Discover Awesome MCP Servers

Anki MCP

Enables AI assistants like Claude to interact with Anki flashcard decks through AnkiConnect. Supports creating and managing decks, basic and cloze deletion cards, searching existing cards, and organizing content with tags.

Angle One MCP Server

Implementasi server MCP yang terintegrasi dengan API Angle One untuk menyediakan akses standar ke data pasar keuangan, operasi perdagangan, dan manajemen portofolio.

Educational MCP Server

Enables AI assistants to access educational domain tools including grading, cognitive diagnosis, knowledge tracing, learning path recommendations, and sentiment analysis through FastAPI-powered small models.

Venice Browser MCP Bridge

Enables browser automation through Playwright with persistent sessions and cookie state management. Supports web navigation, page interaction, and browser control via JSON-RPC protocol over stdin/stdout.

🚀 Operative.sh Web QA Agent MCP Server

Sebuah server MCP yang mengevaluasi aplikasi web.

Bug Bounty Hunter MCP

Professional security testing server with 50+ integrated tools for web application vulnerability scanning, reconnaissance, fuzzing, and API testing. Enables comprehensive bug bounty hunting workflows including subdomain enumeration, XSS/SQLi detection, and automated security assessments.

MCP File System Server

A simple Model Context Protocol server that enables AI assistants to interact with local file systems, allowing them to read, write, update, and delete files within a specified project directory.

Bullhorn CRM MCP Server by CData

This read-only MCP Server allows you to connect to Bullhorn CRM data from Claude Desktop through CData JDBC Drivers. Free (beta) read/write servers available at https://www.cdata.com/solutions/mcp

blogburst-mcp-server

AI content generation, repurposing, and multi-platform publishing for 9+ social media platforms. Generate blog posts, discover trending topics, brainstorm titles, and publish to Twitter, LinkedIn, Bluesky, and more.

API Testing MCP

A lightweight, local-first MCP server for executing HTTP requests and managing API collections and environments without cloud dependencies. It enables testing APIs, handling authentication, and importing OpenAPI specifications directly within MCP-compatible workflows.

Amazon MCP Server

Enables interaction with Amazon services through AI assistants, allowing users to search products, manage their cart, view order history, and place orders using natural language.

A-SOC Trust MCP Server

Provides agent certification and trust verification tools for AI agents, enabling certification checks, trust score calculations, audit ticket issuance, and emergency kill switch activation through the A-SOC trust network.

HopperPyMCP

A FastMCP server plugin for the Hopper disassembler that enables AI assistants to analyze binary files, disassemble procedures, generate call graphs, search strings, and manage reverse engineering tasks. Provides comprehensive binary analysis capabilities including decompilation, annotation tools, and reference tracking through natural language interactions.

Python Dependency Manager Companion

Provides up-to-date Python package manager commands by cross-referencing official pip, poetry, uv, and conda documentation with automatic weekly updates.

Cline Email MCP Auto-Setup

Automatically configures email notification functionality for Cline through SMTP integration. Enables Cline to send email notifications for task completion, errors, or user input requirements with automated setup and testing.

Crossmint Checkout MCP Server

Enables AI agents to programmatically purchase physical and virtual goods from platforms like Amazon and Shopify using stablecoins, without the need for virtual debit cards or browser automation.

Hello World MCP Server

A simple demonstration server for the Model Context Protocol that provides tools for creating and managing greetings with support for multiple transport methods (stdio, HTTP, SSE).

