Stripe mcp
AdvisoryAudited by Static analysis on May 8, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with a powerful Stripe key, the agent may be able to change real billing records, subscriptions, refunds, account settings, or money-related objects.
The skill discloses that its tools may perform high-impact Stripe writes, and it includes appropriate guidance to confirm user intent before write-capable actions.
Stripe tools can affect real customers, billing objects, subscriptions, refunds, account settings, and money movement. Confirm explicit user intent before any write-capable call
Use restricted or read-only Stripe keys when possible, inspect current object state before changes, and require explicit user confirmation before creating, updating, refunding, or otherwise mutating Stripe data.
Anyone or any agent action with access to this credential may be able to use the Stripe permissions granted by that token.
The skill requires a sensitive Stripe credential and uses it for bearer authentication; this is expected for Stripe MCP access and the artifact does not show unrelated use or leakage.
This skill expects `MAVERICK_STRIPE_MCP_ACCESS_TOKEN` to be set in the agent runtime environment. mcporter sends it as `Authorization: Bearer <value>` on every request.
Store the token in a secret store or environment variable, avoid embedding it in files or prompts, and prefer Stripe restricted API keys with the minimum needed permissions.
The live Stripe MCP server can shape which tools the agent sees and how it thinks they should be used during the session.
The skill tells the agent to rely on provider-published MCP instructions and schemas. This is normal for a hosted MCP integration, but external instructions should remain subordinate to the user's request and safety requirements.
The live server is the source of truth for what tools exist, what they're called, what arguments they take, and any per-server instructions the server publishes. ... Treat this as the authoritative reference for the rest of the session.
Use server instructions only as API/tool guidance, and continue to follow the user's explicit intent, least-privilege practices, and confirmation requirements for write actions.
Installing the skill may install and run an external CLI package that was not included in the skill's own file contents for review.
The skill depends on an external Node package to provide the mcporter binary. This is central to the MCP pass-through design, but the provided install spec does not pin a package version.
node | package: mcporter | creates binaries: mcporter
Install mcporter from a trusted source, consider pinning or verifying the package version, and keep it updated through normal dependency hygiene.