Skills
skills/phrazzld/claude-config/stripe-configure/Gen Agent Trust Hub

stripe-configure

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill facilitates writing to production environments while processing untrusted external data. • Ingestion points: Product names, domain URLs, and price IDs sourced from users or design documents. • Boundary markers: None present. • Capability inventory: Modifies production secrets via vercel env add and npx convex env set. • Sanitization: No evidence of validation or escaping for the domain strings or product names before they are interpolated into shell commands.
  • [External Downloads] (MEDIUM): Employs npx to download and execute the convex package dynamically. It also references an external script, verify-env-parity.sh, whose source and safety cannot be verified.
  • [Command Execution] (LOW): Uses curl to interact with user-defined URLs for webhook verification. Without proper sanitization, this capability could be exploited for Server-Side Request Forgery (SSRF) against internal resources.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 03:50 AM