ClawHub

Stripe Best Practices

v1.0.0

Best practices for building Stripe payment integrations

1· 1.9k·8 current·9 all-time
by@ifoster01
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the SKILL.md content: a set of best-practice recommendations and migration guidance for Stripe integrations. Nothing in the metadata or runtime instructions requests unrelated capabilities or credentials.
Instruction Scope
SKILL.md contains guidance, preferences, decisions, and links to official Stripe docs. It does not instruct the agent to read files, access environment variables, call external endpoints beyond citing Stripe docs URLs, or collect/transmit user data.
Install Mechanism
No install spec and no code files are present (instruction-only). That minimizes disk writes or arbitrary code execution risk.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. That is proportional for a knowledge/guide skill and avoids unnecessary access to secrets.
Persistence & Privilege
always is false and the skill is user-invocable. Model invocation is allowed (the platform default) but the skill does not request elevated or persistent privileges or modify other skills/configuration.
Assessment
This skill is a read-only set of Stripe best-practice recommendations and appears internally consistent. It will not access your Stripe account or secrets as-is. If you later want the agent to perform live Stripe actions (create customers, charge cards, migrate data), only grant the minimal Stripe API key needed and avoid sharing raw PANs in the agent chat — follow PCI rules. If you need automation, prefer scoped test keys, short-lived credentials, and review any future skill updates that add install steps or request environment variables.

Like a lobster shell, security has layers — review code before you run it.

latestvk97291eyk1rttwx31mhhtfgnm980nnr2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments