OpenSkillIndex← back to search
finance

Vibeship-spawner-skills fintech-integration

id: fintech-integration

install
source · Clone the upstream repo
git clone https://github.com/vibeforge1111/vibeship-spawner-skills
manifest: finance/fintech-integration/skill.yaml
tags
#fintech-integration#payment-processing#kyc-aml#webhook-handling#plaid-stripe#financial-compliance
source content

id: fintech-integration name: Fintech Integration category: finance description: Use when integrating Plaid, Stripe, payment processors, or financial APIs - covers account linking, payment processing, KYC/AML compliance, and webhook handling

patterns: golden_rules: - rule: "Never store raw credentials" reason: "Use tokenization - Plaid/Stripe handle this" - rule: "Idempotency keys always" reason: "Prevents duplicate payments" - rule: "Webhook verification" reason: "Prevent spoofed events" - rule: "Graceful degradation" reason: "Financial services must stay up" - rule: "Audit everything" reason: "Compliance requires paper trail"

api_landscape: bank_data: - "Plaid" - "MX" - "Yodlee" payments: - "Stripe" - "Adyen" - "Square" identity: - "Persona" - "Alloy" - "Jumio" lending: - "Blend" - "Amount" crypto: - "Coinbase" - "Circle" - "Fireblocks" infrastructure: - "Moov" - "Unit" - "Treasury Prime"

plaid_flow: - "Create Link token with products/country" - "User completes Plaid Link" - "Exchange public token for access token" - "Store access token (encrypted)" - "Fetch accounts/transactions"

stripe_flow: - "Create customer with idempotency key" - "Attach payment method (card/bank)" - "Create PaymentIntent with idempotency key" - "Handle webhook confirmation" - "Update internal records"

webhook_best_practices: - "Verify signature before processing" - "Track processed event IDs for idempotency" - "Process asynchronously for reliability" - "Return 200 quickly, process in background" - "Implement retry logic for failures"

anti_patterns:

  • pattern: "No idempotency keys" problem: "Duplicate charges possible" solution: "Always use unique idempotency keys"
  • pattern: "Storing credentials" problem: "Security breach risk" solution: "Use tokenization"
  • pattern: "Ignoring webhooks" problem: "Missed payment updates" solution: "Implement robust webhook handling"
  • pattern: "No retry logic" problem: "Failed payments stay failed" solution: "Implement exponential backoff"
  • pattern: "Synchronous only" problem: "Timeouts, poor UX" solution: "Use webhooks for async updates"

implementation_checklist: setup: - "Set up separate test/production API keys" - "Configure webhook endpoints" - "Encrypt all tokens at rest" plaid: - "Implement Plaid Link for bank connection" - "Handle item errors and reauth" - "Use processor tokens for Plaid→Stripe" stripe: - "Always include idempotency keys" - "Handle 3D Secure authentication" - "Implement subscription lifecycle" webhooks: - "Verify all webhook signatures" - "Handle webhook idempotency" - "Set up monitoring and alerting" compliance: - "Log all financial operations (audit trail)" - "Implement PCI DSS requirements" - "Never log full card/account numbers"

handoffs:

  • skill: backend trigger: "API and database integration"
  • skill: auth-specialist trigger: "user authentication flow"
  • skill: blockchain-defi trigger: "crypto payment integration"

ecosystem: plaid: - "plaid-python - Official SDK" - "plaid-link - Frontend component" stripe: - "stripe-python - Official SDK" - "stripe.js - Frontend tokenization" infrastructure: - "FastAPI/Flask - Webhook endpoints" - "Celery - Async processing" monitoring: - "Sentry - Error tracking" - "Datadog - Payment metrics"

sources: tutorials: - "Plaid API Documentation" - "Stripe and Plaid Integration - Insart" articles: - "10 Must-Have Fintech APIs 2025"