polar
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill demonstrates secure credential management by utilizing environment variables (POLAR_ACCESS_TOKEN, POLAR_WEBHOOK_SECRET) rather than hardcoding sensitive keys.
- [SAFE]: The skill references official and well-known packages (@polar-sh/sdk and @polar-sh/react) for its monetization functionality.
- [SAFE]: The provided webhook handler includes signature validation using the validateEvent function, which is a critical security measure to verify the authenticity of incoming data.
- [SAFE]: No evidence of prompt injection, code obfuscation, or unauthorized network operations was found in the provided file.
Audit Metadata