laravel-stripe-connect
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements standard Stripe Connect integration patterns using the official Stripe PHP SDK. All provided controller templates and model definitions follow security best practices.
- [CREDENTIALS_UNSAFE]: No hardcoded production secrets or keys were found. The skill correctly uses environment variable placeholders and documentation-only test keys (pk_test_...) for configuration examples.
- [DATA_EXFILTRATION]: The skill only communicates with official Stripe API endpoints. It properly secures incoming webhook data using signature verification, preventing unauthorized data injection or manipulation.
- [COMMAND_EXECUTION]: There are no instances of arbitrary command execution or shell interactions. All operations are handled through the PHP language and the Stripe SDK.
Audit Metadata