Payment and billing integration -- Stripe, subscriptions, invoicing, tax, PCI compliance.
From godmodenpx claudepluginhub arbazkhan971/godmodeThis skill uses the workspace's default tool permissions.
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
/godmode:pay, "integrate Stripe", "accept payments"grep -r "stripe\|paypal\|braintree" \
package.json requirements.txt 2>/dev/null
Model: one-time | subscription | metered | marketplace
Currency: <primary, multi-currency?>
Methods: cards, wallets, bank, BNPL
Tax: US sales tax | EU VAT | provider (Stripe Tax)
Compliance: PCI-DSS level, refund policy
const stripe = new Stripe(process.env.STRIPE_SECRET_KEY);
const pi = await stripe.paymentIntents.create({
amount, currency, customer: customerId,
automatic_payment_methods: { enabled: true },
metadata, idempotency_key: `pi_${orderId}`,
});
Flow: Client initiates -> Server creates PaymentIntent -> Returns client_secret -> Client uses Elements (card data NEVER touches server) -> Confirms -> Webhook: payment_intent.succeeded -> Fulfill order.
IF PayPal: Orders API v2, capture server-side. Always verify webhook signatures.
Events & Actions:
Created -> provision features
Payment succeeded -> extend access, receipt
Payment failed -> retry 3x with dunning
Updated -> prorate, adjust features
Canceled -> access until period end, downgrade
Dunning schedule:
Day 0: retry immediately
Day 3: email "Update payment"
Day 7: email "Account at risk"
Day 14: email "Last chance"
Day 21: cancel, downgrade to free
Lifecycle: DRAFT -> OPEN -> PAID | VOID. Format: INV-{YYYY}-{sequential}. Store in DB + PDF in S3. Include line items, subtotal, tax, discounts, total.
Use Stripe Tax, TaxJar, or Avalara -- NEVER calculate tax yourself. US: nexus ($100K/200 txns). EU VAT: B2C = customer-country rate; B2B = reverse charge with VIES-validated VAT ID.
IF PCI scope expanded: run compliance check. WHEN payment fails: check idempotency key first.
Target SAQ-A: card data via Stripe.js iframe, never touches server. HTTPS everywhere, API keys in secrets manager, webhook signatures verified, no card data in logs, idempotency keys on all writes.
const event = stripe.webhooks.constructEvent(
req.body, req.headers['stripe-signature'],
process.env.STRIPE_WEBHOOK_SECRET
);
// Check idempotency by event.id
// Process in DB transaction
res.status(200).json({ received: true });
Return 200 within 30s. Process async if slow. Store raw events. Reconcile daily.
Append .godmode/pay-results.tsv:
timestamp component provider status details
KEEP if: webhook verification passes AND idempotency
on all writes AND no card data touches server.
DISCARD if: verification missing OR duplicate charges
OR PCI scope expanded.
STOP when ALL of:
- Webhook signatures verified
- Idempotency keys on all writes
- Event replay = zero duplicate side effects
- SAQ-A compliant
On failure: git reset --hard HEAD~1. Never pause.
| Failure | Action |
|---|---|
| API key missing | Print env var names, link dashboard |
| Webhook sig fails | Verify secret, use stripe listen |
| Payment fails | Map error codes to user messages |
| Duplicate charges | Check idempotency, refund dupes |
| Tax calc fails | Verify provider credentials |