The Agent Skills Directory

Command Execution: The skill uses the stripe CLI and Bash to perform directory searches and execute payment-related tasks. It also uses curl to inspect HTTP 402 (Payment Required) headers to verify transaction amounts.
External Dependencies: The skill mentions several payment-related CLI tools, such as @stripe/link-cli and @privy-io/agent-wallet-cli. These are recognized as legitimate vendor-supported or well-known service tools. The skill correctly instructs the agent to seek user approval before installing these packages via npm.
Human-in-the-Loop for Transactions: A strong security feature is included where the agent must present the total price and obtain explicit user approval before performing any spending operations. This prevents automated or unauthorized financial transactions.
Data Handling: The skill processes search results (names, descriptions, and URLs) to create shortlists. While it ingests external data from the directory, it uses this information for identification and scoring rather than execution, which minimizes risks associated with indirect prompt injection.

stripe-directory