monetization
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain any malicious code, obfuscation, or injection patterns.
- [CREDENTIALS_UNSAFE]: The provided code snippets correctly demonstrate using environment variables (
os.environ) to manage sensitive information likeSTRIPE_SECRET_KEYandSTRIPE_WEBHOOK_SECRETrather than hardcoding them. - [EXTERNAL_DOWNLOADS]: Dependencies are restricted to the official
stripelibrary from well-known registries (NPM and PyPI). - [REMOTE_CODE_EXECUTION]: No patterns of remote code execution, piped shell commands, or unsafe dynamic execution were found.
- [DATA_EXFILTRATION]: Network activity is limited to standard Stripe API interactions as expected for a monetization skill.
- [PROMPT_INJECTION]: The instructions focus purely on domain-specific guidance without any attempts to bypass safety filters or override system prompts.
Audit Metadata