Oathe Security Badge

Is wrsmith108/stripe-mcp-skill safe?

https://github.com/wrsmith108/stripe-mcp-skill

98
SAFE

This is a legitimate documentation skill for Stripe payment API integration via Model Context Protocol. It contains comprehensive installation instructions, API documentation, security best practices, and testing guides with no malicious content detected.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

LOW External URLs in documentation -5

The skill references legitimate external URLs including Stripe documentation, GitHub repository, and Stripe MCP server endpoints. These are appropriate for a Stripe integration skill but should be noted.

INFO Multiple installation methods -5

The skill provides three different installation methods (Remote HTTP, Local npm, Project .mcp.json) which adds complexity but is appropriate for different use cases.