Stop Searching. Start Trusting.

The curated directory of MCP servers, vetted for security, efficiency, and quality.

Browse DirectoryWhy Us?

Tired of the MCP "Marketplace" Chaos?

We built MCPScout.ai to solve the ecosystems biggest pain points.

No Insecure Dumps

We manually analyze every server for basic security flaws.

Easy Setup

Our gotcha notes warn you about complex setups.

Avoid "Token Hogs"

We estimate token costs for cost-effective agents.

Products, Not Demos

We filter out "Hello World" demos.

CATEGORIES:
SORT:

Vetted Servers(9120)

40
20
Low Cost
v4lheru icon
Sec9

Provides an AI-agent-friendly interface (MCP server) to interact with the Trello API for managing boards, lists, cards, and other Trello resources.

Setup Requirements

  • ⚠️Requires Node.js 18 or higher.
  • ⚠️Requires manual generation of Trello API key and token from the Trello website (https://trello.com/app-key).
  • ⚠️Linux systems require `libsecret` to be installed for secure credential storage (e.g., `sudo apt install libsecret-1-dev` for Debian/Ubuntu).
Verified SafeView Analysis
The server prioritizes secure credential storage by exclusively using OS-native credential managers (keytar) and explicitly avoids plaintext .env files or environment variables for sensitive Trello API keys and tokens during runtime. The `setup-credentials` script handles secure migration from .env files and offers to remove sensitive data from them. Destructive operations like board and card deletion require explicit confirmation. The codebase does not exhibit obvious use of `eval` or direct command injection vulnerabilities.
Updated: 2025-12-02GitHub
40
20
Medium Cost
philogicae icon

torrent-search-mcp

by philogicae

Sec7

Provides a Python API and an MCP/FastAPI server to search for torrents programmatically across multiple sources like ThePirateBay, Nyaa, YggTorrent, and La Cale.

Setup Requirements

  • ⚠️Requires Chromium and its dependencies (installed by Playwright, but can be a setup challenge).
  • ⚠️Optional but recommended: YggTorrent and La Cale accounts with credentials (username/password for YggTorrent, passkey for La Cale) for full functionality.
  • ⚠️Docker and Docker Compose are highly recommended for easier setup, DNS issue bypass, and running the `ygg-api` dependency.
Verified SafeView Analysis
The server performs web scraping using Playwright (Chromium) and interacts with various torrent websites, which carries inherent risks of encountering untrusted content or network interactions. Credentials for YggTorrent and La Cale are managed via environment variables (e.g., .env file) which is good practice. No direct 'eval' or obvious malicious code patterns were found. The Playwright driver installation attempts to handle dependencies, but system-wide dependency installation (if run as root) is always a potential point of friction or risk if the underlying packages were compromised. The custom base62 compression for torrent IDs is used for query parameters, not code execution.
Updated: 2026-01-18GitHub
40
21
Medium Cost
SmartBear icon

smartbear-mcp

by SmartBear

Sec8

Provides AI assistants with access to SmartBear's testing and monitoring tools (BugSnag, Reflect, Swagger, PactFlow, QMetry, Zephyr, Collaborator) by exposing their APIs through a Model Context Protocol (MCP) server.

Setup Requirements

  • ⚠️Requires Node.js 20+ and npm to run locally.
  • ⚠️Requires access and valid API tokens/credentials for each SmartBear product (BugSnag, Reflect, Swagger, PactFlow, QMetry, Zephyr, Collaborator) that you wish to integrate.
  • ⚠️Initial setup for VS Code/Copilot requires adding the `@smartbear/mcp` npm package via a command palette or manual `.vscode/mcp.json` configuration.
Verified SafeView Analysis
The server primarily acts as an API proxy. Secrets (API keys, tokens) are handled via environment variables, which is good practice. URLs are encoded before being used in HTTP requests, mitigating injection risks. Input schemas (Zod) are used for validation. While some internal scripts use `execSync`, these are for build/release processes and not part of the runtime server, limiting user-controlled command execution risk. File handling for QMetry automation import validates file extensions and content type (base64 or local path), which helps reduce local file inclusion vulnerabilities, but any system allowing local file paths needs careful review of trust boundaries.
Updated: 2026-01-19GitHub
40
18
Medium Cost
basher83 icon

Zammad-MCP

by basher83

Sec9

Connects AI assistants to the Zammad ticket system, enabling structured management of tickets, users, organizations, and attachments through an MCP interface.

