stripe-products
Warn
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTIONSAFE
Full Analysis
- [DATA_EXFILTRATION]: Accesses the sensitive filesystem path
~/.config/stripe/config.jsonto load Stripe API authentication credentials stored on the user's machine. - [PROMPT_INJECTION]: Detected an indirect prompt injection surface where the agent processes data from external sources.
- Ingestion points: External data is retrieved from the Stripe API (product names, descriptions, and invoice metadata) in
scripts/stripe_products.py. - Boundary markers: Absent; API data is displayed directly to the agent without delimiters or instructions to ignore embedded commands.
- Capability inventory: The agent can execute shell commands through the included Python CLI tool.
- Sanitization: Absent; the skill does not perform validation or escaping of the content received from the Stripe API.
- [SAFE]: Conducts network requests to
api.stripe.com, which is the official endpoint for a well-known service. - [COMMAND_EXECUTION]: Executes Python scripts using shell commands to manage and list billing resources.
Audit Metadata