payment-gateway-integration
Integrates payment processing with Stripe, PayPal, or Square including subscriptions, webhooks, and PCI compliance. Use when implementing checkout flows, recurring billing, or handling refunds and disputes.
89
86%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Advisory
Suggest reviewing before use
Quality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is an excellent skill description that hits all the marks. It names specific payment providers, lists concrete capabilities, and includes an explicit 'Use when' clause with natural trigger terms. The description is concise, uses third-person voice, and carves out a clear, distinctive niche.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions and technologies: 'payment processing with Stripe, PayPal, or Square', 'subscriptions', 'webhooks', 'PCI compliance', 'checkout flows', 'recurring billing', 'refunds and disputes'. | 3 / 3 |
Completeness | Clearly answers both 'what' (integrates payment processing with specific providers, including subscriptions, webhooks, PCI compliance) and 'when' (explicit 'Use when implementing checkout flows, recurring billing, or handling refunds and disputes'). | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural terms users would say: 'Stripe', 'PayPal', 'Square', 'payment processing', 'subscriptions', 'webhooks', 'checkout flows', 'recurring billing', 'refunds', 'disputes', 'PCI compliance'. These are all terms a developer would naturally use when seeking payment integration help. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive with a clear niche in payment processing. The specific provider names (Stripe, PayPal, Square) and domain-specific terms (PCI compliance, checkout flows, recurring billing) make it very unlikely to conflict with other skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
72%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
The skill provides strong, executable Stripe integration code and good progressive disclosure by deferring PayPal details to a reference file. Its main weaknesses are redundancy between the security checklist and best practices sections, and the lack of a clear step-by-step implementation workflow with validation checkpoints for what is inherently a multi-step, security-sensitive integration process.
Suggestions
Merge the Security Checklist and Best Practices sections into a single concise section to eliminate redundancy (e.g., 'webhook signature verification' and 'use official SDKs' appear in both).
Add an explicit implementation workflow with numbered steps and validation checkpoints, e.g.: 1. Set up sandbox credentials, 2. Implement payment intent, 3. Test with Stripe CLI (`stripe listen --forward-to localhost:3000/webhooks/stripe`), 4. Verify webhook signatures work, 5. Switch to production keys.
Add a brief note about the `await` keyword in the webhook handler's switch statement, which requires the callback to be `async` — the current code uses `await` inside a non-async callback, which is a bug.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The security checklist and best practices sections have significant overlap (both mention webhook signatures, official SDKs, sandbox testing, not storing card data). The 'Do/Don't' list largely restates the checklist. Otherwise the code sections are reasonably lean. | 2 / 3 |
Actionability | Provides fully executable Node.js code for Stripe payment intents, subscriptions, refunds, and webhook handling. The code is copy-paste ready with proper error handling patterns and real Stripe API calls. | 3 / 3 |
Workflow Clarity | There's no explicit sequenced workflow for implementing a payment integration end-to-end. The security checklist exists but there are no validation checkpoints or feedback loops for testing webhook signatures, verifying sandbox behavior before going live, or handling failed deployments. | 2 / 3 |
Progressive Disclosure | The skill provides a concise overview with Stripe code inline (the primary use case) and appropriately delegates PayPal to a one-level-deep reference file with a clear description of what it contains. The structure is well-organized with clear section headers. | 3 / 3 |
Total | 10 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- secondsky/claude-skills
- Commit
88da5ff
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.