payment-integration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill implements industry-standard cryptographic signature verification (HMAC-SHA256) for both SePay and Polar webhooks, effectively preventing unauthorized data manipulation or spoofing.
- [SAFE] (SAFE): Credential management is handled securely via environment variables and .env templates, avoiding the risk of hardcoded secrets or sensitive data exposure.
- [SAFE] (SAFE): All included Node.js helper scripts perform transparent operations with no evidence of obfuscation, privilege escalation, or malicious network behavior. Scripts are used for local validation and configuration generation only.
Audit Metadata