Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(7756)

40
20
Medium Cost
perses icon

mcp-server

by perses

Sec9

The Perses MCP Server enables LLM hosts (e.g., Claude Desktop, VS Code Copilot) to interact with the Perses Application for managing observability resources through a standardized Model Context Protocol (MCP).

Setup Requirements

  • ⚠️Requires a `PERSES_TOKEN` obtained via `percli`.
  • ⚠️The `PERSES_TOKEN` has a default 15-minute expiration, requiring re-login or Perses configuration changes to extend.
  • ⚠️Requires downloading and configuring a specific binary for the operating system and architecture, or building it from source.
Verified SafeView Analysis
The server uses a `PERSES_TOKEN` obtained from the environment variable for authentication with the Perses backend, which is good practice. It supports a `--read-only` flag to restrict operations, enhancing security. The Go source code does not show evidence of `eval` or similar dynamic code execution based on user input, and tool parameters are strongly typed, reducing injection risks. The HTTP streamable mode exposes a configurable port, requiring users to secure network access if deployed remotely. The primary security consideration is the protection of the `PERSES_TOKEN` itself, which has a default 15-minute expiration, mitigating long-term exposure.
Updated: 2025-12-14GitHub
40
16
Medium Cost
bejaminjones icon

bear-notes-mcp

by bejaminjones

Sec8

Provides a Model Context Protocol (MCP) interface for Claude Desktop to interact with Bear notes, enabling comprehensive read and sync-safe write operations.

Setup Requirements

  • ⚠️Requires macOS, as Bear is a macOS/iOS application.
  • ⚠️Requires Claude Desktop to be granted 'Full Disk Access' manually in macOS System Preferences.
  • ⚠️Requires Node.js 18+ to be installed.
Verified SafeView Analysis
The server's design to use direct database reads and Bear's x-callback-url API for writes (hybrid sync-safe mode) is a good practice to prevent database corruption. It leverages 'child_process.exec' for local system commands (AppleScript to check Bear status, 'open' for Bear API calls). While 'exec' can be a security risk if not carefully controlled, its usage here appears confined to specific, documented local interactions with the Bear application. The primary security concern is the requirement for 'Full Disk Access' for Claude Desktop, which the server transparently guides the user through, but is a high-privilege permission.
Updated: 2025-11-26GitHub
40
16
High Cost
kukapay icon
Sec1

A comprehensive suite of Model Context Protocol (MCP) servers for aggregating, analyzing, and providing real-time cryptocurrency, blockchain, and Web3 data and services to AI agents and developers.

Setup Requirements

  • ⚠️Requires various third-party API keys (e.g., exchange APIs, data providers, RPC services), many of which may be paid or have rate limits.
  • ⚠️Automated trading tools require actual cryptocurrency funds, involving significant financial risk.
  • ⚠️Requires access to blockchain RPC endpoints (e.g., Ethereum, Solana, BSC, Sui), which may incur costs or require dedicated infrastructure.
Review RequiredView Analysis
The provided 'SOURCE CODE' is solely a README file, which only describes the functionality of the MCP servers. It does not contain actual executable code (e.g., Python, JavaScript, Dockerfiles, etc.). Therefore, a comprehensive security audit for patterns like 'eval', obfuscation, network risks, hardcoded secrets, or malicious patterns cannot be performed. Automated trading features inherently involve financial risk, but no specific vulnerabilities can be identified from the given documentation.
Updated: 2025-12-09GitHub
40
4
Medium Cost
human-re icon

Aline

by human-re

Sec6

Aline provides persistent, shared AI agent memory across sessions and teams, maintaining conversational context and facilitating seamless collaboration.

Setup Requirements

  • ⚠️Requires 'uv' (a Python package manager) to be installed; the server attempts automatic installation, but manual intervention might be necessary.
  • ⚠️Relies on a compatible Model Context Protocol (MCP) agent (e.g., Claude Code) for integration and interaction.
  • ⚠️Implicitly requires 'git' to be installed and configured for team sharing and context syncing with GitHub repositories.
Verified SafeView Analysis
The installation process involves automatically downloading and executing shell scripts from 'astral.sh' for 'uv' (a Python package manager) via `curl | sh` or `powershell | iex`. While 'astral.sh' is a legitimate source for 'uv', executing scripts directly from the internet introduces a supply chain risk if the source or download link were ever compromised. Furthermore, running `uvx --refresh` means the 'aline-ai' package is continuously downloaded and refreshed, which could also pose a risk if the package registry is compromised.
Updated: 2025-12-02GitHub
40
5
Medium Cost
KSAklfszf921 icon

sverigesradio-mcp

by KSAklfszf921

Sec9

Accessing Swedish radio programs, podcasts, live streams, news, and traffic information for AI assistants.

