Plans that grow with your MCP workflow
Start free. Upgrade when you need private repos, deeper scans, or team governance.
Community
Publish and certify MCP servers on the public catalog — free forever
Open by design
MCP-Hub's public catalog is open-source. Every public MCP is scanned, scored, and certified transparently — so the community can trust what it installs.
- Up to 50 public MCP servers
- 100 scans per month
- Automated security scoring on every version
- GitHub, GitLab & Bitbucket integration
- Basic scan reports with vulnerability summary
- One-click install command for every certified MCP
- Community docs and support
Pro
Ship faster with private repos, deeper analysis, and full control over your MCPs
Save 16%
- Everything in Community, plus:
- Publish private MCP servers visible only to you
- Up to 200 MCPs — publish publicly or keep them private
- 1,000 monthly scans with up to 5 running in parallel
- Connect GitHub, GitLab & Bitbucket for one-click import
- Real-time analytics: downloads, installs, and adoption trends
- Export your data as JSON or CSV for CI/CD pipelines
- Priority support with faster response times
Org Free
Collaborate on MCP servers with your team — free to get started
- Up to 5 team members
- Up to 10 organization MCPs
- 2 roles: Owner and Member
- 30-day audit log retention
- 2 service tokens
- Public MCP servers only
Enterprise
Full governance over AI tooling — policies, compliance, and unlimited scale
Billed annually
- Everything in Org Free, plus:
-
Team & Access
- Unlimited team members
- 4 roles: Owner, Admin, Member, Viewer
- GRC API with OCSF v1.3.0 compliance events
-
Private Registry
- Unlimited organization MCPs
- Private MCP servers for internal use
-
Policy Engine
- Enforce security policies before any MCP reaches production
- Per-MCP access control for team members
-
Compliance & Audit
- Unlimited audit log retention
- Audit-ready PDF reports for compliance and security reviews
- GRC API integration (Drata, Vanta, Riskitera, and more)
- Dedicated account manager with SLA guarantees
-
EU Hosted GDPR Compliant
Compare plans
See exactly what's included in each plan
| Community | Pro | |
|---|---|---|
| Publishing | ||
| Public MCP servers | ||
| Private MCP servers | — | |
| MCP limit | 50 | 200 |
| Security & Scanning | ||
| Automated scoring | ||
| Scan reports | Basic | Detailed |
| Scans / month | 100 | 1,000 |
| Integrations | ||
| GitHub / GitLab / Bitbucket | ||
| Export (JSON/CSV) | — | |
| Support | ||
| Community docs | ||
| Priority support | — | |
Compare plans
See exactly what's included in each organization plan
| Org Free | Enterprise | |
|---|---|---|
| Team & Access | ||
| Team members | 5 | Unlimited |
| Available roles | Owner, Member | Owner, Admin, Member, Viewer |
| GRC API (OCSF) | — | |
| Private Registry | ||
| Organization MCPs | 10 | Unlimited |
| Private MCP servers | — | |
| Per-MCP access control | — | |
| Governance | ||
| Policy engine | — | |
| Audit log retention | 30 days | Unlimited |
| Scan reports | Basic | Detailed + PDF |
| GRC API integration | — | |
| Support | ||
| Community docs | ||
| Dedicated manager + SLA | — | |
Frequently asked questions
-
Every MCP published to the Community plan appears in the public catalog at mcp-hub.info. Anyone can browse, search, and install these MCPs using MCP Cage - The MCP Sandbox CLI. Your scan results and security scores are also public, which builds trust with users.
-
Yes! You can upgrade at any time from your billing settings. Your existing MCPs and data carry over seamlessly. You'll get immediate access to Pro features like private servers and detailed scan reports.
-
Your private MCPs become inaccessible (not deleted). You keep all public MCPs unchanged. If you upgrade again later, your private MCPs become available again with all their history intact.
-
Our proprietary engine combines custom deep-learning models — trained on hundreds of thousands of real-world vulnerability samples — with advanced static-analysis algorithms including taint propagation and multi-pass pattern matching. Each MCP version is scanned for 14 vulnerability classes across Python, TypeScript, JavaScript, and Go, producing a deterministic security score (0-100). This technology is developed entirely in-house and not available in any other scanner on the market.
-
Community is free forever with no trial needed. For Pro, we don't currently offer a free trial — but you can start with Community and upgrade when you need private repos or deeper analysis. Enterprise trials are available upon request.
-
Enterprise pricing depends on team size, scan volume, and whether you need a private registry or custom SLA. Contact our sales team for a tailored quote — most plans start from €490/mo billed annually.
-
Yes! The Pro plan supports private MCP servers that are only visible to you. Enterprise adds a fully private registry, team-based access controls, and policy enforcement — ideal for organizations that want to keep all MCPs internal.
-
Enterprise plans include audit-ready PDF reports, immutable security snapshots per version, and full traceability from source to certified artifact. We support SOC 2 and ISO 27001 compliance workflows out of the box.