polar-integration
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructs users to install the official @polar-sh/sdk package, which is the legitimate library for the service.
- [SAFE]: Sensitive credentials like POLAR_ACCESS_TOKEN and POLAR_WEBHOOK_SECRET are managed through environment variables, adhering to secure development practices.
- [SAFE]: The webhook implementation recipe includes mandatory signature verification using the SDK's validateEvent function to ensure the authenticity of incoming requests.
- [SAFE]: The provided code snippets use standard Web APIs (Request/Response) and framework-specific patterns that do not introduce arbitrary command execution or unauthorized data access.
Audit Metadata