orcaqubits/ap2-human-not-present-flow
dist/cursor/ap2-agentic-payments/skills/ap2-human-not-present-flow/SKILL.md
Implement the AP2 human-not-present transaction flow — autonomous agent shopping with Intent Mandate authorization, constraint enforcement, and merchant escalation. Use when building autonomous agent purchasing that works after the user has left.
$ install --global
skillsauthnpx skillsauth add orcaqubits/agentic-commerce-claude-plugins ap2-human-not-present-flowInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 9, 2026, 6:52 AM192.1s1 file scanned
SKILL.md
- name:
- ap2-human-not-present-flow
- description:
- >
AP2 Human-Not-Present Transaction Flow
Before writing code
Fetch live docs:
- Fetch
https://ap2-protocol.org/specification/for the human-not-present flow specification - Web-search
site:github.com google-agentic-commerce AP2 human-not-present intent mandatefor samples - Fetch
https://ap2-protocol.org/topics/core-concepts/for flow overview - Fetch
https://ap2-protocol.org/roadmap/to check current support level (V0.1 scope)
Conceptual Architecture
What Human-Not-Present Means
In a human-not-present flow, the user provides authorization upfront and then leaves. The Shopping Agent acts autonomously within the constraints defined in the signed Intent Mandate.
Important: Roadmap Status
The AP2 V0.1 specification focuses on human-present scenarios. Human-not-present support is on the V1.x roadmap. Check the latest specification for current support level.
Flow Overview
Phase 1: Intent Capture (User Present)
1. User → SA: Expresses shopping intent ("Buy me running shoes under $150")
2. SA → User: Repeats back understanding for confirmation
3. User: Confirms via in-session authentication
4. SA: Creates Intent Mandate from user's expressed intent
5. User → SA: Signs the Intent Mandate (hardware-backed)
6. User: May go offline
Phase 2: Autonomous Shopping (User Absent)
7. SA → Merchant: Presents Intent Mandate
8. Merchant: Evaluates whether they can fulfill within constraints
9. If uncertain → Merchant may force user confirmation (escalate)
10. If needs info → Merchant asks clarification (update Intent Mandate)
11. If can fulfill → Merchant creates Cart Mandate with offer
Phase 3: Authorization (May Require User)
12. SA: Evaluates Cart Mandate against Intent Mandate constraints
13. If within bounds → SA proceeds with payment
14. If outside bounds → SA rejects or escalates to user
15. Payment processing (similar to human-present Phase 4-6)
Key Differences from Human-Present
| Aspect | Human-Present | Human-Not-Present | |--------|--------------|-------------------| | User involvement | Throughout | Only at start (signing) | | Primary VDC | Cart Mandate | Intent Mandate | | Specificity | Exact items | Categories + constraints | | Agent autonomy | Low (user confirms) | High (agent decides within bounds) | | Risk level | Lower | Higher (needs more safeguards) |
Merchant Escalation Paths
The merchant can escalate from human-not-present to human-present:
- SKU Selection Required — Merchant has multiple matching products, needs user to choose → becomes human-present Cart Mandate flow
- Clarification Questions — Merchant needs more information about requirements → Shopping Agent may auto-respond from Intent Mandate or ask user
- Force User Confirmation — Merchant uncertain about matching, requires explicit human approval → full human-present authorization
Constraint Evaluation
The Shopping Agent must enforce Intent Mandate constraints:
- Price — Is the offer within the authorized price range?
- Category — Does the product match authorized categories?
- Brand — Does the product match brand preferences?
- Quality — Does the product meet quality criteria?
- TTL — Is the Intent Mandate still valid (not expired)?
If any constraint is violated, the agent must:
- Reject the offer
- Try a different merchant
- Or escalate to the user for updated authorization
Natural Language Audit
The Intent Mandate captures the user's actual words:
- "Buy me the cheapest running shoes under $150 in size 10"
- This natural language record provides accountability
- If the agent buys something outside this intent, the record shows the discrepancy
Best Practices
- Capture the user's intent precisely — errors here propagate through the whole flow
- Set conservative TTLs for Intent Mandates
- Always enforce constraint checking before proceeding with payment
- Handle merchant escalation gracefully
- Implement clear logging of agent decisions for audit
- Support the escalation from human-not-present to human-present smoothly
- Notify the user of purchase completion (even though they're not present)
- Check the roadmap — full human-not-present may have limited V0.1 support
Fetch the specification for the current support level and exact Intent Mandate fields before implementing autonomous flows.
Related Skills
orcaqubits/spree-headless-storefront
development
VerifiedTrustedCommunity
Build with Spree's headless Next.js storefront — the official `spree/storefront` repo (Next.js 16 App Router with Server Actions and Turbopack, React 19 Server Components, Tailwind CSS 4, TypeScript 5, `@spree/sdk`, Sentry), server-only auth (httpOnly JWT cookies + publishable key), MeiliSearch faceted catalog, one-page checkout with Apple/Google Pay/Klarna/Affirm/SEPA, multi-region market routing, GA4 + JSON-LD SEO, and Vercel/Docker deployment. Use when forking or customizing the storefront, or evaluating headless adoption.
27SKILL.mdUpdated May 14, 2026
orcaqubits/spree-extensions
tools
VerifiedTrustedCommunity
Build Spree extensions as Rails engines — gem scaffolding, `bin/rails g spree:extension`, mounting routes/migrations/assets, the modern `prepend` decorator pattern (`*_decorator.rb` with `self.prepended(base)`), generators (`spree:model_decorator`, `spree:controller_decorator`), the four customization surfaces in preference order (Events > Webhooks > Dependencies > Decorators), Spree::Dependencies for swapping service objects, gem release/versioning, and the deprecated Deface engine. Use when building a reusable Spree extension or adding non-trivial customization to an app.
27SKILL.mdUpdated May 14, 2026
orcaqubits/spree-events-webhooks
development
VerifiedTrustedCommunity
Build with Spree's event bus and Webhooks 2.0 — `Spree::Events` publication, `Spree::Subscriber` DSL with `subscribes_to` and `on`, wildcard matching, lifecycle events (`{model}.created/.updated/.deleted` via `publishes_lifecycle_events`), the canonical event catalog (order.*, payment.*, shipment.*, product.*), Webhooks 2.0 endpoints, HMAC-SHA256 signing (`X-Spree-Webhook-Signature`), exponential-backoff retries, and Sidekiq job orchestration. Use when wiring event-driven business logic, building webhook consumers, or replacing ActiveSupport callback chains.
27SKILL.mdUpdated May 14, 2026
orcaqubits/spree-dev-patterns
tools
VerifiedTrustedCommunity
Cross-cutting Spree development patterns — the customization preference hierarchy (Events > Webhooks > Dependencies > Decorators), `Spree::Dependencies` service-object swapping, the `_decorator.rb` + `prepend` + `self.prepended` idiom, idempotent subscribers and webhook receivers, multi-store scoping discipline, prefixed IDs, calculator polymorphism (shipping/promotion/tax share the base), service-object composition with `dry-monads` or simple results, why to avoid `class_eval` reopening and Deface, and Spree-on-Rails idioms (Hotwire/Turbo Stimulus, ActiveStorage, Action Cable, Sidekiq). Use when designing the architecture of a Spree extension or solving cross-cutting concerns.
27SKILL.mdUpdated May 14, 2026