Security & Auth MCP Servers

app.thoughtspot/mcp-server

MCP Server for ThoughtSpot - provides OAuth authentication and tools for querying data

ai.smithery/Nekzus-npm-sentinel-mcp

Provide AI-powered real-time analysis and intelligence on NPM packages, including security, depend…

ai.aliengiraffe/spotdb

Ephemeral data sandbox for AI workflows with guardrails and security

ai.smithery/Hint-Services-obsidian-github-mcp

Connect AI assistants to your GitHub-hosted Obsidian vault to seamlessly access, search, and analy…

FedRAMP 20x Requirements

An MCP server that provides access to FedRAMP 20x security requirements and controls.

Arcjet

An MCP server for Arcjet - the runtime security platform that ships with your AI code.

qrcode

QR Code MCP — wraps api.qrserver.com (free, no auth)

Quotable

Quotable MCP — wraps Quotable API (free, no auth)

Sbir

SBIR MCP — wraps the SBIR.gov public API (free, no auth)

sec

SEC MCP — SEC EDGAR public APIs (free, no auth)

io.github.Kzino/vorim-mcp-server

AI agent identity, permissions, trust scores, and tamper-evident audit trails via Vorim AI

universities

Universities MCP — Hipolabs Universities API (free, no auth)

Zendesk

Zendesk MCP Pack — tickets, users, organizations via OAuth.

io.github.KynuxDev/mcp-instagram-dm

Read, send, search & manage Instagram DMs through AI assistants. 15 tools, cookie auth.

Game-dev sprite tools: PNG/GIF to spritesheet, split, trim, animate. OAuth-authenticated MCP server.

crossref

Crossref MCP — wraps the Crossref REST API (academic papers, free, no auth)

SAML and OIDC authentication integration orchestrator.

RelayShield Security Intelligence

Breach detection, SIM swap, domain lookalikes, OAuth watchlist, URL scanning. Subscription or PAYG.

io.github.MCPShield-Dev/mcpshield

Security scanner for MCP servers - detects tool poisoning and injection

Gencove consumer genomics: profile, kit status, ancestry, PRS, raw data. Requires Gencove auth.

MCP Sentinel

Zero-trust MCP security proxy with policy enforcement, PII scrubbing, approvals, and audit trails.

OmegaAI

Query, browse, and automate OmegaAI workspaces from any MCP client. Streamable HTTP with OAuth 2.0.

io.github.BurtTheCoder/virustotal

MCP server for querying VirusTotal API with comprehensive security analysis tools.

OpenAkashic

Shared long-term memory vault for AI agents with 20 MCP tools.

MCP server for trivia: 1.4M+ questions (EN+PL), 24 categories, 12 tools + 4 prompts, OAuth 2.1.

com.mcparmory/codacy

Analyze code quality, security issues, and coverage across repositories

io.github.rom-baro/arcwall-security

Security scanning for AI coding tools. Detects secrets, threat models, and runs pre-commit checks.

io.github.ofershap/devutils

Developer utilities MCP: base64, UUID, hash, JWT decode, cron, timestamps.

Onplana

Project portfolio management for PMOs. Alternative to Microsoft Project Online. OAuth + PAT.

io.github.ofershap/dns

MCP server for DNS lookups, reverse DNS, WHOIS, and domain checks — zero auth, zero config

Service Public France

French public services: tax, property, admin, education, healthcare, security, risks, legal texts

RunSec MCP server for workspace security scanning and remediation workflows.

Bright Security

AI-powered application security testing — scan APIs, discover endpoints, and find vulnerabilities.

Prizmad

Generate AI UGC video ads from any product URL — avatars, voiceover, OAuth Connect.

io.github.jnMetaCode/shellward

AI agent security: 7 MCP tools for injection detection, PII scanning, command safety, DLP.

io.github.O-mega-Enterprise/suprsonic-mcp

One API key, dozens of capabilities for your AI agent. Zero provider auth.

SkillsSafe Security Scanner

AI skill security scanner. Detects prompt injection, credential theft, ClawHavoc. Free, no signup.

Microsoft 365 Admin

Microsoft 365 administration via Graph API application permissions (read-only by default).

io.github.Olum289/agentlock

Security gateway for AI agents: policy, approval, and audited execution, no secrets shared.

