saas-mvp-launcher
Guides users through building a production-ready SaaS MVP, covering tech stack, architecture, authentication, and launch checklist.
Install this skill
or
75/100
Security score
The saas-mvp-launcher skill was audited on May 21, 2026 and we found 9 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 160
Template literal with variable interpolation in command context
SourceSKILL.md
| 160 | success_url: `${process.env.NEXT_PUBLIC_URL}/dashboard?success=true`, |
medium line 161
Template literal with variable interpolation in command context
SourceSKILL.md
| 161 | cancel_url: `${process.env.NEXT_PUBLIC_URL}/pricing`, |
low line 131
Webhook reference - potential data exfiltration
SourceSKILL.md
| 131 | '/api/webhooks(.*)', |
medium line 214
Webhook reference - potential data exfiltration
SourceSKILL.md
| 214 | **Problem:** Stripe webhook events not received locally |
medium line 215
Webhook reference - potential data exfiltration
SourceSKILL.md
| 215 | **Solution:** Use Stripe CLI: `stripe listen --forward-to localhost:3000/api/webhooks/stripe` |
low line 76
Access to .env file
SourceSKILL.md
| 76 | ├── .env.local # Environment variables |
low line 150
Access to .env file
SourceSKILL.md
| 150 | export const stripe = new Stripe(process.env.STRIPE_SECRET_KEY!, { |
low line 160
Access to .env file
SourceSKILL.md
| 160 | success_url: `${process.env.NEXT_PUBLIC_URL}/dashboard?success=true`, |
low line 161
Access to .env file
SourceSKILL.md
| 161 | cancel_url: `${process.env.NEXT_PUBLIC_URL}/pricing`, |
Scanned on May 21, 2026
View Security DashboardGitHub Stars 39.2K
Rate this skill
Categorymarketing
UpdatedJune 10, 2026
openclawbackendapidatabaseproduct-marketergrowth-marketerbusiness-developmentproject-managertechnical-pmsupabasestripevercelsentrymarketingsalesproject managementproduct
sickn33/antigravity-awesome-skills