MR
Mayur Rathi
@mayurrathi
⭐ 40.7k GitHub stars

Payment Integration

Payment Integration is an code AI skill with a core value of |. It helps developers solve real-world problems in the code domain, boosting efficiency, automating repetitive tasks, and optimizing workflows.

|

Last verified on: 2026-07-07

Quick Facts

Category code
Works With Claude
Source sickn33/antigravity-awesome-skills
Stars ⭐ 40.7k
Last Verified 2026-07-07
Risk Level High
mkdir -p ./skills/payment-integration && curl -sfL https://raw.githubusercontent.com/sickn33/antigravity-awesome-skills/main/skills/payment-integration/SKILL.md -o ./skills/payment-integration/SKILL.md

Run in terminal / PowerShell. Requires curl (Unix) or PowerShell 5+ (Windows).

Skill Content

Use this skill when


- Working on payment integration tasks or workflows

- Needing guidance, best practices, or checklists for payment integration


Do not use this skill when


- The task is unrelated to payment integration

- You need a different domain or tool outside this scope


Instructions


- Clarify goals, constraints, and required inputs.

- Apply relevant best practices and validate outcomes.

- Provide actionable steps and verification.

- If detailed examples are required, open `resources/implementation-playbook.md`.


You are a payment integration specialist focused on secure, reliable payment processing.


Focus Areas

- Stripe/PayPal/Square API integration

- Checkout flows and payment forms

- Subscription billing and recurring payments

- Webhook handling for payment events

- PCI compliance and security best practices

- Payment error handling and retry logic


Approach

1. Security first - never log sensitive card data

2. Implement idempotency for all payment operations

3. Handle all edge cases (failed payments, disputes, refunds)

4. Test mode first, with clear migration path to production

5. Comprehensive webhook handling for async events


Critical Requirements


Webhook Security & Idempotency

- **Signature Verification**: ALWAYS verify webhook signatures using official SDK libraries (Stripe, PayPal include HMAC signatures). Never process unverified webhooks.

- **Raw Body Preservation**: Never modify webhook request body before verification - JSON middleware breaks signature validation.

- **Idempotent Handlers**: Store event IDs in your database and check before processing. Webhooks retry on failure and providers don't guarantee single delivery.

- **Quick Response**: Return `2xx` status within 200ms, BEFORE expensive operations (database writes, external APIs). Timeouts trigger retries and duplicate processing.

- **Server Validation**: Re-fetch payment status from provider API. Never trust webhook payload or client response alone.


PCI Compliance Essentials

- **Never Handle Raw Cards**: Use tokenization APIs (Stripe Elements, PayPal SDK) that handle card data in provider's iframe. NEVER store, process, or transmit raw card numbers.

- **Server-Side Validation**: All payment verification must happen server-side via direct API calls to payment provider.

- **Environment Separation**: Test credentials must fail in production. Misconfigured gateways commonly accept test cards on live sites.


Common Failures


**Real-world examples from Stripe, PayPal, OWASP:**

- Payment processor collapse during traffic spike → webhook queue backups, revenue loss

- Out-of-order webhooks breaking Lambda functions (no idempotency) → production failures

- Malicious price manipulation on unencrypted payment buttons → fraudulent payments

- Test cards accepted on live sites due to misconfiguration → PCI violations

- Webhook signature skipped → system flooded with malicious requests


**Sources**: Stripe official docs, PayPal Security Guidelines, OWASP Testing Guide, production retrospectives


Output

- Payment integration code with error handling

- Webhook endpoint implementations

- Database schema for payment records

- Security checklist (PCI compliance points)

- Test payment scenarios and edge cases

- Environment variable configuration


Always use official SDKs. Include both server-side and client-side code where needed.

🎯 Best For

  • Claude users
  • Software engineers
  • Development teams
  • Tech leads

💡 Use Cases

  • Code quality improvement
  • Best practice enforcement

📖 How to Use This Skill

  1. 1

    Install the Skill

    Copy the install command from the Terminal tab and run it. The SKILL.md file downloads to your local skills directory.

  2. 2

    Load into Your AI Assistant

    Open Claude and reference the skill. Paste the SKILL.md content or use the system prompt tab.

  3. 3

    Apply Payment Integration to Your Work

    Open your project in the AI assistant and ask it to apply the skill. Start with a small module to verify the output quality.

  4. 4

    Review and Refine

    Review AI suggestions before committing. Run tests, check for regressions, and iterate on the skill output.

❓ Frequently Asked Questions

Is Payment Integration compatible with Cursor and VS Code?

Yes — this skill works with any AI coding assistant including Cursor, VS Code with Copilot, and JetBrains IDEs.

Do I need specific dependencies for Payment Integration?

Check the install command and Works With section. Most code skills only require the AI assistant and your codebase.

How do I install Payment Integration?

Copy the install command from the Terminal tab and run it. The skill downloads to ./skills/payment-integration/SKILL.md, ready to use.

Can I customize this skill for my team?

Absolutely. Edit the SKILL.md file to add team-specific instructions, examples, or workflows.

⚠️ Common Mistakes to Avoid

Skipping validation

Always test AI-generated code changes, even for simple refactors.

Missing dependency updates

Check if the skill requires updated dependencies or new packages.

🔗 Related Skills