dodo-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is a documentation-only resource providing integration guidelines and code snippets. It does not contain any executable scripts or automated logic that could be exploited.
- [EXTERNAL_DOWNLOADS]: Mentions official SDK installation commands for NPM (
dodopayments), PyPI (dodopayments), and GitHub (github.com/dodopayments/dodopayments-go). These resources are owned by the verified vendor. - [CREDENTIALS_UNSAFE]: Correctly advises users to use environment variables for API keys and webhook secrets. No hardcoded credentials or sensitive data were found in the examples.
- [COMMAND_EXECUTION]: Provides standard installation commands (e.g.,
npm install,pip install) and local development utility commands (e.g.,ngrok), which are routine for developer documentation.
Audit Metadata