‹ all collections
Ranked collection

MCP Servers to Avoid (Low Grade, Archived or Abandoned)

A defensive-security watchlist of MCP projects that scored a failing grade, were archived by their maintainers, or have gone many months without a commit. Connecting an abandoned server to an autonomous agent is a real risk - these entries failed CheckMCP's audit on maintenance, security, or both. Review before you trust them.

15 servers, ranked by independent MCP Score. Click any to see its full security & quality audit.

MCP Servers to Avoid (Low Grade, Archived or Abandoned) — FAQ

How are these MCP servers ranked?+
Every server on this page is independently audited by CheckMCP and scored 0–100 across weighted pillars — for live endpoints: security (OWASP MCP Top 10), tool design, schemas, reliability and context-cost; for repos: maintenance, license, adoption and documentation. Ordering reflects the audit (popularity lists are ordered by GitHub stars instead) — no vendor pays for placement.
Are these MCP servers safe to use?+
Each listing links to a full CheckMCP report showing its grade, per-pillar breakdown and any security findings (tool poisoning, hardcoded secrets, the lethal trifecta). Grade A/B servers passed with no or only minor issues; check the individual report before connecting any server to sensitive data or tools.