mpp-stripe-method
Warn
Audited by Socket on Mar 31, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS. The core purpose is coherent with Stripe/MPP integration and official Stripe data flows, so this is not malware-like. Risk comes from two areas: live web/search content ingestion with write/exec permissions, and an unresolved trust gap around the referenced mppx dependency because the skill gives no official install/provenance details. Overall this looks like a legitimate integration skill with medium security risk rather than malicious behavior.
Confidence: 81%Severity: 56%
Audit Metadata