ClawHub

Stripe API Integration

Complete Stripe API integration for payments, subscriptions, checkout, invoices, webhooks, Connect, Issuing, Terminal, and Treasury.

Audits

Pending
ClawScanPass

Agentic behavior and permission review.

Static analysisPending

Pattern checks against bundled files.

VirusTotalPending

Multi-engine malware detections and file reputation.

Install

openclaw skills install stripe-api-integration

Stripe API Integration

Complete Stripe API reference. See auxiliary files for detailed operations.

Quick Start

curl https://api.stripe.com/v1/balance -u "$STRIPE_SECRET_KEY:"

Setup

On first use, read setup.md. Preferences stored in ~/stripe-api-integration/memory.md.

When to Use

Any Stripe operation: payments, subscriptions, invoices, checkout, webhooks, Connect, Issuing, Terminal, Treasury.

Architecture

~/stripe-api-integration/
├── memory.md      # Account context
└── webhooks.md    # Webhook configs

Quick Reference

TopicFile
Setup & memorysetup.md, memory-template.md
Payments, refunds, disputespayments.md
Customers, products, pricescustomers.md
Subscriptions, usage billingsubscriptions.md
Checkout Sessionscheckout.md
Connect (marketplaces)connect.md
Webhooks & eventswebhooks.md
Invoices, quotes, taxinvoices.md
Issuing, Terminal, Treasury, Identity, Radaradvanced.md

Core Rules

  1. Test mode first — Use sk_test_* keys. Test card: 4242424242424242
  2. Amounts in cents — $10.00 = 1000
  3. Idempotency keys — Prevent duplicate charges
  4. Webhooks required — Never trust API response alone
  5. Expand objects — Use ?expand[]=customer for related data
  6. Pagination — Use starting_after for large lists
  7. Error handling — See payments.md for error codes

Authentication

Required environment variables:

  • STRIPE_SECRET_KEY — API key for all Stripe operations (starts with sk_test_ or sk_live_)
  • STRIPE_WEBHOOK_SECRET — Signing secret for webhook verification (starts with whsec_)
curl https://api.stripe.com/v1/customers -u "$STRIPE_SECRET_KEY:"

Common Traps

  • Amount in dollars not cents → 100x wrong charge
  • No idempotency key → duplicate charges
  • Skip webhook verification → accept fake events
  • Ignore requires_action → 3DS stuck

External Endpoints

EndpointPurpose
https://api.stripe.com/v1/*API

Security & Privacy

Environment variables used:

  • STRIPE_SECRET_KEY — for API authentication
  • STRIPE_WEBHOOK_SECRET — for webhook signature verification

Sent to Stripe: Customer info, payment data via api.stripe.com Stays local: API keys (never logged), ~/stripe-api-integration/ preferences Never: Log card numbers, skip webhook verification, expose keys

Trust

This skill sends data to Stripe (stripe.com).

Related Skills

Install with clawhub install <slug> if user confirms:

  • api — REST API patterns
  • saas — SaaS metrics
  • webhook — Webhook patterns

Feedback

  • If useful: clawhub star stripe-api-integration
  • Stay updated: clawhub sync