stripe-setup
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- CREDENTIALS_UNSAFE (HIGH): The skill instructs the agent to run
stripe config --listfor verification. This command prints the user's secret Stripe API keys to the terminal output. When executed by an AI agent, these credentials are added to the session context and potentially stored in logs, which is a major security violation regarding sensitive data exposure. - COMMAND_EXECUTION (LOW): The skill utilizes several bash commands through the Stripe CLI to create products, prices, and webhooks. This requires the agent to have system-level command execution privileges.
- EXTERNAL_DOWNLOADS (INFO): The skill recommends installing the Stripe CLI via Homebrew (
stripe/stripe-cli/stripe). Since the source is the official Stripe organization, which is a trusted entity, this installation is considered low risk. - PROMPT_INJECTION (INFO): Data retrieval via
stripe products listandstripe prices listcreates an indirect prompt injection surface. - Ingestion points: The agent reads data fetched from the Stripe API.
- Boundary markers: None are provided to distinguish between API data and system instructions.
- Capability inventory: The agent can modify account resources using the Stripe CLI.
- Sanitization: No sanitization or escaping is performed on names or descriptions returned by the API, allowing for potential instruction injection if the account is compromised or shared.
Recommendations
- AI detected serious security threats
Audit Metadata