stripe-integration
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): No external scripts or binaries are downloaded or executed. Code snippets provide standard integration examples for Node.js and Firebase environments.
- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded credentials were found. The skill correctly demonstrates using environment variables (e.g.,
process.env.STRIPE_WEBHOOK_SECRET) and provides instructions for securely setting secrets using the Firebase CLI. - [REMOTE_CODE_EXECUTION] (SAFE): No remote code execution patterns were detected. Shell commands like
stripe listenandfirebase functions:secrets:setare standard developer tools for local development and configuration. - [DATA_EXFILTRATION] (SAFE): There are no network operations targeting untrusted domains or logic that accesses sensitive local file paths (like SSH keys or AWS credentials).
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata