Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

40
22
Medium Cost
imprvhub icon
Sec8

Enables Claude Desktop to interact with Spotify for music control and discovery.

Setup Requirements

  • ⚠️Requires Node.js 16 or higher.
  • ⚠️Requires a Spotify account and Spotify API credentials (Client ID and Client Secret) obtained from the Spotify Developer Dashboard.
  • ⚠️The Spotify application redirect URI must be set to `http://127.0.0.1:8888/callback`.
  • ⚠️Claude Desktop needs to be restarted after successful Spotify authentication to properly initialize the MCP's tool registry and WebSocket session token cache.
Verified SafeView Analysis
The server loads Spotify API credentials from environment variables, avoiding hardcoding secrets directly in the source. It stores authentication tokens in the user's home directory (`~/.spotify-mcp/tokens.json`), which is a standard practice for local applications requiring persistent authentication. Input validation is performed using Zod schemas for tool arguments. A minor concern is the use of `child_process.exec` to kill processes if the local OAuth server port (8888) is in use; while this targets a fixed local port and is for recovery, direct execution of system commands can introduce risk if not carefully controlled. Overall, the approach is transparent and follows reasonable security practices for a local client-side integration.
Updated: 2026-01-14GitHub
40
18
Medium Cost
Decodo icon
Sec9

Connects LLMs and applications to Decodo's web scraping platform for easy web data access and parsing.

Setup Requirements

  • ⚠️Requires a Decodo integrations plan and API key (a free tier with 2.5k requests is mentioned).
  • ⚠️SCRAPER_API_USERNAME and SCRAPER_API_PASSWORD environment variables must be set for authentication with the Decodo API.
  • ⚠️Node.js 18.0+ is required.
Verified SafeView Analysis
No hardcoded secrets were found; API credentials (username and password) are correctly handled via environment variables (`SCRAPER_API_USERNAME`, `SCRAPER_API_PASSWORD`). The server acts as a proxy to an external web scraping API, which involves network requests. The security of the external Decodo API itself is beyond the scope of this code analysis.
Updated: 2026-01-19GitHub
40
9
Medium Cost
e18e icon

mcp

by e18e

Sec9

This MCP server assists developers by identifying inefficient or outdated npm packages in install commands and source files, providing migration documentation.

Setup Requirements

  • ⚠️Requires Node.js >=18
Verified SafeView Analysis
The server primarily performs static analysis on user-provided code and package install commands. It uses 'es-module-lexer' for code parsing, which is a safe static analysis library. Documentation is fetched from a known GitHub repository during build time and served locally, mitigating runtime network risks for content. No direct execution of arbitrary user-provided code ('eval') or hardcoded secrets were found. The overall architecture focuses on data processing rather than complex external interactions that might introduce vulnerabilities.
Updated: 2026-01-09GitHub
40
9
Medium Cost
agent0ai icon
Sec4

Provides AI agents with robust capabilities to execute terminal commands and Python code on the host system.

Setup Requirements

  • ⚠️Requires `uvx` or `pipx` for simplified execution, or manual installation and Python invocation.
  • ⚠️Virtual environments require explicit activation via `CODE_EXEC_INIT_COMMANDS` to be available in executed sessions.
  • ⚠️Windows support is experimental and may have behavioral differences.
Review RequiredView Analysis
This server explicitly enables full code execution on the host system, making it inherently high-risk if exposed to untrusted agents or environments. While it uses `shlex.quote` for Python code, this primarily protects the command execution context, not the code content itself. There are no obvious unintended vulnerabilities like hardcoded secrets or arbitrary `eval` within the server's own logic beyond its stated purpose. However, its core function is to execute arbitrary commands/code, which is a significant security risk by design. The README explicitly warns about this inherent risk.
Updated: 2025-11-26GitHub
40
27
Medium Cost
MetroStar icon

comet

by MetroStar

Sec1

An AI-enhanced development workflow agent (Model Context Protocol server) to assist with building React/TypeScript components based on USWDS, including code generation, component listing, and documentation search.

