stripe-integration
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill correctly guides the implementation of Stripe Checkout and Elements, which ensures that raw card data is tokenized on the client side, significantly reducing the security burden and ensuring PCI DSS compliance.
- [SAFE]: All external dependencies are official Stripe libraries sourced from legitimate registries, and the use of the Stripe CDN for loading Stripe.js is recommended as a secure practice.
- [SAFE]: Webhook processing templates include robust cryptographic signature verification using the official Stripe SDK, which is a critical security measure to prevent the processing of forged payment events.
- [SAFE]: The instructions consistently advocate for the use of environment variables to store sensitive API keys and secrets, adhering to secure configuration management standards.
Audit Metadata