Stripe Integration Skill
Goal: Implement secure Stripe integration with webhook handling
Instructions:
- •Environment Variables: Verify STRIPE_SECRET_KEY and STRIPE_WEBHOOK_SECRET exist
- •Webhook Security: Always validate webhook signature with
stripe.webhooks.constructEvent - •Idempotency: Use idempotency keys for payment intents
- •Database Sync: Update subscription status only after webhook confirmation
- •Error Handling: Graceful handling of failed payments with retry logic
Constraints:
- •Never log full Stripe objects (contain sensitive data)
- •Always use Stripe SDK methods, never construct raw API calls
- •Test webhooks locally using Stripe CLI before deployment