stripe-subscriptions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — SKILL.md's prerequisite and cookbook steps explicitly instruct fetching markdown from public fullstackrecipes.com endpoints (via curl), so the agent would read and act on external third-party content that could change instructions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about Stripe subscription billing: it integrates with Stripe, handles webhooks to sync subscription state, includes billing portal integration, and implements subscription/usage tracking. Stripe is a payment gateway, so this skill is specifically designed to interact with a financial API and can perform payment/subscription actions rather than being a generic tool. Therefore it grants direct financial execution capability.