Billing
Facilitates payment integrations and subscription management with features like webhook handling and tax compliance.
Install this skill
or
65/100
Security score
The Billing skill was audited on Feb 28, 2026 and we found 7 security issues across 1 threat category. Review the findings below before installing.
Categories Tested
Security Issues
medium line 5
Webhook reference - potential data exfiltration
SourceSKILL.md
| 5 | description: Build payment integrations, subscription management, and invoicing systems with webhook handling, tax compliance, and revenue recognition. |
medium line 11
Webhook reference - potential data exfiltration
SourceSKILL.md
| 11 | User needs to implement or debug payment processing, subscription lifecycles, invoicing, or revenue operations. Agent handles Stripe/Paddle integration, webhook architecture, multi-currency, tax compl |
medium line 18
Webhook reference - potential data exfiltration
SourceSKILL.md
| 18 | | Webhooks & events | `webhooks.md` | |
medium line 35
Webhook reference - potential data exfiltration
SourceSKILL.md
| 35 | ### 2. Webhook Security is Non-Negotiable |
medium line 37
Webhook reference - potential data exfiltration
SourceSKILL.md
| 37 | - Store `event_id` and check idempotency — webhooks duplicate |
medium line 40
Webhook reference - potential data exfiltration
SourceSKILL.md
| 40 | - See `webhooks.md` for implementation patterns |
medium line 114
Webhook reference - potential data exfiltration
SourceSKILL.md
| 114 | - Webhook without signature verification → attackers fake `invoice.paid` |
Scanned on Feb 28, 2026
View Security DashboardGitHub Stars 2.2K
Rate this skill
Categorymarketing
UpdatedApril 4, 2026
openclawapigrowth-marketerproduct-marketersales-operationsaccount-executivecustomer-success-managerstripepaypalmarketingsales
openclaw/skills