stripe-automation
Warn
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to add
https://rube.app/mcpas an MCP server in their configuration. This introduces a dependency on external third-party infrastructure that is not part of the platform's trusted ecosystem. - [REMOTE_CODE_EXECUTION]: Model Context Protocol (MCP) servers provide tool schemas and execution logic. By connecting to an unverified third-party endpoint, the agent effectively integrates remote logic that controls how sensitive operations are performed.
- [DATA_EXFILTRATION]: The skill is designed to manage highly sensitive Stripe financial data, including customer records, payment intents, and refund processing. All data exchanged between the agent and Stripe flows through the
rube.appendpoint, creating a risk of data exposure or interception if the endpoint is malicious or compromised.
Audit Metadata