Skills Guide

Payment Gateway

VerifiedCaution

Processes payments securely via Stripe, PayPal, or ACH. Used for paying invoices, scheduling future payments, and managing payment methods. Includes full audit logging and webhook handling for payment confirmation and failure alerts.

Sby Skills Guide Bot
DevelopmentIntermediate
906/2/2026
Claude Code
#payment-gateway#stripe#paypal#ach#invoicing

Recommended for

Backend developerClaude CodeCode reviewFrontend developerFullstack developerRefactoring

Our review

This skill processes payments via Stripe, PayPal, or ACH, including scheduling, execution, confirmation, and full audit trail.

Strengths

  • Supports multiple payment gateways (Stripe, PayPal, ACH).
  • Handles payment scheduling and webhook processing.
  • Includes strong validation and audit logging.

Limitations

  • Requires API keys and per-tenant gateway configuration.
  • Error handling can be complex (failures, refunds).
  • Depends on external services (Stripe, PayPal).
When to use it

Use this skill to automate payment processing for invoices or customer payments.

When not to use it

Do not use for simple manual payments or if using an unsupported payment gateway.

Security analysis

Caution
Quality score90/100

The skill processes live payments and updates databases, which carries inherent financial risk. It follows security best practices (idempotency, PCI compliance, RBAC, parameterized queries), but the operational power of the actions (charging cards, transferring funds) warrants caution to prevent misuse or accidental execution.

Findings
  • Instructs execution of real financial transactions (Stripe, PayPal, ACH) with monetary impact
  • SQL update and insert operations that modify database state
  • Uses environment variables for API secrets; exposure risk if the skill runtime is compromised

Examples

Pay an invoice immediately
Pay invoice INV-2025-001 for $500.00 using Stripe, with approval from user admin@example.com.
Schedule a future payment
Schedule payment for invoice INV-2025-002 via ACH on March 1, 2025. Approved by user jdoe.
Process a refund
Refund payment pi_1234abc for invoice INV-2025-003. The original payment was made via PayPal.

name: payment-gateway description: "Process payments via Stripe, PayPal, or ACH. Use when paying invoices, processing customer payments, or managing payment methods. Handles payment scheduling, execution, and confirmation with full audit trail."

Payment Gateway Skill

Purpose

Processes payments securely through integrated payment gateways (Stripe, PayPal, ACH), with proper authorization, audit logging, and error handling.

Triggers

  • Invoice approved and ready for payment
  • Customer payment submitted
  • Scheduled payment due date reached
  • Manual payment initiated

Capabilities

  1. Payment Processing - Execute payments via Stripe/PayPal/ACH
  2. Payment Scheduling - Schedule future payments
  3. Payment Confirmation - Verify payment succeeded
  4. Refund Processing - Handle refunds and reversals
  5. Payment Method Management - Store and manage payment methods
  6. Webhook Handling - Process payment status webhooks

Instructions

Step 1: Validate Payment Request

Required fields:

  • tenant_id - For multi-tenant isolation
  • invoice_id or amount - What to pay
  • payment_method - stripe, paypal, ach
  • approved_by - User ID who approved payment
  • scheduled_date - When to execute (can be immediate)

Validations:

  • Invoice status is 'approved'
  • Amount matches invoice amount
  • Payment method is configured for tenant
  • User has permission to approve payments
  • Sufficient funds (if applicable)

Step 2: Execute Payment

Stripe Payment

const stripe = new Stripe(process.env.STRIPE_SECRET_KEY);

const payment_intent = await stripe.paymentIntents.create({
  amount: invoice.amount,  // cents
  currency: invoice.currency,
  description: `Invoice ${invoice.invoice_number} - ${invoice.vendor_name}`,
  metadata: {
    tenant_id: invoice.tenant_id,
    invoice_id: invoice.id,
  },
});

