The MCP marketplace continues to mature, with developer adoption clustering around official integrations and structural tooling.
The MCP marketplace continues to mature, with developer adoption clustering around official integrations and structural tooling. This week's new review adds another option for codebase navigation, while the most-viewed servers reveal a pattern: developers are reaching for broad, multi-tool connectors first, which means your allowlist strategy needs to account for how policies cascade across Claude Code, Cursor, Windsurf, and GitHub Copilot simultaneously.
mcp-repo-graph (view) entered the catalog this week as a free, risk-classified server designed to give AI coding assistants structural memory of any codebase. Instead of asking an LLM to infer dependencies or module relationships, repo-graph surfaces the actual graph — imports, exports, class hierarchies, function calls.
For platform teams: this is a low-risk allowlist candidate if your concern is accuracy over data exfiltration. It doesn't phone home, doesn't require external auth, and runs locally. The governance question isn't "should we block this?" but rather "do we need repo-graph and GitHub MCP?" Both provide code context, but at different abstraction levels. If your developers are already hitting GitHub MCP for repo structure, repo-graph might be redundant. If they're working across multiple languages or private monorepos where GitHub's API is insufficient, it's a solid addition.
The five most-viewed servers this week paint a clear picture: GitHub Copilot MCP (98k views), OpenAI MCP (87k views), and Figma MCP (82k views) dominate because they're official, trusted, and solve a specific problem — they bring external tool intelligence into the AI coding workflow rather than asking developers to context-switch.
GitHub Copilot MCP and GitHub MCP both surface repository intelligence, but they operate at different scopes. Copilot's implementation prioritizes code completions and explanations; the raw GitHub MCP goes deeper into issue and workflow management. Before you allowlist both, audit which endpoints your developers actually need. Both require GitHub PATs (Personal Access Tokens), which means your audit logs need to track which scopes are being requested — a common blind spot.
OpenAI MCP is the wild card. It gives developers direct access to GPT-4o, DALL-E, and Whisper from inside their coding environment. That's powerful and dangerous. You need to understand: Does it respect your OpenAI org's API key scope? Does it log every request? If you're running Claude Code or Cursor at scale, OpenAI MCP could balloon your token spend and create audit gaps if requests aren't traced back to individual developers.
Anthropic Claude MCP — nesting Claude inside Claude — looks like a nice-to-have but creates a risk: if a developer spins up a Claude sub-agent for a reasoning task, you've now got an unconstrained LLM instance running inside your allowed workflow. That's a supply-chain risk if the sub-agent takes actions based on untrusted input.
Here's the hard truth: most teams allowlisting MCP servers aren't enforcing the same policy across all four IDEs. You'll approve GitHub MCP for Cursor, but Windsurf users will pull a third-party GitHub integration that does 80% of what you blocked. Meanwhile, your audit logs show only Cursor usage.
The second problem is token cost sprawl. Each MCP server — especially the official integrations — adds latency and token overhead. A developer running GitHub MCP + Figma MCP + Claude MCP in parallel is inflating their token bill by 40–70% before they write a single line of code. If you're not metering this, you're flying blind on AI coding tool ROI.
Action items for this week:
Govern MCP usage across your team with CuratedMCP — or scan your own stack free at https://curatedmcp.com/auditor.
Explore the full MCP catalog
Discover, compare, and install verified MCP servers