‹ all collections
Ranked collection
MCP Servers to Avoid (Low Grade, Archived or Abandoned)
A defensive-security watchlist of MCP projects that scored a failing grade, were archived by their maintainers, or have gone many months without a commit. Connecting an abandoned server to an autonomous agent is a real risk - these entries failed CheckMCP's audit on maintenance, security, or both. Review before you trust them.
15 servers, ranked by independent MCP Score. Click any to see its full security & quality audit.
| 01 | -DEPRECATED-mcp openfort-xyz/mcp | ◆ repo★ 3 | 3F |
| 02 | mcp-database-server fireproof-storage/mcp-database-server | ◆ repo★ 31 | 19F |
| 03 | mcp prisma/mcp | ◆ repo★ 46 | 22F |
| 04 | discordmcp v-3/discordmcp | ◆ repo★ 220 | 24F |
| 05 | honeycomb-mcp honeycombio/honeycomb-mcp | ◆ repo★ 43 | 38F |
| 06 | mcp-tinybird tinybirdco/mcp-tinybird | ◆ repo★ 79 | 39F |
| 07 | agentkit chargebee/agentkit | ◆ repo★ 16 | 42F |
| 08 | mcp-server-axiom axiomhq/mcp-server-axiom | ◆ repo★ 60 | 42F |
| 09 | mcp-server-box box-community/mcp-server-box | ◆ repo★ 101 | 43F |
| 10 | mcp-audiense-insights AudienseCo/mcp-audiense-insights | ◆ repo★ 18 | 46F |
| 11 | railway-mcp-server railwayapp/railway-mcp-server | ◆ repo★ 193 | 47F |
| 12 | mcp-server e2b-dev/mcp-server | ◆ repo★ 393 | 51F |
| 13 | mcp semgrep/mcp | ◆ repo★ 679 | 54F |
| 14 | azure-mcp Azure/azure-mcp | ◆ repo★ 1.2k | 54F |
| 15 | Broker as a Service chainflip-broker.io | ● live6 tools | 69D |
MCP Servers to Avoid (Low Grade, Archived or Abandoned) — FAQ
How are these MCP servers ranked?+
Every server on this page is independently audited by CheckMCP and scored 0–100 across weighted pillars — for live endpoints: security (OWASP MCP Top 10), tool design, schemas, reliability and context-cost; for repos: maintenance, license, adoption and documentation. Ordering reflects the audit (popularity lists are ordered by GitHub stars instead) — no vendor pays for placement.
Are these MCP servers safe to use?+
Each listing links to a full CheckMCP report showing its grade, per-pillar breakdown and any security findings (tool poisoning, hardcoded secrets, the lethal trifecta). Grade A/B servers passed with no or only minor issues; check the individual report before connecting any server to sensitive data or tools.