Setup Requirements

  • ⚠️Requires Node.js (version >=18 for @metrostar/comet-mcp and >=20 for the root project).
  • ⚠️Requires `git` to be installed on the system for project initialization (e.g., `init_project`).
  • ⚠️Requires network access for the `search_uswds` tool to fetch documentation from designsystem.digital.gov.
Review RequiredView Analysis
The `init_project` tool directly uses `execAsync` with user-provided `projectName` without sufficient sanitization. This allows for arbitrary command injection (e.g., via `my-project; rm -rf /; `), posing a critical security risk to the host system running the MCP server.
Updated: 2026-01-19GitHub
40
7
Medium Cost
mapyr icon

mcp-hangar

by mapyr

Sec4

Lifecycle management and orchestration platform for Model Context Protocol (MCP) providers, focusing on auto-discovery, observability, and resilience for LLM tooling at scale.

Setup Requirements

  • ⚠️Python 3.11 or higher is required.
  • ⚠️Docker or Podman is required for 'container' mode providers.
  • ⚠️Absolute paths must be used for container volume mounts to ensure data persistence and correct operation across different client execution directories.
  • ⚠️If using the Knowledge Base with PostgreSQL, the `asyncpg` library is required. For JWT/OIDC authentication, Keycloak (or a compatible OIDC provider) must be set up.
Verified SafeView Analysis
**CRITICAL VULNERABILITY**: The 'AUTH_SECURITY_AUDIT.md' report explicitly highlights a lack of rate limiting on authentication attempts, making the server vulnerable to brute-force attacks. **MEDIUM RISKS**: Absence of IP binding for API keys (allowing stolen keys to be used from any IP) and lack of automatic API key rotation are noted. While the project implements strong secure defaults for Kubernetes pods (runAsNonRoot, readOnlyRootFilesystem, dropped capabilities), input validation, command sanitization, and secrets masking in logs, the critical authentication weakness significantly lowers the overall security posture. Example Keycloak configuration files contain hardcoded secrets (`mcp-hangar-secret`), which should be replaced with proper secret management in production deployments.
Updated: 2026-01-19GitHub
40
20
Medium Cost
StacklokLabs icon

gofetch

by StacklokLabs

Sec9

An MCP server that retrieves and extracts textual content from web pages, respecting robots.txt for AI agents.

Setup Requirements

  • ⚠️Go 1.24 or later required
  • ⚠️Task (taskfile.dev) build tool required
Verified SafeView Analysis
The server is implemented in Go, offering single binary deployment and enhanced container security (non-root, distroless images, signing). It respects robots.txt by default and offers configurable proxy support. Input validation for `max_length` and `start_index` parameters is present. There are no apparent hardcoded secrets or obvious malicious patterns like 'eval'. The project has a clear security vulnerability reporting process. Risks common to fetching external content (e.g., malformed HTML, large payloads) are mitigated by using robust parsing libraries and configurable limits.
Updated: 2026-01-18GitHub
40
2
Low Cost

goflow

by dshills

Sec8

Visual workflow orchestration for Model Context Protocol (MCP) servers.

Setup Requirements

  • ⚠️Requires Go 1.21+ installed to build from source; no pre-built binaries are available yet.
  • ⚠️Relies on Node.js and npm/npx to install and run example Model Context Protocol (MCP) servers like '@modelcontextprotocol/server-filesystem'.
Verified SafeView Analysis
GoFlow itself follows good security practices (e.g., system keyring for credentials) and does not inherently expose critical vulnerabilities based on the provided information. However, as a workflow orchestrator, its primary function is to execute external MCP server commands, which may include using 'npx' to download and run third-party npm packages. The overall security of a deployed GoFlow solution heavily depends on the trustworthiness and secure configuration of the MCP servers and tools registered by the user. Running 'npx' with '-y' automatically downloads and executes packages, which carries supply chain risk if the package source or integrity is compromised.
Updated: 2025-11-17GitHub
40
19
Medium Cost
biocontext-ai icon

knowledgebase-mcp

by biocontext-ai

Sec7

A standardized Model Context Protocol (MCP) server that aggregates and provides AI systems with access to diverse biomedical knowledge bases and analysis tools.

