Chargebee
PassAudited by ClawScan on May 3, 2026.
Overview
This is a coherent Chargebee billing integration, but it uses a Maton API key/OAuth connection and can perform high-impact billing changes, so it should be used only with least-privilege access and explicit approval for writes.
Install this only if you need Chargebee billing administration. Use the least-privilege Chargebee connection available, always include and verify the intended Maton connection ID, keep the MATON_API_KEY and OAuth connection URLs private, and require explicit confirmation before any billing write, cancellation, or deletion.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incorrectly, the agent could create, update, cancel, or delete billing-related records after user approval.
The skill exposes write-capable billing API operations; this is aligned with Chargebee administration, but mistakes could affect real customer billing records.
This integration can mutate billing data — approve only specific write actions after checking the exact endpoint, account, resource ID, and consequence.
Use read-only actions first, verify the endpoint, account, resource ID, and financial consequence, and only approve specific write actions.
Anyone with the API key or an over-privileged connection could access or change Chargebee data within the connected account's permissions.
The skill requires a sensitive API key that delegates access through Maton to the connected Chargebee account.
All requests require the Maton API key in the Authorization header: Authorization: Bearer $MATON_API_KEY
Use a least-privilege Chargebee connection, keep the MATON_API_KEY private, rotate it if exposed, and revoke unused connections promptly.
Customer, subscription, and invoice data may transit through Maton's service when the integration is used.
Chargebee API requests and responses pass through the Maton gateway, which is disclosed and purpose-aligned but creates a third-party data boundary for billing data.
The gateway proxies requests to `{subdomain}.chargebee.com` ... and injects authentication.Install only if you trust Maton for Chargebee billing access, review its privacy/security posture, and avoid sending unnecessary sensitive data.