supabase-expert

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Edge Function imports remote executable modules at runtime (e.g., https://deno.land/std@0.168.0/http/server.ts and https://esm.sh/@supabase/supabase-js@2 and https://esm.sh/stripe@14.0.0), which are fetched and executed by the Deno runtime and are required dependencies—thus remote code directly executes during skill runtime.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes an Edge Function ("supabase/functions/process-payment/index.ts") that integrates with Stripe: it imports Stripe, uses STRIPE_SECRET_KEY, calls stripe.paymentIntents.create(...) and stores a payment record in the database. This is a direct Payment Gateway integration and creates payment intents (i.e., moves/initiates money flows). Therefore it grants direct financial execution capability.