PageLens AI

AI website audit: security, SEO, performance, UX and accessibility checks with actionable fixes.

io.github.Pantheon-Security/notebooklm-mcp-secure

Security-hardened NotebookLM MCP with post-quantum encryption

com.zeltser/website-search

Improve security writing, score it against rubrics, plan IR, CTI, vuln, and product strategy.

io.github.Thezenmonster/agentscore

MCP security trust layer: scan packages, inspect repos, check exposure, monitor changes.

ArchGraph

Code intelligence platform for AI agents. 20 tools for architecture, security & impact analysis.

io.github.onelogin/onelogin-mcp

MCP server for OneLogin API - manage users, apps, roles, and authentication

io.github.onetrueclaude-creator/vault-health-mcp

Obsidian vault structural health: broken links, orphans, missing frontmatter, safe auto-repair.

io.github.RCOLKITT/vaspera-hardening

Enterprise certification for codebases with multi-agent security, reliability, and quality audits

SentinelGate

Open-source MCP proxy for AI agent access control with CEL policies, RBAC, and audit.

io.github.sparkvibe-io/GuardianShield

AI security layer: code scanning, PII detection, prompt injection, secrets, CVEs

npm registry MCP server — package intelligence, security audits, dependency analysis

Smart contract security for AI agents — verify, monitor, freeze, x402 payments

io.github.Srishesh-Archik/dyer-md

Access your dyer.md Markdown vault as a knowledge source for AI agents.

Audits other MCP servers for security risks. Returns safe / caution / unsafe / inconclusive.

io.github.RobotFleet-HQ/security-orchestra

Multi-agent MCP platform for data centers and critical power.

Agentic Security Shield

12-layer security configs for AI coding agents. Autonomous purchase via x402 (USDC on Base).

io.github.strangeadvancedmarketing/adam-framework

Persistent memory tools for Claude Desktop. Search your vault or Obsidian notes mid-conversation.

io.github.oscal-compass/compliance-trestle-mcp

An MCP server that provides tools to author OSCAL security compliance documentation

io.github.sudomichael/gizmoanalytics

Cookieless analytics for AI coding agents. Install in one prompt, 28 tools, OAuth onboarding.

io.github.SPerekrestova/interactive-leetcode-mcp

Interactive LeetCode MCP server with authorization and solution submission capabilities

io.github.Saga-Labs/dora-mcp

Multi-model AI image and video generator. 14 models behind one OAuth-secured MCP endpoint.

io.github.Sahib-Sawhney-WH/looking-glass-mcp

AI-native browser for agents. 71 tools with self-healing, semantic extraction, vault CLI.

io.github.theYahia/calltouch-mcp

MCP server for Calltouch API — call tracking, call statistics. Token auth.

io.github.theYahia/sber-mcp

MCP server for Sberbank API — accounts, statements. Bearer token auth.

io.github.theYahia/sendpulse-mcp

MCP server for SendPulse API — mailing lists, email sending, statistics. OAuth2 auth.

io.github.theYahia/unisender-mcp

MCP server for UniSender API — email lists, campaigns, contacts. API key auth.

Electron.js MCP server — IPC scaffolding, security auditing, build tooling for AI assistants

SSL Checker API

SSL certificate check — validity, expiry, issuer, chain, grade. x402 micropayment.

GitHub PR Review Context

AI code review grounded in your repo history. Supports Test Gen and Security Audits.

io.github.TotesMagotes/mcp-server-auth

Submit receipts, run income/P&L/mileage/subscription analytics, create reports in ExpenseBot.

Arca is a private data vault where your AI stores your structured data, semantic memory and skills.

zenquotes

ZenQuotes MCP — wraps ZenQuotes API (free, no auth)

Nws

NWS MCP — US National Weather Service (no auth)

io.github.parth-unjiya/odoo-mcp-gateway

Security-first MCP gateway for Odoo 17/18/19 — YAML-driven security, 27 tools

Multi-workspace Slack MCP server with draft+confirm safety, vault auto-export, a

Multi-workspace Slack MCP server with draft+confirm safety, vault auto-export, and triple-mode…

io.github.Spacetime-Technology/safehold

Local, encrypted MCP vault for passports, IDs, visas and photos. You control access.

io.github.pdaxt/pqvault

Post-quantum secrets manager for AI agents. ML-KEM-768 + X25519 + AES-256-GCM.

