Skip to main content

stripe-integration

Facilitates seamless integration of Stripe payment processing for secure and compliant payment flows, subscriptions, and customer management.

Install this skill

or
49/100

Security score

The stripe-integration skill was audited on Mar 8, 2026 and we found 23 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 181

Template literal with variable interpolation in command context

SourceSKILL.md
181checkoutContainer.append(`Total: ${session.total.total.amount}`);
medium line 3

Webhook reference - potential data exfiltration

SourceSKILL.md
3description: Implement Stripe payment processing for robust, PCI-compliant payment flows including checkout, subscriptions, and webhooks. Use when integrating Stripe payments, building subscription sy
medium line 8

Webhook reference - potential data exfiltration

SourceSKILL.md
8Master Stripe payment processing integration for robust, PCI-compliant payment flows including checkout, subscriptions, webhooks, and refunds.
medium line 46

Webhook reference - potential data exfiltration

SourceSKILL.md
46### 2. Webhooks
medium line 282

Webhook reference - potential data exfiltration

SourceSKILL.md
282## Webhook Handling
medium line 284

Webhook reference - potential data exfiltration

SourceSKILL.md
284### Secure Webhook Endpoint
low line 294

Webhook reference - potential data exfiltration

SourceSKILL.md
294@app.route('/webhook', methods=['POST'])
low line 295

Webhook reference - potential data exfiltration

SourceSKILL.md
295def webhook():
low line 300

Webhook reference - potential data exfiltration

SourceSKILL.md
300event = stripe.Webhook.construct_event(
medium line 349

Webhook reference - potential data exfiltration

SourceSKILL.md
349### Webhook Best Practices
low line 355

Webhook reference - potential data exfiltration

SourceSKILL.md
355def verify_webhook_signature(payload, signature, secret):
low line 356

Webhook reference - potential data exfiltration

SourceSKILL.md
356"""Manually verify webhook signature."""
low line 365

Webhook reference - potential data exfiltration

SourceSKILL.md
365def handle_webhook_idempotently(event_id, handler):
low line 366

Webhook reference - potential data exfiltration

SourceSKILL.md
366"""Ensure webhook is processed exactly once."""
low line 377

Webhook reference - potential data exfiltration

SourceSKILL.md
377# Stripe will retry failed webhooks
low line 96

External URL reference

SourceSKILL.md
96success_url='https://yourdomain.com/success?session_id={CHECKOUT_SESSION_ID}',
low line 97

External URL reference

SourceSKILL.md
97cancel_url='https://yourdomain.com/cancel'
low line 118

External URL reference

SourceSKILL.md
118'images': ['https://example.com/product.jpg'],
low line 125

External URL reference

SourceSKILL.md
125success_url='https://yourdomain.com/success?session_id={CHECKOUT_SESSION_ID}',
low line 126

External URL reference

SourceSKILL.md
126cancel_url='https://yourdomain.com/cancel',
low line 155

External URL reference

SourceSKILL.md
155return_url='https://yourdomain.com/complete?session_id={CHECKOUT_SESSION_ID}'
low line 237

External URL reference

SourceSKILL.md
237return_url: "https://yourdomain.com/complete",
low line 277

External URL reference

SourceSKILL.md
277return_url='https://yourdomain.com/account',
Scanned on Mar 8, 2026
View Security Dashboard

Install this skill with one command

/learn @wshobson/stripe-integration
GitHub Stars 30.6K
Rate this skill
Categorymarketing
UpdatedMarch 29, 2026
apigrowth-marketerproduct-marketersales-engineercustomer-success-managerbusiness-developmentstripemarketingsales
payment-processingwshobson/agents