commerce-js-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches product descriptions, cart/checkout data, and shipping options from the public Chec/Commerce.js API (see commerce.products.list()/retrieve() and commerce.checkout.getLive() in SKILL.md), which are untrusted/merchant-provided content that the code reads and uses to drive UI and checkout actions (e.g., choosing shipping_method and capturing orders), so it exposes the agent to untrusted third-party content.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates with payment gateways and includes code to capture paid orders. It requires a Stripe account and API keys, instructs using secret keys on the server, and shows a concrete call to commerce.checkout.capture with payment.gateway='stripe' and a stripe.payment_method_id. These are direct payment-execution operations (creating/capturing orders and submitting payment details), so the skill provides direct financial execution capability.