Is encryption for data at rest covered?

Yes, it provides production-ready Python examples using AES-256-GCM to encrypt cardholder data that must be stored according to PCI requirements.

Does it include specific implementations for Stripe?

Yes, it includes patterns for client-side tokenization and server-side charge handling designed to integrate safely with payment processors like Stripe.

Can this skill help prepare for a PCI audit?

It provides a comprehensive checklist of the 12 core PCI DSS requirements and implementation examples for monitoring, access control, and network security.

How does the skill handle application logging?

The skill provides utility functions to sanitize logs by masking Primary Account Numbers (PANs) and automatically removing prohibited data like CVVs and PINs.

How does this skill help reduce PCI DSS scope?

It provides patterns for tokenization and data minimization, ensuring sensitive card details never reach your server, which helps you qualify for simplified compliance assessments like SAQ A.

PCI Security Compliance

Name: PCI Security Compliance
Author: EngineerWithAI

byEngineerWithAI

0•

Soluciones de Comercio Electrónico

Implements PCI DSS security requirements for secure payment card data handling and payment system architecture.

This skill provides specialized guidance and implementation patterns for achieving and maintaining PCI DSS (Payment Card Industry Data Security Standard) compliance. It assists developers in securing payment processing workflows by implementing core requirements such as data tokenization, AES-256-GCM encryption for data at rest, and strict access controls. Use this skill to minimize compliance scope, prevent the storage of prohibited cardholder data, and establish robust audit logging for sensitive financial transactions.

Características Principales

01PCI DSS compliance checklists and SAQ guidance

02Automated cardholder data sanitization and log masking

03Secure tokenization patterns for Stripe and custom vaults

04AES-256-GCM encryption implementations for sensitive data

05Role-based access control and audit trail logging

060 GitHub stars

Casos de Uso

01Building secure payment gateways with minimal compliance scope

02Securing financial application logs against accidental data leaks

03Implementing Luhn algorithm validation and sensitive data masking

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add engineerwithai/engineerwith-agents pci-compliance

For use in Claude.ai and ChatGPT

Download Skill