Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"fraudlabspro": {
"env": {
"FRAUDLABSPRO_API_KEY": "YOUR_API_KEY_HERE"
},
"args": [
"mcp-fraudlabspro"
],
"command": "uvx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
An MCP-compliant server that integrates the FraudLabs Pro fraud detection system into AI assistants like Claude Desktop. This server enables real-time screening of order transactions and user-related events (like logins or registrations) to identify and prevent fraudulent activities.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
uvx 'mcp' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default
### Description The Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication using `FastMCP` with streamable HTTP or SSE transport, and has not configured `TransportSecuritySettings`, a malicious website could exploit DNS rebinding to bypass same-origin policy restrictions and send requests to the local MCP server. This could allow an attacker to invoke tools or ac
MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS
A validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability (500 errors) until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Thank you to Rich Harang for reporting this issue.
MCP Python SDK has Unhandled Exception in Streamable HTTP Transport, Leading to Denial of Service
If a client deliberately triggers an exception after establishing a streamable HTTP session, this can lead to an uncaught ClosedResourceError on the server side, causing the server to crash and requiring a restart to restore service. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Thank you to Rich Harang for reporting this issue.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in other
Compress tool outputs, logs, files, and RAG chunks before they reach the LLM. 60-95% fewer tokens, same answers. Library, proxy, MCP server.
Pi Coding Agent extension (CLI-first) — routes bash/read/grep/find/ls through lean-ctx CLI for strong token savings. Optional MCP bridge can register advanced tools.
AI travel agent — 1 smart MCP tool plus 62 compatibility aliases for flights, hotels, ground transport, price alerts. No API keys required.
Research graph MCP for hypotheses, goals, runs, source quality, audits, and generated maps.
MCP Security Weekly
Get CVE alerts and security updates for io.github.fraudlabspro/mcp-fraudlabspro and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
An MCP-compliant server that integrates the FraudLabs Pro fraud detection system into AI assistants like Claude Desktop. This server enables real-time screening of order transactions and user-related events (like logins or registrations) to identify and prevent fraudulent activities.
Order Screening: Validate e-commerce orders using IP addresses, billing/shipping details, and credit card information.
User Screening: Analyze account-level events (registrations/logins) for suspicious patterns.
Transaction Management: Retrieve historical results for orders or user screenings.
Feedback Loop: Approve, Reject, or Blacklist transactions directly through the AI interface to improve the detection engine.
pip install mcp httpx uv
~/Library/Application Support/Claude/claude_desktop_config.json%APPDATA%\Claude\claude_desktop_config.json{
"mcpServers": {
"fraudlabspro": {
"command": "uvx",
"args": [
"mcp-fraudlabspro"
],
"env": {
"FRAUDLABSPRO_API_KEY": "YOUR_API_KEY_HERE"
}
}
}
}
📦 Order Management
| Tool | Description | Key Arguments |
|---|---|---|
| screen_order | Screen an order for fraud. | ip, email, amount, bin_no, bill_country, ship_country |
| get_order_result | Retrieve the validation result for a previous order. | transaction_id |
| feedback_order | Update order status (APPROVE, REJECT, BLACKLIST). | transaction_id, action, note |
👤 User Management
| Tool | Description | Key Arguments |
|---|---|---|
| screen_user | Screen user events like logins or signups. | email, ip, phone, first_name, last_name |
| get_user_result | Retrieve results for a previous user screening. | user_transaction_id |
| feedback_user | Update user event status based on manual review. | user_transaction_id, action, reason |
The server uses FastMCP and sends logs through the MCP context. You can view logs in the Claude Desktop "Developer Console" to inspect outgoing payloads and API responses for debugging.
Common Error: If you receive "An API key is needed," ensure the FRAUDLABSPRO_API_KEY environment variable is correctly set in your configuration file and that you have restarted the MCP client.
See the LICENSE file.