Dredd MCP

Pre-flight MCP security. Blocks compromised deps + tool drift. HMAC-signed. Dredd judges.

io.github.vola-trebla/env-secret-exposure-analyzer-mcp

Scans projects for secret exposure: leaked API keys, unprotected .env files, and secrets in logs.

io.github.Easysend-co/easysend

EasySend file sharing MCP server - upload, download and share files. No authentication required.

VMware NSX Security

VMware NSX security: DFW policies, security groups, tags, Traceflow, IDPS — 20 MCP tools.

MCP Marketplace

Search and install 4,000+ security-scanned MCP servers from inside any MCP-aware AI client.

MCP gateway with 10 tools for code analysis, architecture, package audit & security.

Abnormal Security

MCP server for Abnormal Security — AI-powered email threat detection, cases, and remediation.

drwho.me developer tools

Remote MCP server: 10 developer utilities (base64, JWT, DNS, UUID, URL, JSON, UA, IP lookup).

Intent security pre-flight checks for autonomous AI agents.

io.github.yifanyifan897645/webcheck

Website health analysis: SEO, accessibility, performance, security, and broken links

SSO identity auditor protecting SAML and OpenID configurations.

ITEON MCP Server

Polski software house B2B: 5 public + 7 OAuth 2.1 private MCP tools (AI estimate, draft, risk).

PII and secrets sanitization gateway with advanced OCR merging logic.

Zero-knowledge proof validator and cryptographic locker.

io.github.onetrueclaude-creator/hebbian-vault

Usage-adaptive Obsidian vault search: Hebbian + PageRank + BM25 hybrid ranking.

io.github.operantlabs/operant-mcp

Security testing MCP server for penetration testing, forensics, and vulnerability assessment

Judges Panel

45 judges that evaluate AI-generated code for security, cost, and quality with built-in AST.

OpsConduit Jobber MCP

Customer-hosted read-only MCP server for Jobber ops reports, OAuth setup, and GraphQL validation.

uooks

Books MCP — wraps Open Library API (free, no auth)

caruon

Carbon MCP — UK Carbon Intensity API (free, no auth)

Cataas

CATAAS MCP — Cat as a Service (free, no auth)

catfacts

Cat Facts MCP — wraps Cat Facts API (free, no auth)

chucknorris

Chuck Norris MCP — wraps chucknorris.io (free, no auth)

cityuikes

Citybikes MCP — wraps CityBik.es API (free, no auth required)

guif

GBIF MCP — wraps the Global Biodiversity Information Facility API v1 (free, no auth)

holidays

Holidays MCP — wraps Nager.Date API (free, no auth)

ipinfo

IPInfo MCP — wraps ipinfo.io (free tier, no auth required for basic usage)

iplookup

IP Lookup MCP — ip-api.com (free, no auth for basic usage)

jokes

Jokes MCP — wraps JokeAPI v2 (free, no auth)

Jsonplaceholder

JSONPlaceholder MCP — wraps JSONPlaceholder fake REST API (free, no auth)

nationalize

Nationalize MCP — nationality prediction from first name (nationalize.io, free, no auth)

newton

Newton MCP — wraps the Newton math solver API (free, no auth)

nhtsa

NHTSA MCP — wraps the NHTSA vPIC (Vehicle Product Information Catalog) API (free, no auth)

Nih Reporter

NIH RePORTER MCP — every NIH-funded research project (free, no auth)

nouel

Nobel MCP — wraps the Nobel Prize API v2 (free, no auth)

npm

npm MCP — wraps the npm Registry API (free, no auth)

nutrition

Nutrition MCP — wraps Open Food Facts API (free, no auth)

onthisday

On This Day MCP — wraps byabbe.se/on-this-day (free, no auth)

MCP Protocol Conformance

MCP conformance test harness. JSON-RPC, OAuth 2.1 PKCE, schemas, smoke, annotations. CLI + lib.

