Dangerous action found
start_checkout — creates a Stripe checkout session and a Zoho CRM deal from an agent call.
// src/mcp/tools/start-checkout.ts · registerStartCheckout
data = await callEdge(/create-checkout-session, { ... });Currently: runs unguarded — start_checkout calls the create-checkout-session edge function on both the JWT and agent paths with no human authorization.
Proposed fix — Receipt Required
Wrap the start_checkout handler body just before the callEdge(/create-checkout-session, ...) calls with @emilia-protocol/require-receipt, so a human authorization receipt for the exact checkout is required first.
Result after patch (RR-1):
Scope: this is a static reference-implementation assessment of a missing human-authorization receipt on one irreversible action, derived from the repository’s public source. It is not a vulnerability report, not a claim the action is exploitable, and not auth or permissions. Maintainer active (last push 2026-06-30); report intended to go live alongside a fix PR.