omise-mcp
Verified Safeby omise
Overview
Facilitate secure and managed integration with Omise payment APIs for various financial operations using the Model Context Protocol.
Installation
docker run --rm -i -e OMISE_SECRET_KEY=skey_test_xxxxxxxxxxxxxxxx -e OMISE_ENVIRONMENT=test -e TOOLS=all omise-mcp-server:latestEnvironment Variables
- OMISE_SECRET_KEY
- OMISE_ENVIRONMENT
- TOOLS
Security Notes
The server demonstrates strong security practices including explicit tool-level access control via the 'TOOLS' environment variable, which is mandatory for startup. It validates all incoming parameters for API calls, significantly reducing attack surface. Sensitive data like API keys, passwords, and card numbers are actively masked in logs using `sanitizeHeaders` and `sanitizeBody` functions. The Docker configuration enforces hardened practices like running as a non-root user, using `no-new-privileges`, `read_only` file systems, and `tmpfs` for temporary directories. The `OMISE_SECRET_KEY` is externalized and validated for environment consistency (e.g., preventing live keys in test mode). Comprehensive error handling and logging (with redaction) are in place. No 'eval' or obvious obfuscation found.
Similar Servers
boilerplate-mcp-server
Provides a production-ready foundation for developing custom Model Context Protocol (MCP) servers in TypeScript to connect AI assistants with external APIs and data sources, exemplified by an IP geolocation tool.
typingmind-mcp
A server for managing and integrating Model Context Protocol (MCP) servers with TypingMind, enabling custom AI model connections.
leanmcp-sdk
Building production-ready Model Context Protocol (MCP) servers with TypeScript, supporting features like authentication, elicitation, and UI integration for AI agents.
mcp-server-playground
A playground and reference implementation for a Model Context Protocol (MCP) server, featuring streamable HTTP transport, OAuth proxy for third-party authorization servers like Auth0, and stateful session management.