billing-management

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's API examples require an Authorization: Bearer header, which means the agent would need to insert and emit a user's secret bearer token verbatim in requests/commands, creating an exfiltration risk.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates with Stripe: it provides endpoints to "Start Stripe checkout" (POST /api/billing/checkout returning a Stripe checkout URL), "Open billing portal" (GET /api/billing/portal returning a Stripe Customer Portal URL where payment methods and invoices are managed), and "Cancel subscription" (POST /api/billing/cancel). These are specific payment-gateway actions (creating checkouts, managing subscriptions/payment methods) — not generic browser or API callers — so it grants direct financial execution capability.