paypal-integration
Facilitates seamless PayPal payment integration for e-commerce, supporting express checkout, subscriptions, and refund management.
Install this skill
Security score
The paypal-integration skill was audited on Mar 4, 2026 and we found 12 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 192 | ```python |
Fetch to external URL
| 77 | fetch('/api/paypal/capture', { |
Webhook reference - potential data exfiltration
| 16 | - Handling PayPal webhooks (IPN) |
Webhook reference - potential data exfiltration
| 49 | - Webhook-like payment notifications |
Webhook reference - potential data exfiltration
| 448 | - **assets/ipn-processor.py**: IPN webhook processor |
Webhook reference - potential data exfiltration
| 458 | 6. **Webhook Backup**: Don't rely solely on client-side callbacks |
Webhook reference - potential data exfiltration
| 466 | - **Missing Webhooks**: Not handling all payment states |
External URL reference
| 59 | <script src="https://www.paypal.com/sdk/js?client-id=YOUR_CLIENT_ID¤cy=USD"></script> |
External URL reference
| 129 | self.base_url = 'https://api-m.sandbox.paypal.com' if mode == 'sandbox' else 'https://api-m.paypal.com' |
External URL reference
| 229 | paypal_url = 'https://ipnpb.sandbox.paypal.com/cgi-bin/webscr' # or production URL |
External URL reference
| 330 | "return_url": "https://yourdomain.com/subscription/success", |
External URL reference
| 331 | "cancel_url": "https://yourdomain.com/subscription/cancel" |
Install this skill with one command
/learn @arustydev/paypal-integration