subscription-offers

Warn

Audited by Snyk on Jun 18, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill explicitly implements StoreKit 2 subscription offer flows and transaction handling — e.g., references to product.subscription?.introductoryOffer, product.subscription?.promotionalOffers, product.subscription?.winBackOffers, try await AppStore.presentOfferCodeRedeemSheet(), "Transaction handling for offer purchases", and an OfferSignatureProvider for server-side promotional offer signatures. These are specific, payment-related APIs and workflows for creating/presenting offers and completing subscription purchases via the App Store, i.e., direct financial transaction execution for in-app purchases.

Issues (1)

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 18, 2026, 05:19 PM
Issues
1
Security Audit — snyk — subscription-offers