v0.3.0MITGitHub Marketplace

Production contracts for billing and access

Deterministic checks in CI — Stripe or Paddle vs your database, env coverage, no LLM. Fail closed when credentials are missing.

npx prodverdict check access --fixtures

Get started Examples

Output

What a failed check looks like

prodverdict check access

$ npx prodverdict check access --fixtures

Checking access contract…

[HIGH] user:usr_alice — Active subscription but has_paid_access is false

fix: Set has_paid_access=true in your webhook handler

VERDICT: FAIL

Contracts

Deterministic. Fail-closed.

Revenue leak
Active billing subscription, but has_paid_access is false in your database.
Wrongful access
Cancelled or unpaid subscription, but the user still has paid access.
Plan drift
Price ID maps to pro in config, but the user row says starter.
Duplicate customer
Same billing customer ID linked to multiple app users.

Config contract: scan process.env references vs .env.example.

Nightly checks: schedule the Action, optional Slack on fail/warn, upload runs to your dashboard. See scheduled workflow example.

Install

Run in under a minute

# Demo — no credentials
npx prodverdict check access \
  --config examples/nextjs-stripe/prodverdict.yml \
  --fixtures \
  --fixtures-dir examples/nextjs-stripe/scenarios/fail-revenue-leak

# Live — Stripe or Paddle + Postgres
npx prodverdict check access --config prodverdict.yml

GitHub Action MCP server

Pricing

Free for open source. Pro for private teams.

Run contracts in CI with zero cost on public repos. Add Pro per project when you need private codebases and scheduled enforcement.

Free

Open source forever

Public repositories
CLI, GitHub Action, and MCP
Access and config contracts

Install from npm

Recommended

Pro

Private repos · scheduled checks

$39/ project / mo

Everything in Free
Private repositories
Scheduled checks in CI
Dashboard projects and run history