mcp-payment-pix
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation instructs users to configure their environment using the
kobana-mcp-paymentandmcp-remotepackages vianpx. These are vendor-owned resources and standard utilities within the MCP ecosystem. - [CREDENTIALS_UNSAFE]: The configuration examples include placeholders for sensitive credentials, such as
KOBANA_ACCESS_TOKENandAuthorization: Bearer your_access_token. These are correctly represented as user-supplied variables and no hardcoded secrets are present. - [DATA_EXFILTRATION]: Network endpoints mentioned in the documentation, such as
mcp.kobana.com.brandapi-sandbox.kobana.com.br, are official domains belonging to the vendor for payment processing and sandbox testing. - [SAFE]: No patterns of prompt injection, obfuscation, privilege escalation, or persistence were found. The skill serves its primary purpose as a technical guide for financial tool integration.
Audit Metadata