Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

41
25
Medium Cost
klapaudius icon

symfony-mcp-server

by klapaudius

Sec5

Build intelligent AI agents by transforming Symfony applications into Model Context Protocol (MCP) servers, enabling LLM interaction with application logic, tools, prompts, and resources.

Setup Requirements

  • ⚠️Requires a production-ready web server setup (Nginx + PHP-FPM, Apache + PHP-FPM, or Docker) as 'symfony server:start' is not supported for concurrent connections.
  • ⚠️Requires explicit implementation of authentication (e.g., OAuth2) for production environments, as it's not provided by default.
  • ⚠️Requires a Redis server or a Symfony cache pool for the SSE adapter, which needs to be properly configured and accessible.
Review RequiredView Analysis
The server uses secure transports (StreamableHTTP and SSE) but explicitly notes that OAuth2 authentication is 'strongly recommended' for production use, implying it's not provided out-of-the-box. This means deploying without additional security measures would expose the API. The configuration also relies on a properly secured Redis or Cache backend for message queuing.
Updated: 2026-01-13GitHub
41
22
Medium Cost
mytechnotalent icon

MalwareBazaar_MCP

by mytechnotalent

Sec8

An AI-driven MCP server interfacing with Malware Bazaar for real-time threat intelligence and sample metadata, supporting cybersecurity research workflows.

Setup Requirements

  • ⚠️Requires MalwareBazaar API Key (free registration on abuse.ch).
  • ⚠️Requires `uv` package manager for virtual environment setup and script execution.
  • ⚠️Downloads malware samples (password 'infected') directly to the current working directory (os.getcwd()).
Verified SafeView Analysis
The server's explicit purpose is to retrieve and potentially download malware samples from MalwareBazaar. Downloaded files are saved to the current working directory, which requires users to be mindful of where they run the server and to handle downloaded files with extreme caution (they are password-protected with 'infected'). API keys are loaded securely from environment variables. No 'eval', obfuscation, or other highly dangerous code patterns are observed in the provided source.
Updated: 2025-11-26GitHub
41
43
Low Cost
Azure-Samples icon

mcp-container-ts

by Azure-Samples

Sec8

Provides a secure, extensible Model Context Protocol (MCP) server using Node.js and TypeScript, designed to expose custom tools to LLMs, deployable on Azure Container Apps with robust JWT and RBAC security.

Setup Requirements

  • ⚠️Requires Node.js v22.0.0 or higher.
  • ⚠️Requires manual generation and secure management of a JWT token (`JWT_SECRET`, `JWT_TOKEN`) for authentication, especially in production environments.
  • ⚠️Local development with remote AI clients requires exposing the server to the internet using a tunneling service like `devtunnel`.
  • ⚠️An OpenAI API Key is needed to run the provided client examples, not for the MCP server itself.
Verified SafeView Analysis
The server implements JWT-based authentication and role-based access control (RBAC) with granular permissions for tools. It uses `helmet` for security headers, `cors` for origin control, `express.json` with payload limits, and `express-rate-limit` for DDoS protection. SQL operations use prepared statements to prevent injection. Logs redact sensitive data in non-development environments. The `generate-token` script explicitly warns about token management, which is crucial for production deployments. The JSON-RPC validation middleware is commented out by default, which could be a minor security oversight if not enabled in production.
Updated: 2026-01-07GitHub
41
40
Medium Cost
boykush icon

scraps

by boykush

Sec9

The Scraps MCP server provides an interface for AI assistants to interact with a knowledge base of interconnected Markdown documentation, enabling features like content search, tag listing, and link/backlink lookup.

Setup Requirements

  • ⚠️Requires the `git` command-line tool for some functionality (e.g., getting commit timestamps).
  • ⚠️MCP server operates over `stdin`/`stdout` and requires an `rmcp`-compatible client or AI assistant integration for external access.
  • ⚠️Recommended development environment setup uses `mise` to manage Rust, Node.js, and other tools.
Verified SafeView Analysis
The server component itself uses `rmcp` for inter-process communication primarily over `stdin`/`stdout`, limiting direct network exposure for the MCP tools. Input is handled using `serde` for deserialization and `schemars::JsonSchema` for validation, which helps mitigate malformed input risks. Path handling for accessing scrap files is done using `PathBuf` and `join` methods, which generally prevent path traversal issues. Markdown parsing (`pulldown-cmark`) and fuzzy searching (`fuzzy-matcher`) are performed by well-regarded libraries. No explicit `eval` or similar dynamic code execution patterns are observed. The system relies on a locally controlled project directory, which is a key security boundary. A point is deducted for the inherent complexity of file system interactions and potential undiscovered vulnerabilities in external dependencies.
Updated: 2026-01-18GitHub
41
55
Medium Cost
SigNoz icon
Sec9

Integrates SigNoz observability data, including metrics, traces, logs, alerts, and dashboards, with AI assistants and LLMs for natural language querying and management.

