stripe-projects

Warn

Audited by Snyk on Jul 5, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill wraps the Stripe CLI's "Projects" plugin and explicitly performs Stripe-backed provisioning and billing actions (e.g., stripe projects add, upgrade, remove). The docs state tier prompts and upgrades are real charges and that billing happens on Stripe's side. Those commands can trigger actual payments/charges via Stripe, so this is a specific payment-gateway integration that can execute financial operations.

Issues (1)

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 5, 2026, 06:05 AM
Issues
1
Security Audit — snyk — stripe-projects