MCP Marketplace Launches Security-Scanned Directory of 1,900+ MCP Tool Plugins
Security-First MCP Plugin Directory
MCP Marketplace addresses trust issues in the growing MCP ecosystem by providing a security-scanned directory of over 1,900 MCP tool plugins. The platform was created in response to concerns about giving unvetted servers access to files, databases, and API keys.
Security Features
Every plugin listed on mcp-marketplace.io undergoes multi-layer security analysis before being included in the directory. The platform provides:
- Risk scores (0-10 scale) with detailed reports covering data exfiltration, obfuscated code, excessive permissions, and known vulnerabilities
- Endpoint probing for remote servers to check authentication and transport security
- Full transparency with security reports visible on every listing
Directory Contents and Installation
The marketplace currently includes:
- 1,900+ MCP servers
- Community reviews
- Creator reputation grades and profiles
- One-click installation for Claude Desktop, Cursor, ChatGPT, VS Code, and other platforms
The creator is soliciting feedback about security concerns with MCP servers and what would make developers trust a plugin enough to install it.
📖 Read the full source: r/LocalLLaMA
👀 See Also
Claude Code v2.1.166: Fallback Models, Glob Deny Rules, Cross-Session Hardening
Claude Code v2.1.166 introduces up to 3 fallback models, glob pattern support in deny rules, hardened cross-session messaging, and fixes for terminal flickering, orphaned processes, and more.
soul.py adds persistent memory to local LLMs with simple file-based approach
soul.py is a Python library that adds persistent memory to any LLM using two markdown files for identity and conversation logging, working with Ollama, OpenAI, and Anthropic models without requiring databases or servers.
Claude Counter: Android app tracks Claude usage limits with real-time notifications
A developer built Claude Counter, a free Android app that polls Claude's API to display live session and weekly usage limits. The app shows progress bars, provides rich notifications with percentage remaining, and alerts when limits reset.
CLI-Anything-WEB: Open-source plugin that reverse-engineers any website into a Python CLI for Claude Code
CLI-Anything-WEB is an open-source Claude Code plugin that watches your browser traffic, reverse-engineers the protocol, and generates a full Python CLI with auth, tests, and --json support. 19 sample CLIs included for sites like Reddit, Booking, Airbnb, ChatGPT, and LinkedIn.