Component: finbot/mcp/servers/finstripe/server.py → create_transfer
Root cause:
# vendor_account is a free-form string, never compared to vendor.bank_account_number
txn = repo.create_transaction(..., vendor_account=vendor_account, ...)
Steps to reproduce:
- Create vendor with bank_account_number='123456789012'
- Call create_transfer(vendor_account='999999999999')
Expected Behavior: error — vendor_account mismatch
Actual Behavior: transfer created to arbitrary account
How to execute:
pytest tests/unit/mcp/test_finstripe.py::TestCreateTransferValidation::test_mcp_create_011_arbitrary_vendor_account_accepted -v
Impact: Attacker redirects payments to any account via prompt injection targeting the vendor_account argument.
Acceptance criteria:
- TestCreateTransferValidation::test_mcp_create_011_arbitrary_vendor_account_accepted pass
Component: finbot/mcp/servers/finstripe/server.py → create_transfer
Root cause:
Steps to reproduce:
Expected Behavior: error — vendor_account mismatch
Actual Behavior: transfer created to arbitrary account
How to execute:
Impact: Attacker redirects payments to any account via prompt injection targeting the vendor_account argument.
Acceptance criteria: