Read-only by default

Revenue Linter observes. You approve remediation.

The MVP is designed as a diagnostic and advisory platform. It does not mutate your Stripe account, your Shopify store, or your production database.

Stripe audit bridge

Revenue Linter uses the Stripe audit bridge for the public connection path and rejects unrestricted sk_ secret keys.

No card data

Revenue Linter stores Stripe object IDs, metadata, and normalized status, not raw card numbers.

Encrypted credential vault

Accepted Stripe credentials are encrypted before database storage; only safe connection metadata remains visible.

Raw-body webhooks

Webhook routes verify Stripe signatures against the raw request body before processing events.

Audit logs

Scans, reports, admin access, and findings are logged by workspace.

No secrets in forms

The ingest and lead guardrails reject common pasted API keys, JWTs, tokens, and private keys.

What Revenue Linter will never do by default

Create chargesIssue refundsCancel subscriptionsCreate customersModify invoicesSubmit dispute evidenceChange webhook endpointsWrite to Stripe

Legal review blocked

This security page is a product-safety summary, not a final legal policy. Broad paid self-serve launch remains blocked until legal and safety review confirms the security, privacy, and terms language.

Read-only by design

Revenue Linter watches the signals. Your team stays in control.

Revenue Linter mirrors and ingests revenue signals, generates deterministic findings, and packages evidence. It does not cancel subscriptions, issue refunds, change Shopify orders, mutate your production database, or submit disputes automatically.

Guardrails

Restricted rk_ keys onlyUnrestricted sk_ keys rejectedNo production database credentialsNo automatic remediation

View contract