spree-payments

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides standard developer documentation and implementation guidance for payment integrations. No malicious patterns, obfuscation, or safety bypass attempts were detected.
  • [EXTERNAL_DOWNLOADS]: The skill references documentation and code from the official spreecommerce.org domain and the spree organization's GitHub repositories. These are well-known technology sources for the Spree ecosystem.
  • [COMMAND_EXECUTION]: Includes standard Ruby on Rails setup commands (such as bundle install and bin/rails g) necessary for installing and configuring official payment integration gems.
  • [CREDENTIALS_UNSAFE]: While the skill mentions environment variables and key patterns like STRIPE_API_KEY and pk_test_, it does so in an instructional context. It explicitly warns against hardcoding secrets and recommends using secure alternatives like Rails credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:34 AM
Security Audit — agent-trust-hub — spree-payments