stripe-automation

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs the agent at runtime to connect to the Rube MCP endpoint https://rube.app/mcp and to call RUBE_SEARCH_TOOLS to fetch current tool schemas, which directly influence agent prompts/behavior and is required for operation.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to operate a payment gateway (Stripe). It exposes specific Stripe actions that move money or modify billing state: creating/confirming payment intents, creating direct charges, capturing charges, creating subscriptions and invoices, issuing refunds, and creating checkout sessions (tool slugs like STRIPE_CREATE_PAYMENT_INTENT, STRIPE_POST_CHARGES, STRIPE_CAPTURE_CHARGE, STRIPE_CREATE_REFUND, STRIPE_POST_CUSTOMERS_CUSTOMER_SUBSCRIPTIONS, STRIPE_CREATE_INVOICE, STRIPE_CREATE_CHECKOUT_SESSION). These are direct financial execution capabilities (sending charges, processing payments, and issuing refunds) rather than generic tooling.