Setup Requirements

  • ⚠️The underlying Sveriges Radio API is no longer actively maintained, which could lead to future data inconsistencies or unavailability.
  • ⚠️Optional Bearer token authentication (MCP_AUTH_TOKEN) can be configured, requiring an Authorization header for clients if enabled.
  • ⚠️Requires Node.js version 18 or higher.
Verified SafeView Analysis
The server uses environment variables (e.g., MCP_AUTH_TOKEN) for sensitive data, implements Zod for robust input validation, and includes CORS, rate limiting, and session management. It fetches data from Sveriges Radio's public API, which does not require authentication itself. No direct 'eval' usage, code obfuscation, or obvious malicious patterns were found in the provided source. Standard, well-vetted Node.js dependencies are used. The security measures primarily protect the MCP server endpoint and manage access to the public upstream API.
Updated: 2025-12-08GitHub
40
21
Low Cost
haroldadmin icon

fastify-mcp

by haroldadmin

Sec9

Integrates Model Context Protocol (MCP) server functionality into Fastify web applications, supporting streamable HTTP and legacy HTTP+SSE transports.

Setup Requirements

  • ⚠️In-memory session management in 'stateful' mode is not suitable for horizontally scaled production deployments and requires integration with a distributed session store.
  • ⚠️The HTTP+SSE transport (`fastifyMCPSSE` plugin) is deprecated by the MCP protocol; migration to Streamable HTTP (`streamableHttp` plugin) is recommended.
Verified SafeView Analysis
The codebase appears well-structured and follows good practices for a Fastify plugin. It correctly handles session management (add, remove, close events) and provides generic error responses for invalid requests, minimizing information leakage. There are no obvious signs of 'eval' usage, obfuscation, hardcoded secrets, or malicious patterns. The use of `reply.raw` is inherent to Fastify's low-level access and the underlying MCP SDK transport layer. The primary security consideration for deployment is the in-memory session management, which, while secure for single-node instances, would require a distributed session store for horizontally scaled applications to prevent state loss or unauthorized access across instances. This is a design choice inherent to how the MCP SDK handles sessions, not a vulnerability in the plugin itself.
Updated: 2025-12-10GitHub
40
11
Medium Cost
IBM icon
Sec9

The IBM Data Intelligence MCP Server acts as an integration layer for IBM Data Intelligence services, enabling modular and scalable interaction via the Model Context Protocol for various data management, governance, and AI/ML tasks.

Setup Requirements

  • ⚠️Requires Python 3.11 or higher.
  • ⚠️Requires an active IBM Data Intelligence SaaS or CPD 5.2.1 instance.
  • ⚠️Authentication requires `DI_SERVICE_URL` and `DI_APIKEY` (or `DI_AUTH_TOKEN`) set as environment variables or passed as HTTP headers. `DI_USERNAME` is also required for CPD with API key.
  • ⚠️Running in stdio mode requires `LOG_FILE_PATH` environment variable set.
  • ⚠️Running in HTTPS mode requires `--ssl-cert` and `--ssl-key` CLI arguments or `SSL_CERT_PATH` and `SSL_KEY_PATH` environment variables.
Verified SafeView Analysis
The codebase demonstrates strong security practices: no `eval` or obvious obfuscation, and sensitive data redaction is explicitly implemented (e.g., URLs, database credentials, API keys, tokens, emails, IPs, file paths, UUIDs, credit card numbers, SSNs, phone numbers) within error messages to prevent leakage. Authentication relies on environment variables (`DI_APIKEY`, `DI_AUTH_TOKEN`) or HTTP headers (`x-api-key`, `Authorization`), not hardcoded secrets. HTTPS is supported with configurable SSL/TLS options. Robust logging with JSON format and traceability (transaction_id, trace_id) is also present.
Updated: 2025-12-04GitHub
40
17
Medium Cost
hashicorp icon

vault-mcp-server

by hashicorp

Sec8

An MCP server that integrates with HashiCorp Vault to manage secrets and mounts, acting as an intermediary between LLM clients and Vault.

Setup Requirements

  • ⚠️Requires a running HashiCorp Vault server (local or remote).
  • ⚠️Requires a valid Vault token with appropriate permissions.
  • ⚠️Docker is required for the recommended setup and integration methods (e.g., Gemini extension).
Verified SafeView Analysis
The server demonstrates strong security awareness, with comprehensive HTTP middleware for CORS, TLS, and Vault context. It explicitly rejects Vault tokens in query parameters and enforces TLS for non-localhost bindings. The documentation clearly warns that the server is intended for local use only and that users must configure `MCP_ALLOWED_ORIGINS` to prevent DNS rebinding attacks and cross-origin vulnerabilities. It also notes that Vault data, including secrets, may be exposed to trusted MCP clients and LLMs, emphasizing the need for trusted clients/LLMs. No 'eval' or obvious code injection patterns are present.
Updated: 2025-12-05GitHub
40
9
Medium Cost
agent0ai icon
Sec4

Provides AI agents with robust capabilities to execute terminal commands and Python code on the host system.