Setup Requirements

  • ⚠️Requires Python 3.12 or newer.
  • ⚠️External APIs (e.g., KEGG, Google Scholar) have usage limits and/or licensing restrictions, making them unsuitable for remote/production hosting without specific environment variable flags (MCP_INCLUDE_KEGG, MCP_INCLUDE_SCHOLARLY) or alternative access.
  • ⚠️Relies on 'uv' (or 'uvx') for local installation and execution.
Verified SafeView Analysis
The project generally follows good practices for handling external API calls (e.g., uses yaml.safe_load). However, the scholarly tool's use of free proxies to bypass rate limits introduces a potential security risk by routing requests through unvetted third-party infrastructure. Additionally, the default CORSMiddleware configuration uses allow_origins=["*"] in production mode, which is overly permissive and should be restricted for public deployments, as noted in the source code.
Updated: 2026-01-12GitHub
40
2
Medium Cost
lordofthejars icon

openapi-diff-mcp-server

by lordofthejars

Sec7

Compares two OpenAPI specifications to identify differences and report compatibility status in various formats.

Setup Requirements

  • ⚠️Requires Java Development Kit (JDK) installed to build and run.
  • ⚠️Requires Apache Maven for building the project.
  • ⚠️Relies on external URLs for fetching OpenAPI specifications, requiring internet access for this feature.
Verified SafeView Analysis
The server's core functionality involves fetching OpenAPI specifications from arbitrary URLs. This could potentially be abused for resource exhaustion (e.g., downloading excessively large files or making requests to slow servers) if malicious URLs are provided. No other critical vulnerabilities like 'eval' usage, obfuscation, hardcoded secrets, or direct malicious patterns were identified.
Updated: 2025-12-09GitHub
40
18
Low Cost
philogicae icon

ygg-torrent-mcp

by philogicae

Sec8

Provides a Python wrapper and MCP/FastAPI server to programmatically interact with YggTorrent for searching, retrieving details, and downloading torrents.

Setup Requirements

  • ⚠️Project is deprecated; alternative repositories (fr-torrent-search-mcp, torrent-search-mcp) are recommended.
  • ⚠️Requires an active YggTorrent account and passkey.
  • ⚠️Requires Python 3.10+ (for direct installation) or Docker.
Verified SafeView Analysis
The YGG_PASSKEY is handled via environment variables, which is a good practice. It is explicitly designed to be injected locally into torrent files/magnet links to prevent external exposure. A dummy passkey is hardcoded as a fallback, which is a minor concern if inadvertently used in a production environment. No 'eval' or obvious malicious patterns were found in the provided code.
Updated: 2026-01-12GitHub
40
3
Low Cost
mratsim icon

delulu

by mratsim

Sec7

A Rust-based library and CLI tool for scraping and analyzing flight and hotel data from Google Travel services.

Setup Requirements

  • ⚠️Requires a Rust toolchain (cargo) to build and run.
  • ⚠️Automated scraping of Google services carries a risk of IP blocking or rate limiting by Google, potentially requiring proxies or careful usage patterns.
  • ⚠️Reliant on Google's HTML structure and protobuf API, which may change and break the tool's functionality.
Verified SafeView Analysis
The tool employs advanced browser emulation and custom-engineered cookie generation (SOCS) to bypass Google's consent walls and scrape data. While no traditional hardcoded secrets or 'eval' calls are present, this approach carries the risk of violating Google's Terms of Service and can lead to the user's IP being rate-limited or blocked. The scraping mechanism is also highly susceptible to breakage with changes in Google's website HTML or protobuf API. Ensure adherence to Google's terms of service if using the tool.
Updated: 2026-01-17GitHub
PreviousPage 95 of 760Next