MCP server for Bold — Colombian acquirer: payment links for cards, PSE and Nequi
MCP server for Bold — Colombian acquirer: payment links for cards, PSE and Nequi
This is a large monorepo containing 110+ MCP servers for Latin American commerce APIs. The codebase is well-structured with proper authentication patterns (API keys, OAuth2) and appropriate permission scoping for its stated purpose. However, there are moderate concerns around credential handling practices, lack of input validation in some HTTP request builders, and the broad network access required across all servers. The alpha-stage flag on many production-critical servers (banking, payment processors) without source-level endpoint verification adds operational risk. Supply chain analysis found 2 known vulnerabilities in dependencies (1 critical, 0 high severity). Package verification found 1 issue (1 critical, 0 high severity).
4 files analyzed · 11 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Unverified package source
We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.
Set these up before or after installing:
Environment variable: BOLD_API_KEY
Environment variable: BOLD_SECRET_KEY
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-codespar-mcp-bold-co": {
"env": {
"BOLD_API_KEY": "your-bold-api-key-here",
"BOLD_SECRET_KEY": "your-bold-secret-key-here"
},
"args": [
"-y",
"mcp-dev-latam"
],
"command": "npx"
}
}
}Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.