Registry/Stripe MCP Server

Stripe MCP Server

v1.0.0
Verified

MCP server for Stripe API — customers, charges, payments, subscriptions, products, and invoices

By CommunityMIT
typescript
web services
1.1Kstars
474downloads
150forks
Scanned Jul 13, 2026
WebsiteRepositoryGITHUB
F0%
Scanned 6d ago

Critical Issues

Vulnerabilities Found
4Crit
14High
4Med
0Low
0Info

Security ScoreF

0
out of 100

Vulnerabilities Found

4
Crit
14
High
4
Medi
0
Low
0
Info
Last scanned: 7/13/2026

Quality ScoreB

73
out of 100
62
Maint.
67
Popular
89
Docs
73
Compat
Maintenance62%
Popularity67%
Documentation89%
Compatibility73%

Maintenance62

Unknown
Commit Frequency65%
Release Frequency70%
Issue Response45%

Popularity67

1.1K
Stars
474
Downloads
150
Forks
Stars Score85%
Downloads Score48%
Forks Score76%

Documentation89

README Quality85%

Available Documentation

API DocsExamplesChangelog

Compatibility73

MCP Spec Compliance80%
Transport Support50%

Features

TypeScript

Supported Transports

STDIO

Agentic MCP Risk Intelligence

MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.

8
agentic findings
Severe agentic exposure

Multiple MCP-native exploit paths were detected. Review before connecting this server to an AI client.

Prompt Injection Surface
0

Tool metadata can steer or hijack AI clients before a user invokes the tool.

AI → Command Execution
0

Model-selected tool arguments can reach shell/process execution.

Secret Exfiltration Path
1

Tool context combines credential access with outbound network capability.

Unbounded Filesystem
0

AI-controlled paths may access files outside the intended workspace.

Agent SSRF
7

AI-controlled URLs may reach local, metadata, or internal network services.

Vulnerabilities(22)

4Critical
14High
4Medium
Filter:

READMEStripe MCP Server

View source

Stripe MCP Server

⚠️ KEY CONFUSION VULNERABILITY ⚠️

Issue

The server does not properly distinguish between test and live Stripe keys, potentially using live keys in test mode.

Impact

  • Accidental live payment processing
  • Exposure of real customer payment data
  • PCI compliance violations

Mitigation

Always verify which key type is configured. Use separate configurations for test and production.

Embed Security Badge

Add this badge to your README or documentation

Stripe MCP Server MCPSafe Security
[![Stripe MCP Server MCPSafe Security](https://api.mcpsafe.org
/api/badge/stripe-mcp-vuln.svg)](https://mcpsafe.org/registry/stripe-mcp-vuln)
Need more customization options?Badge Documentation

Server Information

Source
GITHUB
Package
stripe-mcp-server
Version
1.0.0
Language
typescript
License
MIT
Transport
STDIO
Added
Jan 20, 2026
Updated
Jul 13, 2026