stripe-subscriptions
Warn
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill contains multiple
curlcommands to fetch 'recipes' fromhttps://fullstackrecipes.com. - Evidence: Five instances of
curl -H "Accept: text/markdown" https://fullstackrecipes.com/api/recipes/...found inSKILL.md. - Risk: This domain is not a recognized trusted source. An attacker could modify the content returned by these endpoints to include malicious instructions or scripts which the agent might then execute.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is designed to ingest and process data from external URLs which could be used to inject instructions into the agent's context.
- Ingestion points:
SKILL.md(via curl fetches to fullstackrecipes.com). - Boundary markers: Absent. The agent is simply told to "Complete these recipes".
- Capability inventory: The skill description suggests capabilities for database setup (Neon/Drizzle), environment variable configuration, and webhook handling.
- Sanitization: No sanitization or validation of the fetched markdown content is performed.
Audit Metadata