How do I install Dev Latam?

Dev Latam is a local plugin. Install it using npm package: @codespar/mcp-legiti and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

Is Dev Latam safe to use?

Dev Latam was flagged by MCP Marketplace's security scan, scoring 4.2/10 (high risk). It has 2 high or critical findings to review. Review the security report on this page carefully before installing it.

What credentials does Dev Latam need?

Dev Latam requires the following credentials or environment variables: LEGITI_API_KEY, LEGITI_BASE_URL. You can find setup instructions on the server detail page.

What AI apps work with Dev Latam?

Dev Latam uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Dev Latam MCP Server

by User

Developer ToolsUse Caution4.2LocalNew

Free

MCP server for Legiti — Brazilian fraud prevention: real-time order evaluation, chargeback feedback

About

MCP server for Legiti — Brazilian fraud prevention: real-time order evaluation, chargeback feedback

Security Report

4.2

Use Caution4.2High Risk

A well-structured monorepo hosting 109 MCP servers for Latin American commerce APIs. The codebase demonstrates solid security practices with proper environment-variable-based credential handling, no hardcoded secrets, and appropriate API key injection patterns. Minor code quality concerns around broad exception handling and input validation in the Sift server do not materially impact security. Permissions (network_http, env_vars) align with the intended purpose of wrapping multiple payment, banking, and commerce providers. Supply chain analysis found 2 known vulnerabilities in dependencies (1 critical, 0 high severity). Package verification found 1 issue (1 critical, 0 high severity).

4 files analyzed · 7 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

Unverified package source

We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.

What You'll Need

Set these up before or after installing:

Legiti API key (JWT-format bearer token). Use the sandbox key while testing — Legiti trains its ML models on every request, so test data hitting a production key pollutes the model.Required

Environment variable: LEGITI_API_KEY

Legiti API base URL. Defaults to https://collection-prod.inspcdn.net. Legiti issues customer-specific base URLs — override per contract.Optional

Environment variable: LEGITI_BASE_URL

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-codespar-mcp-legiti": {
      "env": {
        "LEGITI_API_KEY": "your-legiti-api-key-here",
        "LEGITI_BASE_URL": "your-legiti-base-url-here"
      },
      "args": [
        "-y",
        "mcp-dev-latam"
      ],
      "command": "npx"
    }
  }
}