Setup Requirements

  • ⚠️Requires `uvx` or `pipx` for simplified execution, or manual installation and Python invocation.
  • ⚠️Virtual environments require explicit activation via `CODE_EXEC_INIT_COMMANDS` to be available in executed sessions.
  • ⚠️Windows support is experimental and may have behavioral differences.
Review RequiredView Analysis
This server explicitly enables full code execution on the host system, making it inherently high-risk if exposed to untrusted agents or environments. While it uses `shlex.quote` for Python code, this primarily protects the command execution context, not the code content itself. There are no obvious unintended vulnerabilities like hardcoded secrets or arbitrary `eval` within the server's own logic beyond its stated purpose. However, its core function is to execute arbitrary commands/code, which is a significant security risk by design. The README explicitly warns about this inherent risk.
Updated: 2025-11-26GitHub
40
16
Medium Cost
Async-IO icon
Sec9

A web dashboard for managing and monitoring Pierre MCP Server, a fitness intelligence platform, providing user management, API key handling, A2A client monitoring, real-time updates, and usage analytics with role-based access control.

Setup Requirements

  • ⚠️Requires `PIERRE_MASTER_ENCRYPTION_KEY` environment variable for encrypted data persistence across restarts.
  • ⚠️Requires a database (SQLite or PostgreSQL configured via `DATABASE_URL`).
  • ⚠️An initial admin user must be created via CLI (`cargo run --bin admin-setup`) before dashboard access.
  • ⚠️The chat feature requires an LLM API key (`GEMINI_API_KEY` or `GROQ_API_KEY`) to be configured.
Verified SafeView Analysis
The server demonstrates strong security practices including AES-256-GCM encryption for sensitive data (OAuth tokens, client secrets) with proper nonce handling, Ed25519 for A2A client authentication, Argon2 for password/secret hashing, PKCE enforcement for OAuth2 flows with constant-time comparisons, CSRF protection, and configurable CORS/header security. A two-tier key management system (MEK from env, DEK encrypted in DB) is implemented. PII redaction middleware is in place for logging. Critical secrets like the master encryption key (`PIERRE_MASTER_ENCRYPTION_KEY`) and JWT signing secret (`PIERRE_JWT_SECRET`) are expected to be provided via environment variables, which is a standard secure practice. Misconfiguration of these environment variables could lead to data loss or exposure, but this is an operational concern, not a code vulnerability.
Updated: 2025-12-15GitHub
40
3
Medium Cost
aoutpost2-rgb icon

mcp-server

by aoutpost2-rgb

Sec9

Provides real-time Indian options market data and volatility analytics to AI chats, enabling quantitative analysis and trading insights.

Setup Requirements

  • ⚠️Requires Node.js version >= 24.0.0.
  • ⚠️Requires manual creation of a credentials file (`~/.getoutpost_credentials.json`) by obtaining access and refresh tokens from GetOutpost.in's developer tools.
  • ⚠️Primarily designed for integration with Claude Desktop.
Verified SafeView Analysis
The server follows good security practices by not hardcoding secrets and relying on a local credentials file (`~/.getoutpost_credentials.json`). It handles token refresh securely and uses HTTPS for API communication. The server is designed to run locally, minimizing external exposure. The broad CORS setting (`origin: '*'`) in the HTTP server (mcp_server.ts) is acceptable for a local MCP server designed for desktop integration but would be a vulnerability in a public-facing application.
Updated: 2025-12-10GitHub
40
2
Low Cost

goflow

by dshills

Sec8

Visual workflow orchestration for Model Context Protocol (MCP) servers.

Setup Requirements

  • ⚠️Requires Go 1.21+ installed to build from source; no pre-built binaries are available yet.
  • ⚠️Relies on Node.js and npm/npx to install and run example Model Context Protocol (MCP) servers like '@modelcontextprotocol/server-filesystem'.
Verified SafeView Analysis
GoFlow itself follows good security practices (e.g., system keyring for credentials) and does not inherently expose critical vulnerabilities based on the provided information. However, as a workflow orchestrator, its primary function is to execute external MCP server commands, which may include using 'npx' to download and run third-party npm packages. The overall security of a deployed GoFlow solution heavily depends on the trustworthiness and secure configuration of the MCP servers and tools registered by the user. Running 'npx' with '-y' automatically downloads and executes packages, which carries supply chain risk if the package source or integrity is compromised.
Updated: 2025-11-17GitHub
PreviousPage 92 of 647Next