check-stripe
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE] (LOW): The skill checks for the presence of sensitive environment variables like
STRIPE_SECRET_KEYandCONVEX_WEBHOOK_TOKEN. This is low risk as it is intended for a security audit and the keys are not exfiltrated. - [COMMAND_EXECUTION] (LOW): The skill uses
grep,find, andstripeCLI commands to inspect the local codebase and environment. These are standard diagnostic tools used within the scope of the skill's primary purpose. - [DATA_EXPOSURE] (SAFE): While the skill reads sensitive configuration files (e.g.,
.env.local), it does not transmit this data over the network.
Audit Metadata