Payments

Integrate payments with provider selection, checkout flows, subscription billing, and security best practices.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "Payments" with this command: npx skills add ivangdavila/payments

Situation Detection

ContextLoad
Choosing Stripe vs Paddle vs LemonSqueezyproviders.md
Implementing checkout, webhooks, refundsintegration.md
Subscription billing, trials, upgradessubscriptions.md
PCI compliance, fraud preventionsecurity.md

Universal Rules

Never store card data. Use provider-hosted checkout or tokenization. PCI compliance burden explodes the moment raw card numbers touch your server.

Webhooks are truth. Client-side success callbacks lie. A payment succeeded only when your webhook confirms it. Design for webhook-first verification.

Test mode exists for a reason. Use test cards, simulate failures, verify webhook handling. Production surprises cost real money and real customers.

Pricing psychology: $9.99/mo feels cheaper than $120/year, but annual retention is 2-3x higher. Default to annual with monthly option, not the reverse.

Provider Quick Compare

NeedRecommendation
US/global B2CStripe (best docs, widest coverage)
SaaS selling to EU (VAT headache)Paddle, LemonSqueezy (merchant of record)
Simple product, no dev resourcesGumroad, Lemonsqueezy hosted
Marketplace with splitsStripe Connect
High-risk or adultSpecialized processors (CCBill, Epoch)

See providers.md for detailed comparison.

Integration Checklist

Before going live:

  • Webhook endpoint secured and verified
  • Idempotency keys on all charges
  • Failure states handled (declined, expired, insufficient)
  • Receipts and invoices configured
  • Refund flow tested
  • Subscription lifecycle events handled (upgrade, downgrade, cancel)
  • Currency handling explicit (store in cents/smallest unit)

Red Flags

  • Storing CVV anywhere, ever → Instant PCI violation
  • Trusting client-side payment confirmation → Fraud vector
  • No retry logic for failed webhooks → Lost transactions
  • Hardcoding prices in frontend → Easy manipulation
  • Missing cancel_at_period_end handling → Angry customers

When to Load More

SituationReference
Evaluating payment processorsproviders.md
Building checkout, handling webhooksintegration.md
Recurring billing, metering, trialssubscriptions.md
Fraud, PCI, chargebackssecurity.md

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

AI Boss Assistant

Transform any AI into a professional executive assistant with battle-tested personas and workflows. Complete templates for Google Workspace integration (Gmail, Calendar, Drive), milestone delivery system, and security guidelines.

Registry SourceRecently Updated
23.2K
jacky6658
Security

On-Chain Skill Audit

On-chain skill provenance registry. Check, register, audit, and vouch for agent skills on Solana. Use when evaluating skill safety, registering new skills, or looking up provenance before installation.

Registry SourceRecently Updated
01K
Profile unavailable
Security

Solidity LSP

Solidity language server providing smart contract development support including compilation, linting, security analysis, and code intelligence for .sol files. Use when working with Ethereum smart contracts, Substrate pallets, or any Solidity code that needs compilation, security checks, gas optimization, or code navigation. Essential for ClawChain pallet development.

Registry SourceRecently Updated
0848
Profile unavailable