saas-architect
Warn
Audited by Snyk on Feb 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is explicitly built to integrate with Stripe: it defines Stripe-related database tables (customers, products, prices, subscriptions with Stripe IDs), includes API routes for creating checkout sessions, customer portal and webhook handlers, shows Stripe client initialization and webhook verification, and lists Stripe secret/publishable keys in env. These are specific payment gateway integrations and enable creating and managing payments/subscriptions — i.e., direct financial execution capability.
Audit Metadata