Skills
skills/heldinhow/awesome-opencode-dev-skills/stripe-payments/Gen Agent Trust Hub

stripe-payments

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Recommends installing official Stripe packages (stripe, @stripe/stripe-js) via bun and the Stripe CLI via Homebrew for local testing.
  • [CREDENTIALS_UNSAFE]: Correctly instructs users to manage sensitive credentials like STRIPE_SECRET_KEY and STRIPE_WEBHOOK_SECRET using environment variables rather than hardcoding them.
  • [COMMAND_EXECUTION]: Provides standard shell commands for project initialization and local development testing with the Stripe CLI.
  • [DATA_EXFILTRATION]: Webhook handling includes mandatory signature verification using stripe.webhooks.constructEvent, preventing unauthorized data injection or manipulation from spoofed requests.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 03:23 AM
Security Audit — agent-trust-hub — stripe-payments