Stripe MCP Server

SUSPICIOUS. The skill's Stripe-focused capabilities generally fit its stated purpose, but the install path relies on a third-party skill publisher rather than Stripe, creates a transitive trust chain, and exposes high-impact financial operations without documented approval controls. No clear credential-harvesting or non-Stripe proxying is shown, so this is not confirmed malware, but it carries meaningful operational and supply-chain risk.