payment-gateway-integration
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows industry-standard security practices for payment processing integrations.
- [CREDENTIALS_UNSAFE]: Sensitive credentials like API keys and secrets are correctly managed via environment variables (e.g.,
STRIPE_SECRET_KEY,PAYPAL_CLIENT_SECRET) rather than being hardcoded. - [EXTERNAL_DOWNLOADS]: The skill references official Node.js SDKs for Stripe and PayPal, which are well-known and trusted services.
- [DATA_EXFILTRATION]: Data processing is limited to standard payment lifecycle events (creation, capture, refund) with no evidence of unauthorized data transfer.
- [PROMPT_INJECTION]: No malicious instructions aimed at bypassing AI safety protocols or overriding system behavior were detected.
Audit Metadata