lemonsqueezy
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the official Lemon Squeezy client-side script from app.lemonsqueezy.com for frontend checkout functionality.
- [COMMAND_EXECUTION]: Provides instructions for installing the legitimate @lemonsqueezy/lemonsqueezy.js package via the npm registry.
- [SAFE]: Follows security best practices by recommending the use of environment variables for storing sensitive API keys and webhook secrets.
- [SAFE]: Includes a secure webhook implementation that validates request authenticity using HMAC signature verification, protecting against request spoofing.
Audit Metadata