stripe-webhooks
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides robust examples for implementing Stripe signature verification using official SDKs in multiple frameworks, effectively mitigating risk from untrusted webhook payloads.\n- [SAFE]: Credentials and secrets are managed according to security best practices, using environment variables and template .env files rather than hardcoded values.\n- [EXTERNAL_DOWNLOADS]: The documentation includes instructions for installing official developer tools (Stripe CLI and Hookdeck CLI) to facilitate local development and testing. These are legitimate resources provided by the respective service vendors.
Audit Metadata