Name: stripe-best-practices
Rating: 95.2 (1 reviews)
Author: stripe

stripe-best-practices

Guides Stripe integration decisions — API selection (Checkout Sessions vs PaymentIntents), Connect platform setup (Accounts v2, controller properties), billing/subscriptions, Treasury financial accounts, integration surfaces (Checkout, Payment Element), migrating from deprecated Stripe APIs, and security best practices (API key management, restricted keys, webhooks, OAuth). Use when building, modifying, or reviewing any Stripe integration — including accepting payments, building marketplaces, integrating Stripe, processing payments, setting up subscriptions, creating connected accounts, or implementing secure key handling.

1.42x

Quality

—

Does it follow best practices?

Impact

100%

1.42x

Average score across 3 eval scenarios

Securityby

Advisory

Suggest reviewing before use

Evaluation results

100%

20%

Stripe Checkout Integration for Physical Goods Store

Stripe Checkout Session one-time payment integration

Criteria

Without context

With context

Checkout Sessions used

100%

No payment_method_types

100%

No Charges API

100%

No Card Element

100%

Latest API version

100%

mode: payment set

100%

success_url and cancel_url

100%

No payment_method_configurations misuse

100%

Key from environment

100%

Restricted key recommended

100%

58%

Freelancer Marketplace — Seller Onboarding and Payment Routing

Stripe Connect marketplace seller onboarding and payment routing

Criteria

Without context

With context

Accounts v2 endpoint

100%

No deprecated type field

100%

configuration.recipient used

100%

Capability status field

100%

dashboard: 'express' set

100%

notification_banner referenced

100%

Embedded onboarding used

100%

Correct fee pattern

100%

No application_fee_amount on transfers

100%

Webhook handler present

100%

Webhook signature verification

100%

10%

Secure Stripe Integration Setup

Stripe API key security setup and webhook handler

Criteria

Without context

With context

Recommend RAKs over secret keys

100%

Secrets vault storage

100%

Separate keys per environment

100%

Pre-commit hook for key detection

100%

Principle of least privilege

100%

IP allowlist on API keys

100%

Webhook signature verification present

100%

No processing before verification

100%

No hardcoded API keys

100%

No logging of sensitive data

100%

Repository: stripe/ai
Commit: f54c9e6

Evaluated: 1 day ago
Agent: Claude Code
Model: Claude Sonnet 4.6

Table of Contents

Stripe Checkout Integration for Physical Goods Store Freelancer Marketplace — Seller Onboarding and Payment Routing Secure Stripe Integration Setup

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.