Saas Billing System
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill claims to provide a SaaS billing and Stripe payment system, but it ships only instructions and asks users to run a missing local script with a Stripe key.
Review this carefully before installing or using it. The artifacts do not include the billing script they tell you to run, and the Stripe key handling is not documented beyond a command example. Only proceed if you have independently verified the missing implementation and can use restricted/test credentials.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user or agent could end up running an unrelated local script named billing.sh, including with billing/payment authority, without knowing its provenance.
The skill instructs use of a local helper script, but the manifest contains only SKILL.md and _meta.json and there is no install spec or included billing.sh implementation to review.
./billing.sh init ./billing.sh create-plan basic --price 29 --interval monthly ./billing.sh stripe --key $STRIPE_KEY
Do not run the documented commands unless you independently verify the exact billing.sh implementation and its source.
A Stripe key can allow access to payment and billing operations depending on its scope, so mishandling it could affect customer or business billing data.
The skill expects a Stripe key for payment integration, which is purpose-aligned but sensitive and not declared in the registry credential requirements.
./billing.sh stripe --key $STRIPE_KEY
Use a minimally scoped test or restricted Stripe key first, avoid exposing keys in shell history, and confirm exactly what code receives the key.
Users may over-trust the skill as a working billing product even though the provided artifacts do not implement the advertised functionality.
The documentation presents the skill as a complete billing solution, but the provided artifact set is instruction-only and lacks the actual executable implementation.
Complete billing solution for SaaS businesses.
Treat this as incomplete documentation unless the missing implementation is supplied and reviewed.