud) running and accessible.
  • ⚠️Requires an LLM API Key (e.g., OpenAI, Azure OpenAI, Ollama) which incurs usage costs for embeddings and advanced AI features.
  • ⚠️Requires Python 3.12+ for installation.
Verified SafeView Analysis
The server follows good security practices for credential management by exclusively using environment variables and implementing redaction of sensitive information in logs. By default, it binds to localhost for stdio transport, minimizing network exposure. For HTTP transport, origin validation and CORS middleware are configured. No direct dynamic code execution from user input ('eval' or similar) was identified, reducing RCE risks. The system relies on external LLM APIs and QDrant, requiring secure configuration of these external services. While input validation is present via Pydantic schemas for arguments, robust sanitization within each search tool's logic for all user-provided string arguments is always a critical consideration, though the RAG nature of the server inherently limits execution of arbitrary code.
Updated: 2026-01-13GitHub
41
23
Low Cost
joehaddad2000 icon

claude-todo-emulator

by joehaddad2000

Sec8

Provides persistent task management for AI coding assistants within IDEs like Cursor and Windsurf by emulating Claude Code's todo system.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Relies on 'uvx' (uv install) to be available in the environment for easy execution.
  • ⚠️Automatically modifies project files like `.gitignore`, `.cursor/rules/`, and `AGENTS.MD` in the workspace directory.
Verified SafeView Analysis
The server primarily operates on local files within the detected workspace. It writes to a specific JSON file (.mcp-todos.json), updates .gitignore, and copies/prepends content to .cursor/rules/ and AGENTS.MD. Content written is static from package resources, not user-controlled input, reducing injection risks. While modifying project files automatically could be seen as a risk by some, it is explicitly documented and core to its functionality. No 'eval' or other highly dangerous functions are used.
Updated: 2025-11-21GitHub
41
25
Medium Cost
PradeepaRW icon

project-nova

by PradeepaRW

Sec8

Manages Paperless-NGX documents by providing an MCP server that exposes an SSE endpoint for integration with n8n, enabling AI agents to search, upload, and manage documents, tags, correspondents, and document types.

Setup Requirements

  • ⚠️Requires a running Paperless-NGX instance with API access enabled.
  • ⚠️Requires a valid Paperless-NGX API token for authentication.
  • ⚠️Requires Docker and Docker Compose to run the containerized solution.
  • ⚠️Requires Node.js runtime for the underlying MCP server package (@nloui/paperless-mcp) and the `supergateway` utility.
Verified SafeView Analysis
The `PAPERLESS_TOKEN` is a sensitive API key configured via an environment variable. While this prevents hardcoding, for production environments, Docker secrets or a dedicated secret management solution are recommended. The server exposes an SSE endpoint, and network access controls (e.g., firewalls, internal Docker networks) should be properly configured by the user to restrict access. No explicit 'eval' or malicious patterns were found in the provided (truncated/summarized) source code. The underlying `@nloui/paperless-mcp` is an npm package, and its security depends on its maintainer.
Updated: 2026-01-19GitHub
41
21
Medium Cost
Ashif4354 icon

StreamStorm

by Ashif4354

Sec6

Automate mass messaging (spamming) in YouTube live stream chats.

Setup Requirements

  • ⚠️Requires an AI Provider API Key (e.g., OpenAI, Anthropic, Google) for AI features (message/channel name generation).
  • ⚠️Requires Google Account Login (via browser or cookie files) for YouTube interaction.
  • ⚠️For Linux, requires manual installation of Python, PyQt5, QtWebEngine, and other dependencies (e.g., `python3-pyqt5 python3-pyqt5.qtwebengine libqt5webkit5 python3-xlib scrot python3-tk python3-dev`). For other OS, `uv` dependency manager handles most Python dependencies.
Review RequiredView Analysis
The application is explicitly designed for abuse and states 'No terms respected. No ethics included.' This poses significant legal and ethical risks to the user, not necessarily technical vulnerabilities in the code itself. It utilizes anonymous analytics and telemetry services (Firebase Analytics, Atatus) which transmit user activity and error data to third parties, although described as anonymous. API keys for AI providers are configured and stored locally via the UI, not hardcoded. The frontend connects to a configurable backend host, defaulting to localhost. Browser automation with `undetected_chromedriver` or `playwright` is used, which can bypass bot detection, further enabling its abusive purpose.
Updated: 2026-01-19GitHub
41
14
High Cost
Dwsy icon
Sec8

Provides a Model Context Protocol (MCP) server to enhance Magic-API development workflows, enabling advanced interactions for script writing, API management, debugging, and deployment.

Setup Requirements

  • ⚠️Requires an existing Magic-API backend server to connect to.
  • ⚠️Python 3.10+ is required (3.11/3.12 recommended).
  • ⚠️The 'uv' tool is recommended for dependency management and execution.
  • ⚠️Network access from the MCP server to the Magic-API server is essential for functionality.
Verified SafeView Analysis
The server handles sensitive information like usernames, passwords, and tokens via environment variables, which is a good practice. It interacts with a backend Magic-API that executes scripts, but the MCP server itself does not directly execute arbitrary user-provided scripts in its own process. Default URLs are localhost, limiting direct network exposure without explicit configuration. The graceful shutdown mechanism also contributes to stability.
Updated: 2025-12-15GitHub
41
23
Medium Cost
nunyabiznessyoubeezy icon

mcp-server-macos-use

by nunyabiznessyoubeezy

Sec8

An AI agent designed to control a macOS computer using OS-level tools, compatible with the Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires macOS (v13 or newer) and a Swift development environment (Xcode) if building from source.
  • ⚠️Requires the `MacosUseSDK` package to be located in a sibling directory (`../MacosUseSDK`) if building from source.
  • ⚠️Requires granting Accessibility permissions for the server application to control the OS.
Verified SafeView Analysis
The server communicates via standard I/O (StdioTransport), which reduces direct network attack surface. No 'eval' or explicit hardcoded secrets are visible in the provided code. However, the server is designed to perform inherently high-privilege OS-level operations (opening applications, clicking, typing, pressing keys). If the AI agent is compromised or misused, it could lead to unauthorized system control. The security of the underlying `MacosUseSDK` is assumed.
Updated: 2025-12-15GitHub
PreviousPage 87 of 760Next