stripe-integration

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a Stripe payment integration. It includes direct use of the Stripe server SDK with secret keys, webhook handlers, and concrete API calls that create and manage financial resources: creating checkout sessions, retrieving and updating subscriptions, canceling subscriptions, confirming invoices, and refunding charges (both via code and Stripe CLI). It also references an MCP that gives the agent direct access to Stripe data and allows creating resources/operations (e.g., "Use Stripe MCP to create a new product" and "show my recent payment intents"). These are specific payment gateway operations (Stripe) capable of initiating and managing real financial transactions, so the skill grants direct financial execution capability.