Skip to content

chore(deps): update stripe/agent-toolkit digest to b8d7e28#697

Open
renovate[bot] wants to merge 2 commits into
mainfrom
renovate/stripe-agent-toolkit-digest
Open

chore(deps): update stripe/agent-toolkit digest to b8d7e28#697
renovate[bot] wants to merge 2 commits into
mainfrom
renovate/stripe-agent-toolkit-digest

Conversation

@renovate

@renovate renovate Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Update Change
stripe/agent-toolkit digest ec93d4cb8d7e28

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies label Jul 3, 2026
@toolhive-release-app

toolhive-release-app Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🛡️ Skill Security Scan Results

✅ stripe-best-practices

  • Status: Passed
  • Findings: 2

❌ stripe-projects

  • Status: Failed
  • Findings: 9
  • Blocking: 3

Blocking issues:

  • [LLM_PROMPT_INJECTION] (HIGH) The skill instructs the agent to install and then immediately invoke a secondary skill (stripe-projects-cli) that is downloaded and installed at runtime by the stripe projects init command. The content of this dynamically installed skill (.claude/skills/stripe-projects-cli/SKILL.md) is not bundled with the original package and is controlled by the Stripe CLI plugin at the time of execution. If the CLI plugin or its distribution channel is compromised, the installed skill could contain malicious instructions that the agent would then follow via the Skill tool invocation. This is an indirect prompt injection vector through a dynamically fetched external instruction source. (SKILL.md)
  • [LLM_SKILL_DISCOVERY_ABUSE] (HIGH) The skill description contains an extremely broad and exhaustive list of trigger phrases designed to maximize activation across a wide range of user intents. Phrases like 'I need a database', 'set up auth', 'add caching', 'I need hosting', 'get me an API key for X', 'sign up for a service', 'set up monitoring', 'add an LLM provider', 'add email sending', 'set up search', 'add a message queue', 'set up object storage', 'add feature flags', and the catch-all 'any mention of projects.dev or adding/provisioning/connecting a cloud service' represent capability inflation. The instruction 'don't tell them to sign up manually; check the Projects catalog first' actively suppresses alternative user pathways and steers all provisioning requests through this skill, potentially bypassing user choice. (SKILL.md)
  • [ATR_2026_00010] (CRITICAL) Pattern detected: stripe projects init installs the stripe-projects-cli skill locally at .claude/skills/stripe-projects-cli. This skill contains the full post-init command referenc (SKILL.md:62)

Allowlisted (not blocking):

  • MANIFEST_MISSING_LICENSE (Allowed: stripe/agent-toolkit is licensed MIT at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter.)

✅ upgrade-stripe

  • Status: Passed
  • Findings: 4
  • Allowed (not blocking): 1
    • MANIFEST_MISSING_LICENSE (Allowed: stripe/agent-toolkit is licensed MIT at the repository root; upstream does not embed an SPDX license identifier in per-skill SKILL.md frontmatter.)

Summary: Scanned 3 skill(s), found 3 blocking issue(s).

⚠️ Action Required: Review the blocking findings. Add a justified entry to the skill's security.allowed_issues[] in its spec.yaml if the finding is a false positive.

@renovate renovate Bot force-pushed the renovate/stripe-agent-toolkit-digest branch from 0de3e3d to 663ace7 Compare July 3, 2026 10:12
@renovate

renovate Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants