stripe

SUSPICIOUS. The stated purpose is coherent, and the visible commands are narrowly scoped to Stripe revenue reporting, but the mandatory dependency on a nonstandard stripe-connect prerequisite is not aligned with Stripe's official CLI naming or documented install path. Because the skill also instructs loading another skill, trust is transitive and provenance is unclear. No confirmed malicious behavior is visible in this snippet, but install trust and data-flow certainty are insufficient for a benign classification.

SUSPICIOUS: The skill's basic purpose is legitimate, and its stated data flow to Stripe is proportionate, but it instructs users to paste high-value Stripe credentials directly into chat and hands them to a custom unverifiable helper script. No clear malware or third-party credential proxy is shown, yet the credential-handling model is unnecessarily risky for a connection helper.