MCP Servers Hub

Cermin dari

peer-mcp

Here are a few options for translating "MCP Proxy to Expose Local MCP Server" into Indonesian, depending on the nuance you want to convey: **Option 1 (Most Direct):** * **Proksi MCP untuk Memaparkan Server MCP Lokal** * This is a very literal translation and easily understood. **Option 2 (Slightly More Technical):** * **Proksi MCP untuk Mengekspos Server MCP Lokal** * "Mengekspos" is a slightly more technical term for "expose" and might be preferred in a more formal context. **Option 3 (Emphasizing Accessibility):** * **Proksi MCP untuk Membuat Server MCP Lokal Dapat Diakses** * This emphasizes the purpose of the proxy, which is to make the local server accessible. It translates to "MCP Proxy to Make Local MCP Server Accessible." **Option 4 (Using "Menyediakan" - To Provide):** * **Proksi MCP untuk Menyediakan Akses ke Server MCP Lokal** * This translates to "MCP Proxy to Provide Access to Local MCP Server." **Which one is best?** * **Option 1 (Proksi MCP untuk Memaparkan Server MCP Lokal)** is generally a good choice for its simplicity and clarity. * If you're writing for a more technical audience, **Option 2 (Proksi MCP untuk Mengekspos Server MCP Lokal)** might be slightly better. * If you want to emphasize the *purpose* of the proxy, **Option 3 (Proksi MCP untuk Membuat Server MCP Lokal Dapat Diakses)** is a good choice. Ultimately, the best translation depends on the specific context and your target audience.

PubMed MCP Server

A bridge connecting AI agents to NCBI's PubMed database through the Model Context Protocol, enabling seamless searching, retrieval, and analysis of biomedical literature and data.

Claude MCP x Google Docs

A Model Context Protocol server that enables AI assistants like Claude to read from, append to, and format text in Google Documents programmatically.

MCP Epic Free Games

Provides tools to retrieve information about current and upcoming free games on the Epic Games Store. It allows users to access game details including titles, descriptions, and claim URLs through Model Context Protocol clients.

Memento Protocol Enhanced

An enhanced memory management system that wraps memento-mcp with sophisticated features including protocol enforcement, quality scoring, hybrid search strategies, and synthesis reports. Enables intelligent memory storage, retrieval, and analysis with automatic archival and confidence tracking.