Setup Requirements

  • ⚠️Python 3.10+ (recommended 3.14.2)
  • ⚠️Requires `uv` package manager for local development
  • ⚠️Zammad instance URL and API credentials are mandatory (API Token recommended)
  • ⚠️Docker required for containerized deployments
Verified SafeView Analysis
The project demonstrates strong security practices including comprehensive input validation (Pydantic, base64, filename sanitization, HTML escaping), URL validation to prevent SSRF, and secure handling of credentials via environment variables or Docker secrets. It actively uses dependency scanning and security workflows. For HTTP transport, security best practices for deployment (e.g., reverse proxy for TLS/authentication) are well-documented, but the server itself relies on external layers for authentication/TLS on the HTTP endpoint.
Updated: 2026-01-18GitHub
40
20
Low Cost
event-catalog icon

mcp-server

by event-catalog

Sec7

Provides an MCP server to enable AI clients to query EventCatalog for event-driven architecture insights.

Setup Requirements

  • ⚠️Requires a deployed EventCatalog instance with the 'LLMS.txt' feature enabled.
  • ⚠️Requires an EventCatalog Scale license key (paid, 14-day trial available).
  • ⚠️Requires Node.js and npm/pnpm installed for `npx` execution.
Verified SafeView Analysis
The server's core functionality relies on fetching data from a user-configured `EVENTCATALOG_URL`. If this URL points to a malicious or untrusted source, the server could fetch and process undesirable content. The license key (`EVENTCATALOG_SCALE_LICENSE_KEY`) is sent to an external API (`api.eventcatalog.cloud`) for verification. While secrets are handled via environment variables or CLI arguments, an example config snippet shows a hardcoded license key, which is bad practice if copied directly. The `SECURITY.md` file indicates strong awareness and implementation of Docker security best practices, which is a significant positive for containerized deployments.
Updated: 2026-01-14GitHub
40
19
Medium Cost
wojtyniak icon

mcp-mcp

by wojtyniak

Sec9

Discovers and suggests other Model Context Protocol (MCP) servers to AI assistants based on natural language queries, returning their full documentation.

Setup Requirements

  • ⚠️Requires Python 3.13+
  • ⚠️Requires `uv` package manager (or `pipx`) for easy installation and execution.
  • ⚠️Semantic search model (`all-MiniLM-L6-v2`) is downloaded on first run (if not precomputed or cached), consuming bandwidth and adding initial startup time.
  • ⚠️Requires network access to GitHub for initial data synchronization and fetching of server READMEs.
Verified SafeView Analysis
The server implements `OriginValidationMiddleware` to prevent DNS rebinding attacks and restrict `Origin` and `Host` headers to `localhost` or `127.0.0.1` in HTTP mode, significantly enhancing security for local deployments. It does not use `eval` or obvious hardcoded secrets. Network requests are made to GitHub for server data and READMEs, with timeouts implemented. All logging is redirected to `stderr` to avoid interfering with MCP protocol communication on `stdout`.
Updated: 2026-01-19GitHub
40
21
Medium Cost
bun913 icon

mcp-testrail

by bun913

Sec8

This server allows AI clients to manage TestRail entities like test cases, projects, suites, runs, and more, directly from their conversation interface.

Setup Requirements

  • ⚠️Requires access to a pre-existing TestRail instance with valid API credentials (URL, username, API key).
  • ⚠️Specific Node.js version requirement: Node.js >=20.18.1 <=22.14.0.
  • ⚠️For test cases, large conversations might exceed token limits, so use `limit` and `offset` parameters for pagination.
Verified SafeView Analysis
The project uses environment variables (TESTRAIL_URL, TESTRAIL_USERNAME, TESTRAIL_API_KEY) for sensitive credentials, which is good practice. Input validation is robust, leveraging Zod schemas to define and parse expected data, mitigating many common injection vulnerabilities. Error responses returned to clients are generic, preventing direct leakage of internal server errors. A minor point is that `handleApiError` logs raw `responseData` to `console.error`, which could expose sensitive information in server logs if not properly secured, but this data is not directly returned to the client.
Updated: 2026-01-14GitHub
40
15
Medium Cost
KasarLabs icon

ask-starknet

by KasarLabs

Sec9

A unified Model Context Protocol (MCP) server that provides AI-powered routing to specialized Starknet MCP servers, enabling AI applications to seamlessly interact with Starknet protocols, wallets, and DeFi applications.

Setup Requirements

  • ⚠️Requires at least one LLM API key (ANTHROPIC_API_KEY, GEMINI_API_KEY, or OPENAI_API_KEY) to function.
  • ⚠️For write operations (e.g., transactions, deployments, trading), `STARKNET_ACCOUNT_ADDRESS` and `STARKNET_PRIVATE_KEY` must be configured.
  • ⚠️Specific specialized MCPs (e.g., Extended, Cairo Coder, Artpeace) require additional, dedicated environment variables for their respective services (e.g., `EXTENDED_API_KEY`, `CAIRO_CODER_API_KEY`).
Verified SafeView Analysis
The project uses environment variables for sensitive data (API keys, private keys) via `dotenv`, which is good practice. Tool execution is mediated by the Model Context Protocol SDK, which is designed for secure invocation and prevents arbitrary code execution like `eval`. Cryptographic operations for Starknet signatures (e.g., in `extended-mcp`) use established libraries like `starknet` and optionally WASM for performance, indicating a focus on secure implementation. Input validation is performed using Zod schemas for tool parameters, reducing injection risks. There are no obvious hardcoded secrets or malicious patterns observed in the provided source code.
Updated: 2026-01-12GitHub
40
7
Low Cost
Martian-Engineering icon

claude-team

by Martian-Engineering

Sec8

Orchestrate multiple AI coding sessions (Claude Code, Codex) via iTerm2, enabling parallel development, isolated work environments, and streamlined task management.