Open Elevation

Open-Elevation MCP — terrain elevation by lat/lon (no auth)

Owid

OWID MCP — Our World in Data chart/indicator access (free, no auth)

poetry

Poetry MCP — PoetryDB API (free, no auth)

puumed

PubMed MCP — wraps the NCBI E-utilities API (biomedical literature, free, no auth)

Pypi

PyPI MCP — wraps the PyPI JSON API (free, no auth)

spacex

SpaceX MCP — wraps SpaceX API v4 (free, no auth)

Spotify

Spotify MCP — Web API via client_credentials OAuth

swisstransport

Swiss Transport MCP — wraps Transport Open Data API (free, no auth)

xkcd

XKCD MCP — wraps xkcd.com JSON API (free, no auth)

AgentLair

AI agent email, vault, and calendar. Tamper-evident audit trail for EU AI Act compliance.

MCP OpenClaw Extensions

138-tool MCP server for AI agent firms: security, A2A, Hebbian memory, fleet mgmt

io.github.rsdouglas/janee

Secure secrets proxy for AI agents — manages API keys so agents never see raw credentials.

MCP for Oura

Multi-tenant hosted MCP server for Oura Ring — 21 read-only tools, OAuth per user.

io.github.ryudi84/jwt-forge-mcp

Decode and inspect JWT tokens — header, payload, expiry check

SlateHut

AI website builder (Wix/Framer alt). SlateHut MCP over HTTP: tools, schemas. Bearer auth.

Scan an MCP server for EU AI Act Art. 50, tool quality, OAuth hygiene & security before shipping.

Hive Cdn

Edge content delivery for autonomous agents — signed manifests, A2A authentication

Hive Vault

A2A ZK wallet recovery — guardian swarm, no seed phrase, HiveLaw enforcement

AiEGIS

AI agent security and governance. Register, verify, scan, and monitor agents.

advice

Advice MCP — wraps Advice Slip API (free, no auth)

Minimal MCP server for Ghost Security API - compatible with all MCP clients

archive

Archive MCP — wraps the Internet Archive APIs (free, no auth)

art

Art MCP — Metropolitan Museum of Art Collection API (free, no auth)

Arxiv

arXiv MCP — preprint server search (free, no auth)

Asana

Asana MCP — wraps the Asana REST API (OAuth)

Android Security Analyzer

MCP server for static security analysis of Android source code

climate

Climate MCP — wraps Open-Meteo Climate API (free, no auth)

Multi-asset whale forensics: BTC, ETH, SOL, USDT, tokenized gold. 45 tools, free OAuth tier.

Congress

Congress MCP — US Congress data via GovTrack API (free, no auth required)

Crates

Crates.io MCP — wraps the crates.io REST API v1 (free, no auth)

The Colony

Public social network for AI agents — 21 tools, polling-diff resource, JWT auth.

Helixar Security

Security tools for AI agents: scan MCP servers, validate HDP delegation chains, audit releases.

dadjokes

Dad Jokes MCP — wraps icanhazdadjoke.com (free, no auth)

com.civic/nexus

Zero-setup MCP gateway securely connecting AI to your tools with authentication and workflows

io.github.auroracapital/claude-ops-telegram-server

Telegram personal-account MCP (MTProto user-auth). Read DMs, send messages, search across chats.

deckofcards

Deck of Cards MCP — wraps deckofcardsapi.com (free, no auth)

Defillama

DefiLlama MCP — DeFi analytics from DefiLlama (free, no auth)

mcpwall

iptables for MCP — blocks dangerous tool calls, scans for secrets, logs everything.

Devto

DEV.to MCP — wraps the DEV Community API (free, no auth for public reads)

io.github.bx33661/wireshark-mcp

Professional network analysis with tshark. Security audits, deep-dives, and threat detection.

diceuear

DiceBear MCP — wraps DiceBear Avatar API v7 (free, no auth)

dictionary

Dictionary MCP — wraps Free Dictionary API (free, no auth)

disify

Disify MCP — wraps Disify API (free, no auth)

Brivvy MCP

Brivvy MCP (OAuth): on-brand AI content, voice rules, templates, glossary.

dnd5e

D&D 5e MCP — wraps the D&D 5th Edition API (free, no auth)

Dockerhub

Docker Hub MCP — wraps the Docker Hub v2 API (free, no auth required for public data)

dogceo

Dog CEO MCP — wraps Dog CEO's Dog API (free, no auth)

dogsapi

DogsAPI MCP — wraps dogapi.dog v2 API (free, no auth)

domains

Domains MCP — Domainsdb.info API (free, no auth)

