Server data from the Official MCP Registry
Financial governance for AI agents — spend gates and audit trail exposed as MCP tools.
Financial governance for AI agents — spend gates and audit trail exposed as MCP tools.
This is a well-structured MCP server for Valta's financial governance API with proper authentication, clear permission scoping, and honest documentation about its limitations. The codebase is clean with appropriate error handling and input validation. No security vulnerabilities or malicious patterns detected. Minor code quality observations do not materially affect the security posture. Supply chain analysis found 2 known vulnerabilities in dependencies (0 critical, 2 high severity). Package verification found 1 issue.
4 files analyzed · 7 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Set these up before or after installing:
Environment variable: VALTA_API_KEY
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-billionaire664-valta-mcp": {
"env": {
"VALTA_API_KEY": "your-valta-api-key-here"
},
"args": [
"-y",
"valta-mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
An MCP (Model Context Protocol) server for Valta — financial governance for AI agents. Exposes Valta's spend gate and audit trail as MCP tools, so any MCP-compatible client (Claude Desktop, Claude Code, Cursor, and others) can call them directly.
This server is a thin wrapper over Valta's real, hosted REST API. It does not implement any spend logic, limits, or hashing itself — every tool call here is a pass-through to https://valta.co/api/v1/..., where the actual enforcement (spend gate, audit chain) happens. This repo is the protocol adapter, not the enforcement engine.
Important, read before relying on this for anything security-sensitive: a tool description telling a model "call this before spending" is guidance, not enforcement. This server governs spend that routes through its valta_request_spend tool. It does not intercept or prevent spending that happens through other tools, APIs, or webhooks that don't call it first. If you need a hard guarantee that no spend can happen without authorization, the money-moving action itself needs to be implemented as (or wrapped by) a Valta-gated tool — not merely preceded by a polite check-in step. See Design notes below.
npm install -g valta-mcp
Or run directly without installing:
npx valta-mcp
Get an API key at valta.co/dashboard → Settings → API Keys → Create key.
Add to your MCP client's config (e.g. Claude Desktop's claude_desktop_config.json):
{
"mcpServers": {
"valta": {
"command": "npx",
"args": ["valta-mcp"],
"env": {
"VALTA_API_KEY": "sk_valta_your_key_here"
}
}
}
}
| Tool | What it does |
|---|---|
valta_check_balance | Read an agent's wallet balance and limits |
valta_request_spend | Request authorization for a spend — approved or denied by the real spend gate |
valta_create_wallet | Create a new named wallet with optional spend limits |
valta_freeze_agent | Kill switch — freeze an agent's wallet, blocking further spend |
valta_unfreeze_agent | Resume a frozen agent's wallet |
valta_get_audit_trail | Read the hash-chained audit trail of spend decisions |
valta_list_wallets | List all named wallets on the account — use this to discover wallet names before checking balance/spending |
valta_transfer_funds | Transfer USDC directly between two of your agent wallets |
valta_list_agents | List all agents on the account |
valta_get_agent | Get details for a single agent |
valta_run_agent | Trigger an agent to run a task |
valta_get_agent_run | Check the status/result of a specific agent run |
valta_list_policies | List spending policies configured on the account |
valta_set_policy | Create a new spending policy (daily cap, per-transaction cap) |
Every tool's description in src/index.ts states plainly what it enforces and what it doesn't — read those before wiring this into anything that touches real money. |
Why there's no "non-bypassable system prompt." An earlier draft of this project considered shipping a system-prompt instruction block claiming to make spend gating "non-bypassable." That claim doesn't hold up, for two reasons:
instructions field — it cannot inject a binding, universally-enforced rule into the conversation.What actually provides a guarantee: spend that is authorized by calling valta_request_spend is genuinely checked against real limits, server-side, independent of the calling model's behavior. The gap is spend that happens through some other channel the agent has access to. Closing that gap requires the payment-triggering action itself to be gated — either by making it a Valta-provided tool, or by having whatever executes the real payment call Valta's API internally before proceeding. This server is the piece that makes gated spend possible; it is not a universal guarantee that ungated spend is impossible.
MIT.
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.