Setup Requirements

  • ⚠️Requires a running SigNoz instance with API access and a valid API key.
  • ⚠️Go 1.25+ is required if building the server from source.
  • ⚠️Requires specific client-side configuration for MCP-compatible AI assistants (e.g., Claude Desktop, Cursor) or manual setup for HTTP-based self-hosting.
Verified SafeView Analysis
The server handles API keys via environment variables or Authorization headers, preventing hardcoding. Network requests to the SigNoz API have explicit timeouts (600s or 30s). An authentication middleware is implemented for HTTP transport mode, validating the API key source. No obvious vulnerabilities like 'eval' or malicious patterns were found.
Updated: 2026-01-02GitHub
41
19
Medium Cost
epicweb-dev icon

mcp-auth

by epicweb-dev

Sec8

Serves as an AI agent interface for the EpicMe journaling application, enabling AI to interact with journal entries and tags via the Model Context Protocol.

Setup Requirements

  • ⚠️Requires a local companion EpicMe application server to be running on port 7788, which acts as the OAuth authorization server and database API. This is automatically started during test setup but is a prerequisite for local development.
  • ⚠️The server is designed for deployment on Cloudflare Workers, necessitating a Cloudflare account and familiarity with the Wrangler CLI for setup and management.
  • ⚠️Utilizes specialized Model Context Protocol (MCP) development tools (e.g., `mcp-dev`, `mcp-inspector`) for local development and debugging workflows.
Verified SafeView Analysis
The server employs Zod for robust input validation and delegates authentication to a local OAuth introspection endpoint, which are sound security practices. CORS headers are appropriately configured for public discovery endpoints, preventing broader access issues. No 'eval' or code obfuscation techniques were identified. While the `EPIC_ME_AUTH_SERVER_URL` is hardcoded to a localhost address for development, this is a configuration detail rather than a direct security vulnerability, though it would require environment variable configuration for a production deployment. The use of Cloudflare Durable Objects provides inherent isolation and security benefits.
Updated: 2026-01-19GitHub
41
22
Medium Cost
amirsina-mandegari icon

gitlab-mr-mcp

by amirsina-mandegari

Sec9

Connects an AI assistant to GitLab to manage merge requests, CI/CD pipelines, and code reviews, enabling natural language interaction.

Setup Requirements

  • ⚠️Requires GITLAB_PROJECT_ID environment variable.
  • ⚠️Requires GITLAB_ACCESS_TOKEN environment variable with 'read_api' (or 'api' for write access) scope.
  • ⚠️Requires Python 3.10 or higher.
Verified SafeView Analysis
The server uses environment variables for sensitive credentials (GitLab URL, project ID, access token), preventing hardcoding. API calls are made using aiohttp for standard and secure asynchronous HTTP communication. Input validation for tool arguments is performed via Pydantic schemas, reducing injection risks. There are no direct uses of 'eval' or 'exec' on user-controlled input. Pagination is handled correctly for API calls to prevent excessive memory usage. The project utilizes security linters like Bandit, indicating a focus on secure development practices.
Updated: 2026-01-17GitHub
41
23
Medium Cost
harness icon

mcp-server

by harness

Sec8

Provides an MCP (Model Context Protocol) interface for AI assistants and tools to interact with Harness APIs for advanced automation and development operations.

Setup Requirements

  • ⚠️Requires a Harness API Key (Personal Access Token) for authentication to interact with Harness APIs, implying dependency on a Harness account.
  • ⚠️Go 1.23 or later is required if building from source.
  • ⚠️Requires an MCP-compatible AI assistant or client (e.g., Gemini, Claude, Cursor) to be functional, as it acts as a tool provider for these systems.
Verified SafeView Analysis
The project uses standard API key authentication (HARNESS_API_KEY) passed in headers. There's a SECURITY.md file outlining the vulnerability reporting process, indicating good security practices. Request and response logging is performed, which should be configured carefully to avoid leaking sensitive data, but no direct 'eval' or other high-risk code execution patterns are observed. The `ioutil.ReadAll` in client code, while common, could be a vector for large, malicious responses if interacting with untrusted endpoints, but in this context, it interacts with trusted Harness APIs.
Updated: 2026-01-19GitHub
41
15
Low Cost
tuannvm icon

oauth-mcp-proxy

by tuannvm

Sec9

OAuth 2.1 authentication library for Go MCP servers, supporting both mark3labs and official SDKs for token validation and caching.

