5-minute quickstart

Run ProdVerdict against fixture data — no Stripe or database credentials required.

Step 0: One-command demo (v0.10+)

npx prodverdict demo

Expect FAIL — active Stripe subscription, has_paid_access false.

Paddle demo:

npx prodverdict demo --stack paddle-stripe

Scan your repo

npx prodverdict scan

Detects Stripe/Paddle, env var references, migrations, and recommends contracts. No credentials.

Revenue leak from SDK clone (expect FAIL)

git clone --depth=1 https://github.com/prodv-dev/prodverdict-sdk.git
cd prodverdict-sdk

npx --package=prodverdict@0.10.0 prodverdict check access \
  --config examples/nextjs-stripe/prodverdict.yml \
  --fixtures \
  --fixtures-dir examples/nextjs-stripe/scenarios/fail-revenue-leak

Sample finding:

[HIGH] user:usr_alice
  User has an active/trialing Stripe subscription but has_paid_access is false.
  Revenue leak — user cannot access paid features.

Passing scenario

npx prodverdict check access \
  --config examples/nextjs-stripe/prodverdict.yml \
  --fixtures \
  --fixtures-dir examples/nextjs-stripe/scenarios/pass

Live check (your Stripe + Postgres)

export STRIPE_SECRET_KEY=rk_test_...   # read-only restricted key
export DATABASE_URL=postgresql://readonly:...@host/db

npx prodverdict check access --config prodverdict.yml

Other contracts

# Env var drift
npx prodverdict check config --config prodverdict.yml

# Unsafe migration SQL
npx prodverdict check migration --config prodverdict.migration.yml

# Everything in prodverdict.yml
npx prodverdict check all

Agent JSON

npx prodverdict doctor --format agent
npx prodverdict check access --format agent --fixtures ...

See JSON output and Cursor setup.

Add to your repo

After the demo, scaffold config in your own project:

npx prodverdict init --mcp --cursor-rule

Stack is auto-detected from package.json. Or pick explicitly:

npx prodverdict init --stack nextjs-stripe --mcp --cursor-rule

See Install & init for stack templates and remote MCP.