Skip to main content

stripe-integration

Facilitates Stripe integration for checkout flows, subscription management, and webhook handling to streamline payment processing.

Install this skill

or
47/100

Security score

The stripe-integration skill was audited on Mar 1, 2026 and we found 21 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 3

Webhook reference - potential data exfiltration

SourceSKILL.md
3description: Load when implementing Stripe checkout flows, subscription management, webhook handling, or payment processing.
medium line 10

Webhook reference - potential data exfiltration

SourceSKILL.md
10- Handling Stripe webhooks
medium line 49

Webhook reference - potential data exfiltration

SourceSKILL.md
49## Webhook Handling (CRITICAL)
medium line 51

Webhook reference - potential data exfiltration

SourceSKILL.md
51**40% of unprocessed payments come from missing/broken webhook handlers.**
low line 59

Webhook reference - potential data exfiltration

SourceSKILL.md
59WEBHOOK_SECRET = os.environ["STRIPE_WEBHOOK_SECRET"]
low line 61

Webhook reference - potential data exfiltration

SourceSKILL.md
61@router.post("/webhooks/stripe")
low line 62

Webhook reference - potential data exfiltration

SourceSKILL.md
62async def stripe_webhook(request: Request):
low line 68

Webhook reference - potential data exfiltration

SourceSKILL.md
68event = stripe.Webhook.construct_event(payload, sig, WEBHOOK_SECRET)
medium line 117

Webhook reference - potential data exfiltration

SourceSKILL.md
117### 3. 5-Second Webhook Timeout
low line 120

Webhook reference - potential data exfiltration

SourceSKILL.md
120@router.post("/webhook")
low line 121

Webhook reference - potential data exfiltration

SourceSKILL.md
121async def webhook(request: Request):
low line 128

Webhook reference - potential data exfiltration

SourceSKILL.md
128@router.post("/webhook")
low line 129

Webhook reference - potential data exfiltration

SourceSKILL.md
129async def webhook(request: Request):
medium line 139

Webhook reference - potential data exfiltration

SourceSKILL.md
1393. Wait for `payment_intent.succeeded` webhook
low line 152

Webhook reference - potential data exfiltration

SourceSKILL.md
152# Listen for webhooks locally
low line 153

Webhook reference - potential data exfiltration

SourceSKILL.md
153stripe listen --forward-to localhost:8080/webhooks/stripe
medium line 167

Webhook reference - potential data exfiltration

SourceSKILL.md
167- [ ] Webhook signature verification enabled
medium line 176

Webhook reference - potential data exfiltration

SourceSKILL.md
176- [Webhook Events](https://docs.stripe.com/webhooks)
low line 44

External URL reference

SourceSKILL.md
44success_url="https://example.com/success?session_id={CHECKOUT_SESSION_ID}",
low line 45

External URL reference

SourceSKILL.md
45cancel_url="https://example.com/cancel",
low line 178

External URL reference

SourceSKILL.md
178- [PCI Compliance](https://stripe.com/guides/pci-compliance)
Scanned on Mar 1, 2026
View Security Dashboard

Install this skill with one command

/learn @telum-ai/stripe-integration
GitHub Stars 2
Rate this skill
Categorymarketing
UpdatedMarch 29, 2026
openclawapigrowth-marketerproduct-marketersales-engineercustomer-success-managertechnical-pmstripemarketingsalesproduct
telum-ai/speck