AgentSkillsCN

pci-compliance

落实 PCI DSS 合规要求,确保支付卡数据与支付系统的安全处理。适用于支付处理环节的安全加固、PCI 合规性达标,以及各类支付卡安全措施的实施。

SKILL.md
--- frontmatter
version: 4.1.0-fractal
name: pci-compliance
description: Implement PCI DSS compliance requirements for secure handling of payment card data and payment systems. Use when securing payment processing, achieving PCI compliance, or implementing payment card security measures.

PCI Compliance

Master PCI DSS (Payment Card Industry Data Security Standard) compliance for secure payment processing and handling of cardholder data.

Do not use this skill when

  • The task is unrelated to pci compliance
  • You need a different domain or tool outside this scope

Instructions

  • Clarify goals, constraints, and required inputs.
  • Apply relevant best practices and validate outcomes.
  • Provide actionable steps and verification.
  • If detailed examples are required, open resources/implementation-playbook.md.

Use this skill when

  • Building payment processing systems
  • Handling credit card information
  • Implementing secure payment flows
  • Conducting PCI compliance audits
  • Reducing PCI compliance scope
  • Implementing tokenization and encryption
  • Preparing for PCI DSS assessments

PCI DSS Requirements (12 Core Requirements)

🧠 Knowledge Modules (Fractal Skills)

1. Build and Maintain Secure Network

2. Protect Cardholder Data

3. Maintain Vulnerability Management

4. Implement Strong Access Control

5. Monitor and Test Networks

6. Maintain Information Security Policy

7. Using Payment Processor Tokens

8. Custom Tokenization (Advanced)

9. Data at Rest

10. Data in Transit

11. Input Validation

12. SAQ A (Least Requirements)

13. SAQ A-EP

14. SAQ D (Most Requirements)