Stripe MCP Server
v2026.6Stripe
Stripe's official MCP server from the open-source agent toolkit. Exposes tools for customers, products, prices, payment links, invoices, refunds, balance, disputes, and subscriptions plus Stripe documentation search. Available as the @stripe/mcp stdio package or the hosted remote server at mcp.stripe.com with OAuth.
Trust Vector Analysis
Dimension Breakdown
🚀Performance & Reliability+
API stability and uptime analysis of the underlying Stripe API
Operation success testing across the documented tool set in test mode
Rate limiting behavior testing under sustained tool-call load
Relevance assessment of documentation search results for common integration queries
Error handling testing with invalid parameters, missing permissions, and declined operations
🛡️Security+
Authentication mechanism review for stdio and hosted transports
Permission scope testing with restricted keys across read and write tools
Token storage and exposure-surface analysis for local configuration files
Audit logging review of API request logs and event history
Threat modeling of write-capable financial tools; strongest case among evaluated servers for read-only defaults and human-in-the-loop confirmation on writes
🔒Privacy & Compliance+
Data flow analysis of tool results containing customer and payment data
Review of Stripe compliance posture and the data classes reachable via the tool surface
Access control review of key management and OAuth grant administration
Analysis of downstream data sharing once tool results leave Stripe
👁️Trust & Transparency+
Documentation completeness and accuracy review
Logging and traceability assessment via Dashboard logs
Source code review of the published toolkit and MCP package
Comparison of documented tool surface against the shipped package
⚙️Operational Excellence+
Setup complexity assessment for both stdio and hosted transports
Latency observation across representative tool calls
Uptime analysis of Stripe infrastructure
Feature completeness assessment against the full Stripe API surface
Community activity and adoption analysis
- +First-party, MIT-licensed open source implementation maintained by Stripe
- +Restricted API Keys enable precise per-resource, read-only or write scoping
- +Hosted remote option with OAuth avoids placing secret keys in client config
- +Full auditability via Stripe Dashboard request logs and events
- +Backed by PCI-DSS Level 1 and SOC 2 compliant infrastructure
- +Built-in Stripe documentation search alongside account tools
- +Test mode allows safe end-to-end agent evaluation before live use
- !Money-movement tools (refunds, invoices, payment links, subscriptions) make misuse directly costly
- !No built-in human confirmation step on write operations; must be enforced by the client
- !Customer PII in tool results is shared with the LLM provider
- !Unrestricted secret keys in stdio config are a severe single point of failure
- !Tool coverage omits advanced surfaces like Connect and Treasury
- !Agent errors in live mode can require manual financial remediation
Use Case Ratings
financial analysis
Strong for querying balances, disputes, subscriptions, and revenue objects directly from the source of truth
customer support
Excellent for support agents looking up customers, invoices, and issuing scoped refunds with proper guardrails
code generation
Doc search plus live test-mode tools make it very effective for building Stripe integrations
data analysis
Good for ad-hoc account analysis, though bulk analytics is better served by Stripe Sigma or data exports
legal compliance
Dispute and record access is useful, but PII flowing to LLM providers requires careful review