The Agent Skills Directory

Processing of Sensitive Financial Information: The skill is designed to handle payment credentials like virtual card numbers and billing addresses. It incorporates a security feature allowing the agent to save these details to a local file with restricted permissions (0600), which helps ensure that sensitive data is not stored in plain text within chat transcripts or system logs.
Interaction with External Merchant Data: The skill requires the agent to analyze merchant websites and HTTP headers to identify the appropriate payment credential type (Card vs. Shared Payment Token). While analyzing external sites is an ingestion point for untrusted data, the skill mitigates risk by instructing the agent to validate headers using a specialized CLI tool and by providing guidance to avoid suspicious or phishing-related domains.
Tool Installation and Runtime Execution: The skill relies on the @stripe/link-cli package, which is managed through standard Node.js package managers. This tool executes the core logic for authentication and transaction management. The use of official vendor-supported tools is consistent with the skill's primary purpose of facilitating secure financial transactions.

create-payment-credential