Security
LeakCheck reads Stripe data without write access
LeakCheck is built around a simple safety rule: the audit can inspect billing data, but it cannot move money, change customers, or edit subscriptions.
Stripe access
Stripe Connect uses the read_only OAuth scope. The server checks that scope on callback and rejects grants that do not match the read-only requirement.
Export upload
If you do not want to connect Stripe, you can upload a JSON export instead. That path also gives LeakCheck no write access to your Stripe account.
Report storage
Report payloads are AES-GCM encrypted before storage. The database keeps only non-sensitive routing fields in plaintext so report links can be served and expired.
Report links
Shareable report links expire after 30 days by default. Report shells are sent with noindex and nofollow, and audit data responses use security headers.
Support
Email support@mnac.io for security questions, deletion requests, or report-access issues.