Setup Requirements

  • ⚠️Requires macOS with iTerm2 installed and the iTerm2 Python API enabled (Preferences → General → Magic → Enable Python API).
  • ⚠️Requires Python 3.11+ and the `uv` package manager for installation and running from source.
  • ⚠️Using `project_path: "auto"` in worker configurations requires the `CLAUDE_TEAM_PROJECT_DIR` environment variable to be set for the MCP server.
Verified SafeView Analysis
The server's core logic for iTerm2 control and filesystem operations (like git worktrees and settings files) appears well-controlled. It does not use `eval` or other obvious dynamic code execution vulnerabilities within its own Python code. The primary security considerations stem from its intended function: orchestrating AI agents that execute commands in a terminal. The `dangerously_skip_permissions` flag explicitly signals a security tradeoff for agent autonomy. Environment variables like `CLAUDE_TEAM_COMMAND` and `CLAUDE_TEAM_CODEX_COMMAND` allow users to configure alternative CLI tools, which could introduce risks if misconfigured to run malicious binaries. However, these are user-configurable inputs, and the server itself facilitates rather than introduces these command executions directly.
Updated: 2026-01-13GitHub
40
17
Low Cost
rianvdm icon

lastfm-mcp

by rianvdm

Sec9

Provides seamless access to Last.fm listening data and music information via AI assistants using the Model Context Protocol.

Setup Requirements

  • ⚠️Requires a Cloudflare Workers account for deployment.
  • ⚠️Requires Last.fm API Key and Shared Secret (obtained from Last.fm API account).
  • ⚠️Requires a secure JWT_SECRET environment variable for session signing.
Verified SafeView Analysis
The server demonstrates good security practices including explicit handling of API keys and secrets via environment variables (Cloudflare Wrangler secrets), OAuth 2.0 implementation with a dedicated provider (`@cloudflare/workers-oauth-provider`), JWT for session management, and rate limiting. A specific `stripResourceFromRequest` function addresses potential OAuth audience mismatch issues with Claude.ai. CORS headers are set, allowing wide access (`*`), which is common for public APIs but worth noting. No 'eval', obfuscation, or overtly malicious patterns were identified.
Updated: 2025-12-12GitHub
40
23
Low Cost
thought2code icon

mcp-annotated-java-sdk

by thought2code

Sec8

Annotation-driven framework for building Model Context Protocol (MCP) servers in Java, simplifying the definition and integration of resources, prompts, and tools for LLM applications.

Setup Requirements

  • ⚠️Requires Java 17 or later.
  • ⚠️Requires Maven 3.6+ or Gradle 7+ for project setup and build.
  • ⚠️Running in SSE or Streamable HTTP mode requires an available network port (default 8080 or 9000).
Verified SafeView Analysis
The SDK primarily focuses on facilitating server development and does not inherently expose critical security flaws. Configuration loading from YAML (classpath) and basic type conversions for method parameters (client input) are handled. The use of Reflection for component discovery is standard for this type of framework. The Jetty HTTP server for SSE/Streamable mode requires proper network security considerations (firewalls, access control) when deployed. The 'disallow-delete: true' setting in the default streamable configuration is a good security practice.
Updated: 2026-01-19GitHub
40
2
Medium Cost
florinel-chis icon

prestashop-mcp

by florinel-chis

Sec9

Provides fast, local, offline access to PrestaShop development documentation for AI assistants and development tools.

Setup Requirements

  • ⚠️Requires Docker for the easiest and recommended installation method.
  • ⚠️Requires Python 3.10+ for local installation.
  • ⚠️Initial indexing takes ~30-60 seconds on the first run.
  • ⚠️For Claude Desktop with Docker, an absolute path to the wrapper script is required in the configuration.
Verified SafeView Analysis
The server includes proper escaping for SQLite FTS5 queries to prevent SQL injection. It explicitly warns against exposing HTTP/SSE transports to the public internet without authentication. No direct use of 'eval' or other highly risky functions was found. The use of 'git clone' for documentation fetching points to a trusted source (PrestaShop's official repository).
Updated: 2025-11-24GitHub
PreviousPage 96 of 760Next