backend-dev-guidelines
Warn
Audited by Snyk on Jun 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill explicitly includes payment-processing functionality and direct integration with a payment gateway: it lists "Payments: Stripe (subscriptions + one-time)", references a process-payment Edge Function in the directory, imports Stripe in common imports, and instructs using STRIPE_API_KEY from env vars and handling "Stripe webhooks and charges". These are specific payment gateway APIs and functions intended to create/handle charges and subscriptions, which constitute direct financial execution capability.
Issues (1)
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata