jang4360/.agents/skills/billing-toss-stripe
.agents/skills/billing-toss-stripe/SKILL.md
# Skill: billing-toss-stripe ## Purpose Implement payment and subscription logic with Toss (primary) and Stripe (secondary). ## Triggers - Adding payment flow - Implementing subscription - Creating webhook endpoints ## Canonical References - SECURITY_CHECKLIST.md (Webhook + Payment) - AGENTS.md ## Responsibilities - Enforce idempotency - Store raw webhook payloads - Validate order integrity ## Implementation Steps 1. Create billing tables: - billing_customers - billing_subscriptions
development
Updated Apr 6, 2026
$ install --global
skillsauthnpx skillsauth add jang4360/historychat .agents/skills/billing-toss-stripeInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 6, 2026, 2:13 AM18.8s1 file scanned
SKILL.md
Skill: billing-toss-stripe
Purpose
Implement payment and subscription logic with Toss (primary) and Stripe (secondary).
Triggers
- Adding payment flow
- Implementing subscription
- Creating webhook endpoints
Canonical References
- SECURITY_CHECKLIST.md (Webhook + Payment)
- AGENTS.md
Responsibilities
- Enforce idempotency
- Store raw webhook payloads
- Validate order integrity
Implementation Steps
- Create billing tables:
- billing_customers
- billing_subscriptions
- billing_payments
- billing_webhook_events
- Add unique(provider,event_id).
- Insert webhook event first.
- If conflict -> return 200.
- If new -> process state inside transaction.
- Validate payment confirm against DB amount.
Required Artifacts
- packages/billing/*
- app/api/webhooks/*
- migrations/*.sql
Verification
- Duplicate webhook does not duplicate effects
- Payment confirm mismatch is rejected
Related Skills
jang4360/.agents/skills/testing-vitest-playwright
development
VerifiedTrustedCommunity
# Skill: testing-vitest-playwright ## Purpose Ensure test coverage for route handlers and critical flows. ## Triggers - New API route - Billing logic - Auth changes ## Responsibilities - Unit test core logic - Test webhook idempotency - Test auth guards ## Implementation Steps 1. Write unit test for business logic. 2. Mock webhook replay scenario. 3. Test unauthorized access case. ## Required Artifacts - tests/*
SKILL.mdUpdated Apr 6, 2026
jang4360/.agents/skills/systematic-debugging
development
VerifiedTrustedCommunity
# Skill: systematic-debugging ## Purpose Enforce structured debugging workflow. ## Triggers - Production bug - CI failure - Billing mismatch ## Responsibilities - Reproduce - Identify root cause - Patch - Add regression test ## Implementation Steps 1. Reproduce issue locally. 2. Add failing test. 3. Fix. 4. Confirm test passes.
SKILL.mdUpdated Apr 6, 2026
jang4360/.agents/skills/supabase-rls-standard
testing
VerifiedTrustedCommunity
# Skill: supabase-rls-standard ## Purpose Apply standardized Row-Level Security policies. ## Triggers - Creating new tables - Modifying ownership rules - Introducing role-based access ## Canonical References - SECURITY_CHECKLIST.md (RLS section) - AGENTS.md ## Responsibilities - Ensure RLS is enabled - Apply ownership + role override template - Index policy columns ## Implementation Steps 1. Enable RLS on new tables. 2. Create SELECT/INSERT/UPDATE/DELETE policies. 3. Use ownership pattern:
SKILL.mdUpdated Apr 6, 2026
jang4360/.agents/skills/supabase-auth-ssr-session
tools
VerifiedTrustedCommunity
# Skill: supabase-auth-ssr-session ## Purpose Implement SSR-based authentication using Supabase with secure cookie handling. ## Triggers - Adding login/logout - Protecting routes - Accessing user session server-side ## Canonical References - AGENTS.md - SECURITY_CHECKLIST.md (Auth section) ## Responsibilities - Create browser and server Supabase clients - Enforce cookie-based session flow - Protect admin routes ## Implementation Steps 1. Create `createBrowserClient` and `createServerClient`
SKILL.mdUpdated Apr 6, 2026