mercadopago
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill content is restricted to educational and reference documentation for integrating with MercadoPago's official APIs and SDKs.
- [SAFE]: Security best practices are emphasized throughout the references, specifically regarding the handling of credentials and sensitive data. The documentation explicitly instructs users to use environment variables for access tokens and to avoid committing them to version control.
- [SAFE]: Code examples for card handling utilize tokenization and hosted fields (iframes), ensuring that raw payment card data is never processed or stored by the merchant's server, which aligns with PCI DSS compliance standards.
- [SAFE]: Webhook implementation guides include instructions and code snippets for validating digital signatures to ensure that notifications originate from MercadoPago and have not been tampered with.
Audit Metadata