stripe-projects
Warn
Audited by Socket on Jul 5, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the skill is broadly coherent with its stated provisioning purpose, and the core Stripe CLI install path is official. Risk is elevated because it delegates secret generation/storage and cross-provider provisioning to a plugin with less directly verifiable first-party documentation, writes plaintext credentials into .env, and enables autonomous billing/infrastructure actions that should not run without explicit user approval.
Confidence: 84%Severity: 66%
Audit Metadata