Ra Pay
Send fiat payments via MCP with two-step confirmation and Stripe Connect.
Installation
Install from source
git clone https://github.com/Ra-Pay-AI/rapay
cd ai-rapay-mcp-server
npm install
npm startSecurity Report
Score Breakdown
Findings (6)
Insufficient capability documentation
The server description lacks critical details about its actual functionality. It mentions 'send fiat payments' and 'Stripe Connect' but provides no information about authentication mechanisms, payment limits, supported currencies, or operational constraints.
Financial transaction capability without visible safeguards
A server that can send fiat payments represents significant financial risk. The description mentions 'two-step confirmation' but without tool definitions or detailed documentation, it's impossible to verify if this is properly implemented or if there are bypass mechanisms.
Stripe integration requires sensitive credentials
Integration with Stripe Connect implies the server handles API keys or authentication tokens. The security model for credential storage and usage is not documented.
Unknown transport type
Transport is listed as 'unknown', making it impossible to assess exposure level. If this is a remote HTTP endpoint, it represents higher risk than a local stdio server.
Tool definitions unavailable for security review
With 0 tools listed but a payment capability claimed, either the tools weren't fetched or the server's actual functionality cannot be audited.
Semantic Analysis Summary
Ra Pay presents moderate-to-high risk due to its financial transaction capabilities combined with insufficient documentation and unavailable tool definitions for security review. The vague description, unknown transport type, and lack of visible implementation details make it impossible to verify proper safeguards for payment processing. The repository link is a positive trust signal, but the server requires comprehensive documentation of its security model before deployment.
Last scanned 52m ago
Details
- Version
- 1.2.5
- Transport
- Unknown
- Capabilities
- Repository
- Ra-Pay-AI/rapay