@stripe/mcp

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    30:     });
    31:     // Check if API key is either provided in args or set in environment variables
>>> 32:     const apiKey = options.apiKey || process.env.STRIPE_SECRET_KEY;
    33:     if (!apiKey) {
    34:         throw new Error('Stripe API key not provided. Please either pass it as an argument --api-key=$KEY or set the STRIPE_SECRET_KEY environment variable.');

Decoded base64 content: ��^��'��m��-��%

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��^��'��m��-��%��d

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    2:   "name": "@stripe/mcp",
    3:   "version": "0.3.1",
>>> 4:   "homepage": "https://github.com/stripe/ai/tree/main/tools/modelcontextprotocol",
    5:   "description": "A command line tool for setting up Stripe MCP server",
    6:   "bin": "dist/index.js",