PagBrasil — cross-border acquiring into Brazil: Pix, Boleto Flash, refunds
PagBrasil — cross-border acquiring into Brazil: Pix, Boleto Flash, refunds
MCP Dev LATAM is a large, well-structured monorepo of 110 MCP servers for Latin American commerce APIs and agentic payment protocols. The codebase shows professional engineering practices: proper MCP SDK usage, auth delegation to environment variables, and clear separation of concerns. However, several moderate security concerns emerge: (1) the Sift server has incomplete ACCOUNT_ID validation that could allow null/undefined paths in Decisions API calls; (2) broad HTTP network permissions across all servers are necessary but unscoped by domain; (3) alpha/contract-gated servers lack verification of actual endpoint paths; (4) no input validation on user-supplied IDs before URL path interpolation. These are manageable for a developer-tool catalog but represent real risks if misconfigured. Supply chain analysis found 2 known vulnerabilities in dependencies (1 critical, 0 high severity). Package verification found 1 issue (1 critical, 0 high severity).
4 files analyzed · 10 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Unverified package source
We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.
Set these up before or after installing:
Environment variable: PAGBRASIL_PBTOKEN
Environment variable: PAGBRASIL_SECRET
Environment variable: PAGBRASIL_BASE_URL
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-codespar-mcp-pagbrasil": {
"env": {
"PAGBRASIL_SECRET": "your-pagbrasil-secret-here",
"PAGBRASIL_PBTOKEN": "your-pagbrasil-pbtoken-here",
"PAGBRASIL_BASE_URL": "your-pagbrasil-base-url-here"
},
"args": [
"-y",
"mcp-dev-latam"
],
"command": "npx"
}
}
}Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.