Security Report
Verified by MCPForge

Mastercard Open Banking MCP Security Report

Independent security and governance assessment · Assessed June 24, 2026

93

Security

82

Compliance

89

MCPForge Score

Security Findings

Security

+Server reachable and responding
+Authentication flow detected
+No destructive operations detected
Financial operations detected — approval workflows recommended
Credentials Vault not configured — API keys may be exposed through direct agent access if tools require authentication

Compliance

User/contact data handling detected (GDPR/CCPA obligations)
Payment operations detected (PCI DSS obligations)
Credentials Vault not configured — configure to ensure proper server-side key management

Risk Analysis

100 tools analyzed
High Risk21
Medium Risk50
Low Risk29

By Category

Delete5
Billing14
Auth9
Admin1
Write42
Read29
No approval workflows configured

Governance Assessment

Formal Security Review
Not Started
Credentials Vault✗ Not Configured
Endpoint ProtectionNot Enabled
Audit Logging✓ Active — All tool invocations logged

Agent Reliability Assessment

Description Quality

83/83 tools have descriptions · avg 418 chars

100/100

Excellent

Output SanitizationPASS
Agent Reliability Score
98/100 · Excellent

Production Readiness

Verified — Production Ready

89

MCPForge Score

Configure the Credentials Vault to protect API keys from direct agent exposure.
Enable endpoint protection to require API key authentication on direct MCP calls.
Start a formal Security Review to qualify for the "✓ Security Reviewed" badge.
Review the 21 high-risk tools and configure approval workflows where appropriate.
View full profile and installation instructions →