api-pro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly enables autonomous agents to run web research and ingest public sources (e.g., o3.conductResearch with allowedTools ["search","arxiv","github"] in references/ai-agents.md and the main SKILL.md) and includes a generic fetch-based validator (scripts/validate-api.ts) that fetches arbitrary endpoints, so the agent will read untrusted, user-generated third‑party content from the open web.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes Stripe SDK v13+ integration and concrete payment-related code: it instantiates Stripe with STRIPE_SECRET_KEY, lists subscriptions using auto-pagination, retrieves payment intents, and calls stripe.subscriptions.cancel(...) to cancel subscriptions. These are specific payment-gateway operations (managing payments/subscriptions) — not generic API examples — so the skill grants direct financial execution capability.