The code samples here are not for production use

Here are a few ways to secure an agentic tool repository with an execution environment, focusing on key aspects like access control, sandboxing, and monitoring: **1. Access Control and Authentication:** * **Authentication:** * **Strong Authentication:** Implement multi-factor authentication (MFA) for all users accessing the repository and execution environment. This adds a crucial layer of security beyond just passwords. * **API Keys/Tokens:** For programmatic access (e.g., by agents), use API keys or tokens with limited scopes and expiration dates. Rotate these keys regularly. * **Identity Providers (IdPs):** Integrate with established IdPs (like Google, Azure AD, Okta) for centralized user management and single sign-on (SSO). * **Authorization (Role-Based Access Control - RBAC):** * **Granular Permissions:** Define roles with specific permissions. For example: * `Admin`: Full access to manage the repository, tools, and execution environment. * `Developer`: Can create, modify, and test tools, but not deploy to production. * `Operator`: Can deploy and monitor tools, but not modify them. * `User`: Can execute tools with pre-defined parameters, but not modify or deploy them. * **Least Privilege:** Grant users only the minimum permissions they need to perform their tasks. This principle significantly reduces the potential impact of compromised accounts. * **Resource-Based Access Control (RBAC):** Extend RBAC to individual tools or resources within the repository. For example, some tools might be restricted to specific users or groups. **2. Sandboxing and Isolation:** * **Containerization (Docker, Podman):** * **Tool Isolation:** Package each tool in its own container. This isolates tools from each other and from the host system, preventing malicious code in one tool from affecting others. * **Resource Limits:** Set resource limits (CPU, memory, disk I/O) for each container to prevent resource exhaustion or denial-of-service attacks. * **Immutable Infrastructure:** Use immutable container images. Once built, images should not be modified. This ensures consistency and prevents unauthorized changes. * **Virtualization (VMs):** * **Stronger Isolation:** VMs provide a higher level of isolation than containers, but they are also more resource-intensive. Consider VMs for tools that require very high security or have complex dependencies. * **Secure Execution Environments (Sandboxes):** * **Restricted File System Access:** Limit the tool's access to the file system. Use a "chroot" jail or similar mechanism to restrict the tool to a specific directory. * **Network Isolation:** Restrict the tool's network access. Use firewalls or network policies to allow only necessary connections. Consider a "zero trust" network model. * **System Call Filtering:** Use seccomp (Secure Computing Mode) or similar technologies to filter system calls that the tool can make. This can prevent the tool from performing dangerous operations. * **Language-Specific Sandboxes:** For tools written in languages like Python or JavaScript, use language-specific sandboxing libraries or techniques to further restrict their capabilities. **3. Input Validation and Sanitization:** * **Strict Input Validation:** Thoroughly validate all input to the tools. This includes checking data types, formats, and ranges. Reject any input that does not conform to the expected format. * **Input Sanitization:** Sanitize input to prevent injection attacks (e.g., SQL injection, command injection). Escape or remove any characters that could be interpreted as code. * **Parameterization:** Use parameterized queries or prepared statements when interacting with databases. This prevents SQL injection attacks. **4. Monitoring and Logging:** * **Comprehensive Logging:** Log all tool executions, including input parameters, output, and any errors. Include timestamps, user IDs, and other relevant information. * **Centralized Logging:** Send logs to a central logging server for analysis and auditing. Use a log management system like Elasticsearch, Splunk, or Graylog. * **Real-time Monitoring:** Monitor the execution environment for suspicious activity. Set up alerts for unusual resource usage, failed executions, or security events. * **Auditing:** Regularly audit the logs to identify potential security vulnerabilities or policy violations. **5. Code Review and Security Testing:** * **Code Review:** Have all tool code reviewed by multiple developers to identify potential security flaws. * **Static Analysis:** Use static analysis tools to automatically scan the code for security vulnerabilities. * **Dynamic Analysis (Fuzzing):** Use dynamic analysis tools to test the tool's behavior with a wide range of inputs, including malicious inputs. * **Penetration Testing:** Hire a penetration tester to attempt to exploit vulnerabilities in the system. **6. Dependency Management:** * **Dependency Scanning:** Use dependency scanning tools to identify vulnerabilities in third-party libraries and dependencies. * **Dependency Pinning:** Pin dependencies to specific versions to prevent unexpected behavior or security vulnerabilities caused by updates. * **Vulnerability Management:** Have a process for tracking and patching vulnerabilities in dependencies. **7. Secrets Management:** * **Don't Hardcode Secrets:** Never hardcode secrets (passwords, API keys, etc.) in the code. * **Vaults (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault):** Use a secrets management system to securely store and manage secrets. * **Environment Variables:** Store secrets in environment variables, but ensure that the environment variables are properly protected. **8. Network Security:** * **Firewall:** Use a firewall to restrict network access to the execution environment. * **Intrusion Detection/Prevention System (IDS/IPS):** Use an IDS/IPS to detect and prevent malicious network traffic. * **Network Segmentation:** Segment the network to isolate the execution environment from other systems. **9. Regular Updates and Patching:** * **Keep Software Up-to-Date:** Regularly update all software, including the operating system, container runtime, and dependencies. * **Patch Management:** Have a process for applying security patches promptly. **Example Scenario (Docker-based):** 1. **Authentication:** Users authenticate via an OAuth 2.0 provider (e.g., Google). 2. **Authorization:** RBAC is implemented using a policy engine like Open Policy Agent (OPA). Policies define which users can execute which tools. 3. **Sandboxing:** Each tool is packaged in a Docker container with resource limits. 4. **Input Validation:** A validation library is used to validate all input to the tool. 5. **Logging:** All tool executions are logged to Elasticsearch. 6. **Secrets Management:** Secrets are stored in HashiCorp Vault and injected into the container at runtime. 7. **Network Security:** A firewall restricts network access to the container. **Key Considerations:** * **Complexity:** Implementing these security measures can be complex and require significant effort. * **Performance:** Sandboxing and security measures can impact performance. It's important to balance security with performance. * **Automation:** Automate as much of the security process as possible, including vulnerability scanning, patching, and configuration management. * **Continuous Improvement:** Security is an ongoing process. Regularly review and update your security measures to address new threats and vulnerabilities. By implementing these security measures, you can significantly reduce the risk of security breaches and protect your agentic tool repository and execution environment. Remember to tailor these recommendations to your specific needs and environment.

GitHub MCP Tools

Program Multi-Claude untuk berinteraksi dengan API GitHub melalui Claude Desktop, memungkinkan pengguna untuk mencari repositori, mengelola isu, *pull request*, pengaturan repositori, alur kerja, dan kolaborator.

argocd-mcp

argocd-mcp