Which payment processors are supported?

While it includes specific examples for Stripe, the logic and patterns for tokenization, data sanitization, and audit logging are applicable to all major payment processors.

Does it provide encryption code examples?

Yes, the skill includes production-ready Python examples for encrypting data at rest using AES-256-GCM and securing data in transit via TLS 1.2+.

How does this skill help reduce PCI compliance scope?

It provides implementation patterns for tokenization and hosted payment fields, ensuring sensitive card data never touches your server, which helps you qualify for simpler SAQs like SAQ A.

Can I store CVV or PIN data using this skill?

No. This skill strictly enforces PCI DSS guidelines which prohibit the storage of CVV, CVV2, PIN, or full magnetic track data under any circumstances.

PCI Compliance Security

Name: PCI Compliance Security
Author: HermeticOrmus

byHermeticOrmus

0•

安全与测试

Implements PCI DSS requirements to ensure the secure handling, storage, and transmission of payment card data.

The PCI Compliance skill provides comprehensive guidance and implementation patterns for securing payment processing systems according to the Payment Card Industry Data Security Standard (PCI DSS). It assists developers in building secure payment flows, implementing robust tokenization and encryption, and maintaining audit logs to protect sensitive cardholder data. Whether you are building a custom e-commerce backend or integrating with third-party processors like Stripe, this skill helps reduce compliance scope and ensures adherence to the 12 core security requirements of the payment industry.

主要功能

010 GitHub stars

02Automated PCI-compliant audit logging and access control systems

03Guidance for Self-Assessment Questionnaires (SAQ) and compliance levels

04Implementation of tokenization and AES-256-GCM encrypted storage

05Luhn algorithm validation and secure input handling for payment forms

06Secure data minimization and sanitization patterns for cardholder data

使用场景

01Implementing secure vaulting and encryption for recurring billing systems

02Reducing PCI DSS compliance scope through third-party tokenization integration

03Building secure checkout systems for e-commerce platforms

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hermeticormus/alqvimia-contador pci-compliance

For use in Claude.ai and ChatGPT

主要功能

010 GitHub stars

02Automated PCI-compliant audit logging and access control systems

03Guidance for Self-Assessment Questionnaires (SAQ) and compliance levels

04Implementation of tokenization and AES-256-GCM encrypted storage

05Luhn algorithm validation and secure input handling for payment forms

06Secure data minimization and sanitization patterns for cardholder data

使用场景

01Implementing secure vaulting and encryption for recurring billing systems

02Reducing PCI DSS compliance scope through third-party tokenization integration

03Building secure checkout systems for e-commerce platforms

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hermeticormus/alqvimia-contador pci-compliance

For use in Claude.ai and ChatGPT