Is ifoster01/stripe-best-practices safe?

https://github.com/openclaw/skills/tree/main/skills/ifoster01/stripe-best-practices

97
SAFE

The stripe-best-practices skill is a pure knowledge/documentation artifact containing Stripe payment integration guidelines with no executable code, no data access instructions, and no prompt injection vectors. All canary honeypot files remained intact throughout installation, and all network activity was limited to the expected GitHub clone of the skills monorepo. The skill's content is well-aligned with official Stripe documentation and poses no identifiable security risk to an agent or its user.

Category Scores

Prompt Injection 97/100 · 30%
Data Exfiltration 97/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (4)

INFO External documentation URLs in References section -3

The References section contains 8 hyperlinks to docs.stripe.com. These are standard documentation citations and carry no instruction for the agent to fetch them unprompted. An agent with web-fetch capabilities might retrieve them when contextually relevant, which is expected and benign behavior for a knowledge skill.

INFO Canary file reads by audit harness (not skill) -3

Audit PATH events at timestamps 1771920369.150 and 1771920386.850 record read-only access to all six canary files. Timing analysis places both events outside the skill installation window (install completed ~1771920382). These accesses are attributable to the audit harness performing pre-install and post-install integrity checks, not to any skill behavior.

INFO Shallow monorepo clone discarded after sparse checkout -5

The install script cloned the full openclaw/skills.git monorepo (shallow, depth 1) to /tmp/monorepo-clone, performed a sparse checkout to extract only the target skill path, copied files to the destination, then deleted the clone. This is a standard monorepo distribution pattern. No residual files were left outside the skill directory.

INFO Lock.json references unrelated skill (environment artifact) -5

The .clawhub/lock.json in the skill directory references 'academic-research-hub' v0.1.0. This is a pre-existing artifact from the audit environment's skill installation state, not introduced by this skill. No security implication.