stripe-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill retrieves and processes untrusted data from Stripe records.
- Ingestion points: Records accessed via tools like STRIPE_SEARCH_CUSTOMERS and STRIPE_LIST_INVOICES.
- Boundary markers: Absent; no clear delimiters are defined to separate retrieved data from agent instructions.
- Capability inventory: Includes high-privilege financial actions such as issuing refunds (STRIPE_CREATE_REFUND) and creating charges (STRIPE_POST_CHARGES).
- Sanitization: Absent; the skill does not specify validation or filtering of data fetched from the Stripe API.
- [EXTERNAL_DOWNLOADS]: The skill requires connection to an external MCP server at https://rube.app/mcp to function. This third-party endpoint provides the logic and schemas for the Stripe automation tools.
Audit Metadata