stripe-subscriptions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly requires fetching external recipe content via curl from https://fullstackrecipes.com/api/recipes/... (the listed prerequisite and recipe endpoints), which are public third‑party pages the agent would read and could materially change setup/behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a Stripe subscription billing system with Stripe integration, webhook handling, billing portal, and syncing subscription state to a database. Stripe is a payment gateway and the described features are specifically designed to manage payments/subscriptions (i.e., create/manage charges, subscriptions, billing flows). This is direct financial execution capability.