// Confirm payment
const confirmed = await stripe.paymentIntents.confirm(payment_intent.id, {
  payment_method: tenant_payment_method_id,
});

ACH Payment

// Via Stripe or Plaid
const transfer = await stripe.transfers.create({
  amount: invoice.amount,
  currency: invoice.currency,
  destination: vendor_stripe_account_id,
});

PayPal Payment

// Via PayPal SDK
const payment = await paypal.createPayment({
  amount: cents_to_dollars(invoice.amount),
  currency: invoice.currency,
  recipient: vendor_paypal_email,
});

Step 3: Update Invoice Status

On success:

UPDATE invoices
SET status = 'paid',
    paid_at = NOW(),
    updated_at = NOW()
WHERE id = $1 AND tenant_id = $2;

On failure:

  • Log error to agent_runs table
  • Create alert for manual review
  • Do NOT mark as paid

Step 4: Audit Log

INSERT INTO audit_log (tenant_id, user_id, action, entity_type, entity_id, changes)
VALUES (
  $1,  -- tenant_id
  $2,  -- user_id (approved_by)
  'approve',  -- action
  'invoices',  -- entity_type
  $3,  -- invoice_id
  jsonb_build_object(
    'payment_method', 'stripe',
    'payment_intent_id', payment_intent.id,
    'amount', invoice.amount,
    'status', 'paid'
  )
);

Step 5: Confirmation

Return payment confirmation:

{
  "success": true,
  "invoice_id": "uuid",
  "payment_id": "pi_1234...",  // Stripe payment intent ID
  "amount": 50000,  // cents
  "currency": "USD",
  "status": "paid",
  "paid_at": "2026-01-15T14:30:00Z",
  "payment_method": "stripe",
  "confirmation_number": "..."
}

Payment Scheduling

For future payments:

INSERT INTO scheduled_payments (
  tenant_id, invoice_id, amount, currency,
  payment_method, scheduled_date, status
)
VALUES ($1, $2, $3, $4, $5, $6, 'pending');

Cron job checks scheduled_payments daily and executes when scheduled_date <= NOW().

Webhook Handling

Process Stripe webhooks:

  • payment_intent.succeeded - Mark invoice as paid
  • payment_intent.payment_failed - Alert user, retry or manual review
  • charge.refunded - Create refund transaction

Error Handling

  • Insufficient Funds - Alert user, reschedule payment
  • Payment Method Invalid - Request updated payment method
  • API Error - Retry with exponential backoff (3 attempts)
  • Network Timeout - Check payment status before retry (idempotency)
  • Declined Payment - Alert user, mark for manual review

Integration Points

  • stripe-integrator (Integration worker) - Stripe API
  • paypal-integrator (Integration worker) - PayPal API
  • payment-processor (AP worker) - Payment execution logic
  • audit-trail - Immutable audit log

Models

  • Payment Logic: Deterministic (no LLM)
  • Error Analysis: Claude Sonnet 4 (for complex error scenarios)

Security

  • Idempotency - Use idempotency keys for Stripe to prevent duplicate charges
  • PCI Compliance - Never store full credit card numbers
  • Secrets Management - API keys in environment variables, never in code
  • Rate Limiting - Respect payment gateway rate limits
  • Audit Trail - Log all payment attempts (success and failure)
  • User Authorization - Verify user can approve payments (RBAC)
  • Amount Verification - Confirm amount matches invoice before payment

Invoke this skill when executing vendor payments or processing customer payments through integrated gateways.

Related skills

Next.js App Router Expert

Development

A skill that turns Claude into a Next.js App Router expert.

Claude CodeCursoradvanced
890
234
2,846
Admin

README Generator

Development

Creates professional and comprehensive README.md files for your projects.

claudeCursorWindsurfbeginner
259
72
821
Admin

API Documentation Writer

Development

Generates comprehensive API documentation in OpenAPI/Swagger format.

claudeCursorWindsurfintermediate
156
44
682
Admin