stripe-integration
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation and implementation patterns for Stripe payment processing. It includes best practices such as webhook signature verification using
stripe.Webhook.construct_eventand idempotent event handling. - [CREDENTIALS_UNSAFE]: The code snippets use appropriate placeholders for sensitive values, such as
sk_test_...for Stripe API keys andwhsec_...for webhook secrets. No actual credentials or secrets are exposed. - [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piping network downloads to a shell, were found. The skill uses standard library imports for Python and JavaScript.
- [DATA_EXFILTRATION]: No unauthorized data collection or exfiltration patterns were detected. Network operations are restricted to communication with official Stripe API endpoints as required for the skill's primary purpose.
Audit Metadata