Edgar

EDGAR MCP — SEC EDGAR public APIs (free, no auth)

io.github.carlosofscience/bulk-url-checker

Validate up to 75,000 URLs per job (status, redirects, response times). OAuth 2.1.

emojihub

EmojiHub MCP — wraps EmojiHub API (free, no auth)

Epa Echo

EPA ECHO MCP — wraps EPA ECHO Web Services (free, no auth)

Epa Emissions

EPA Emissions MCP — wraps EPA Envirofacts REST API (free, no auth)

exchange

Exchange MCP — wraps the Frankfurter currency exchange API (free, no auth)

exchangerate

ExchangeRate MCP — wraps open.er-api.com (free, no auth)

cnvs.app

Zero-auth real-time collaborative whiteboard with MCP — AI agents + humans edit the same board live.

Cinderfi — Retirement Planning

Retirement planning for Canada & US. CPP/OAS, Social Security, RRSP/TFSA, 401k/IRA, Monte Carlo.

AI-powered codebase analysis — call graphs, security, dead code, complexity. 150+ tools.

AI Reasoning Commons

Search, reuse, verify AI reasoning. Task marketplace with leaderboard. Zero-barrier, no auth.

com.clauxel.mcpoauthscopegate/mcpoauthscopegate-mcp

OAuth scope approvals and consent receipts for remote MCP servers.

Multi-tenant business platform — 6,000+ RBAC-gated MCP tools across finance, ops, docs, agents.

com.craftedtrust/mcp-shield

Trust verification for MCP servers. Check scores, scan for security issues, search 4,200+ servers.

Holster MCP

Local-first secret scanning, rotation, vault, and audit-log tools for AI agents.

Gradus Notation

Render music notation (SVG/MusicXML/MIDI), analyze, search music theory. Free, no auth, no GUI.

JPYC Agent MCP

OAuth-protected JPYC wallet, transfer, and contract workflows on Polygon.

com.mcparmory/outline

Create, manage, and organize team documents, collections, and share permissions

CloudClaw

AI agent hosting platform: 37+ connectors, 181 tools, BYOK vault, marketplace.

io.github.codespar/mcp-ap2

MCP server for AP2 — Google's Agent-to-Agent Payment Protocol (authorization, audit, trust)

io.github.duriantaco/skylos

Dead code, security, secrets detection and code quality for Python, TypeScript, Go.

Recruiter-scoped search across Latin America's largest tech talent pool. OAuth-authenticated.

io.github.Ansvar-Systems/ot-security-mcp

OT security standards: IEC 62443, NIST 800-82/53, MITRE ATT&CK for ICS

Linear MCP (multi-workspace, PAT auth)

Multi-workspace Linear MCP — PAT auth, 57 tools + 3 prompts, substrate enforcement, drop-in.

TridentChain Security

Local supply-chain CVE scanner via OSV/NVD. Scans deps and IDE extensions. No upload.

1,451 security controls across 261 frameworks with bidirectional mapping

io.github.node-man/dechonet-mcp

13 security recon tools for AI agents — DNS, SSL, HTTP, email, ports, ASN. Health Score 0-100.

io.github.sathergate/lockbox

Encrypted secrets for Next.js. AES-256-GCM with no vault needed.

io.github.oomkapwn/enquire-mcp

Long-term memory for AI agents — your Obsidian vault as searchable persistent memory.

io.github.Digital-Defiance/mcp-filesystem

Advanced filesystem operations with strict security boundaries for AI agents

MikroMCP

MCP server for MikroTik RouterOS: typed tools, dry-run, RBAC, audit logs, and rollback.

io.github.ironclawdevs27/argus

Automated web QA via Chrome DevTools MCP — JS, a11y, security, visual, env diff, CI reporting.

OpenClaw MCP Server

MCP server bridging Claude.ai/Desktop with self-hosted OpenClaw via OAuth 2.1.

MCP ZAP Server

Safe, self-hosted OWASP ZAP operator for guided AI security scans and reports.

io.github.matiasbattocchia/google-mcp

Streamable HTTP MCP server for Google Calendar and Sheets with OAuth login.

airquality

Air Quality MCP — wraps air-quality-api.open-meteo.com (free, no auth)