Setup Requirements

  • ⚠️Requires an external OAuth provider (e.g., Okta, Google, Azure AD) account and configuration (API, Authorization Server, Client ID, Redirect URIs).
  • ⚠️Environment variables are critical for configuration, including secrets like JWT_SECRET and OAUTH_CLIENT_SECRET.
  • ⚠️HTTPS is strongly recommended and enforced for non-localhost environments in production for OAuth endpoints.
Verified SafeView Analysis
The project demonstrates a strong focus on security, including PKCE support, HMAC-signed state parameters to prevent tampering, explicit redirect URI validation (allowlist and localhost-only for fixed redirect mode), and secure TLS configurations. It logs truncated token hashes instead of full tokens. Extensive security tests are present. A minor area for improvement is a logged warning about an 'insecure-fallback-key' if JWT_SECRET is not configured for state signing, although it correctly prompts for a strong secret.
Updated: 2026-01-16GitHub
41
24
Medium Cost
clay-inc icon

clay-mcp

by clay-inc

Sec9

Integrates AI assistants with the Clay relationship management platform, allowing natural language queries for contact, interaction, group, note, and event management.

Setup Requirements

  • ⚠️Requires a Clay API Key for authentication and functionality.
  • ⚠️Requires Node.js version 18.0.0 or higher.
  • ⚠️Primarily designed for integration with specific AI clients (e.g., Claude, ChatGPT) via their developer settings or Smithery.ai, requiring client-side configuration.
Verified SafeView Analysis
API keys are handled securely via environment variables or URL query parameters, preventing hardcoding. Input validation for all exposed tools is enforced using Zod schemas, significantly mitigating common injection risks. External API calls are directed to a known Clay endpoint (`nexum.clay.earth`), and there is no apparent use of `eval` or direct command execution with user-controlled input.
Updated: 2026-01-14GitHub
41
23
Medium Cost
allsmog icon

mcp-pentest

by allsmog

Sec2

An AI-driven middleware to orchestrate and manage penetration testing tools and engagements.

Setup Requirements

  • ⚠️Requires Python 3.10+.
  • ⚠️Requires Nmap and Gobuster (and other integrated tools like Hydra, John, Nikto, Metasploit for full functionality) binaries to be installed and in the system's PATH.
  • ⚠️Metasploit RPC daemon (msfrpcd) must be running with hardcoded default credentials ('msf'/'password') for Metasploit functionality, which is a significant security risk.
  • ⚠️Assumes existence of common wordlists (e.g., /usr/share/wordlists/dirb/common.txt) for tools like Gobuster and Hydra.
Review RequiredView Analysis
CRITICAL security risks identified. The server is highly vulnerable to command injection in its tool plugins (Nmap, Gobuster, Hydra, John, Nikto). The 'options' parameters in `execute_task` methods directly append user/LLM-supplied input to shell commands without sanitization, allowing arbitrary command execution on the host running the MCP server. Additionally, the Metasploit plugin uses hardcoded default credentials ('msf'/'password') for its RPC connection, posing a significant risk if Metasploit is active and exposed. There is also a general lack of robust input validation for parameters passed to external tools.
Updated: 2025-12-05GitHub
41
31
Medium Cost
timescale icon
Sec9

Provides a set of focused tools to Large Language Models (LLMs) for interacting with the GitHub API, enabling capabilities like fetching issues, pull requests, commits, releases, and searching code within a specified organization.

Setup Requirements

  • ⚠️Requires a GitHub API token (`GITHUB_TOKEN`) with `repo`, `read:org`, `read:user`, and `user:email` scopes.
  • ⚠️Requires a specific GitHub organization (`GITHUB_ORG`) to be configured.
  • ⚠️Node.js and npm must be installed to build and run the server (requires `npm i` then `npm run build`).
Verified SafeView Analysis
The server uses standard practices for handling sensitive information, requiring `GITHUB_TOKEN` and `GITHUB_ORG` to be set as environment variables. It leverages the `@octokit/rest` library for GitHub API interactions, which is a well-maintained and widely used client. Input sanitization for GitHub API calls is implicitly handled by the Octokit library. No direct `eval` or command injection vulnerabilities were observed.
Updated: 2026-01-07GitHub
PreviousPage 89 of 760Next