stripe-automation

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires connecting to the Rube MCP server at https://rube.app/mcp and calling RUBE_SEARCH_TOOLS at runtime to fetch current tool schemas which directly determine agent behavior and are required for operation.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a Stripe payment gateway integration and exposes direct payment operations: creating charges and payment intents, confirming payment intents, creating direct charges, capturing authorized charges, creating refunds, creating invoices and subscriptions, and creating checkout sessions. It requires an active Stripe connection and specific Stripe toolkits (tool slugs like STRIPE_CREATE_PAYMENT_INTENT, STRIPE_POST_CHARGES, STRIPE_CREATE_REFUND, STRIPE_CAPTURE_CHARGE, etc.), which are explicitly designed to move and manage money. Therefore it grants direct financial execution capability.