The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): The skill executes local commands using the stripe CLI, curl, jq, and head. These operations are used exclusively for diagnostics and are parameterized using standard environment variables (e.g., $STRIPE_SECRET_KEY). No evidence of arbitrary command injection or malicious persistence was found.
[Indirect Prompt Injection] (LOW): The skill ingests and processes untrusted data from the Stripe API, creating a theoretical surface for indirect instruction injection.
Ingestion points: Data enters the agent context via stripe webhook_endpoints list and stripe events list (e.g., in SKILL.md).
Boundary markers: Absent; the skill assumes the integrity of the data returned by the authenticated Stripe API.
Capability inventory: The skill can execute shell commands via the stripe CLI and perform network header requests using curl -I on URLs retrieved from the API.
Sanitization: Data is passed through jq for structural parsing, which provides basic validation against malformed payloads, but does not sanitize the content of strings used in subsequent commands.

stripe-health