The Agent Skills Directory

[SAFE]: The skill provides extensive security documentation for payment integration, focusing on protecting merchant credentials and verifying transaction integrity.\n- [SAFE]: Explicit instructions are provided to store sensitive API keys and hashes in environment variables to prevent accidental exposure.\n- [SAFE]: The skill includes a detailed PCI DSS compliance checklist that steers developers toward secure, low-compliance-burden integration patterns like PSP-hosted payment pages.\n- [SAFE]: Implementation examples for webhooks include mandatory signature validation (CheckMacValue) and idempotency checks to protect against fraud and processing errors.\n- [SAFE]: The use of public sandbox credentials for the ECPay service is a standard industry practice for testing and does not represent a leak of private data.

tw-payment-integration