Monetization

Implement billing, payments, and subscription features. Use this skill when monetization functionality is requested, including Stripe integration, pricing pages, and webhook handling.

5 stars

Best use case

Monetization is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Implement billing, payments, and subscription features. Use this skill when monetization functionality is requested, including Stripe integration, pricing pages, and webhook handling.

Teams using Monetization should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/monetization/SKILL.md --create-dirs "https://raw.githubusercontent.com/BasharAmso/Bashi/main/.claude/skills/monetization/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/monetization/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How Monetization Compares

Feature / AgentMonetizationStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Implement billing, payments, and subscription features. Use this skill when monetization functionality is requested, including Stripe integration, pricing pages, and webhook handling.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Skill: Monetization

## Metadata

| Field | Value |
|-------|-------|
| **Skill ID** | SKL-0011 |
| **Version** | 1.0 |
| **Owner** | builder |
| **Inputs** | Task description, PRD, DECISIONS.md, user/auth models |
| **Outputs** | Billing service files, BILLING.md, STATE.md updated |
| **Triggers** | `MONETIZATION_REQUESTED` |

---

## Purpose

Implement payment processing, subscriptions, paywalls, and billing. Start with the simplest billing model that works; make it easy to change pricing later.

---

## Step 0: Provider Detection

Before proceeding, determine the billing provider. Read `docs/ARCHITECTURE.md` and `docs/PRD.md` for platform context.

| Platform / Context | Provider | Notes |
|-------------------|----------|-------|
| Web app (default) | **Stripe** | Use the Stripe procedure below |
| Shopify app | **Shopify AppSubscription** | Use Shopify Billing API, not Stripe. Route to SKL-0010 (API Integration) instead. |
| iOS app | **Apple In-App Purchase** | Use StoreKit 2. Apple requires IAP for digital goods. Route to SKL-0007 (Mobile Dev) instead. |
| Android app | **Google Play Billing** | Use Google Play Billing Library. Required for digital goods on Play Store. Route to SKL-0007 instead. |
| Physical goods / services | **Stripe** | Platform billing rules don't apply to physical goods |

**If the provider is not Stripe:** Log a decision in DECISIONS.md noting the provider choice, then route to the appropriate skill (SKL-0010 or SKL-0007). Do not proceed with the Stripe procedure below.

**If the provider is Stripe:** Continue with the procedure below.

---

## Billing Model to Stripe Mapping

| Model | Stripe Primitives |
|-------|------------------|
| Flat subscription | Product + Price (recurring) + Subscription |
| Usage-based | Product + Price (metered) + UsageRecord |
| One-time | Product + Price (one-time) + PaymentIntent |
| Freemium | Free tier in app logic + Subscription for paid |
| Per-seat | Subscription with quantity parameter |

---

## Procedure

1. **Confirm billing model** from PRD. If unspecified, ask user. Log to DECISIONS.md.
2. **Set up Stripe:**
   - Env vars: `STRIPE_SECRET_KEY`, `STRIPE_PUBLISHABLE_KEY`, `STRIPE_WEBHOOK_SECRET`
   - Always pin Stripe API version
3. **Database schema** — add billing fields via migration: `stripe_customer_id`, `subscription_status`, `subscription_id`, `current_period_end`, `plan_id`.
4. **Checkout flow** — create Stripe checkout session server-side. Get-or-create Stripe customer. Support trial periods and promo codes.
5. **Webhook handler (most critical):**
   - Always verify signatures — never skip
   - Handle idempotently (same event may arrive twice)
   - Minimum events: `checkout.session.completed`, `customer.subscription.updated`, `customer.subscription.deleted`, `invoice.payment_failed`, `invoice.payment_succeeded`
   - Return 200 even on handler errors (prevent retry loops)
6. **Access control** — paywall middleware checks subscription status from DB (not JWT). Plan hierarchy enforcement.
   - **Critical rule:** Stripe is source of truth. DB is a cache synced via webhooks.
7. **Customer portal** — use Stripe's hosted billing portal for self-serve management.
8. **Document in `docs/BILLING.md`** — provider, model, plans, webhook endpoint, test cards.
9. **Update STATE.md.**

---

## Constraints

- Never hardcodes Stripe keys or price IDs
- Never trusts client-side subscription state — always verify from DB
- Never skips webhook signature verification
- Never modifies subscription status directly — only via webhook handlers
- Always pins Stripe API version
- Always returns 200 from webhook handler

---

## Primary Agent

builder

---

## Definition of Done

- [ ] Billing model confirmed and logged to DECISIONS.md
- [ ] Stripe API version pinned
- [ ] Database migration created for billing fields
- [ ] Checkout session flow implemented
- [ ] Webhook handler with signature verification
- [ ] All 5 critical webhook events handled idempotently
- [ ] Access control middleware implemented
- [ ] Customer portal endpoint created
- [ ] No hardcoded Stripe keys
- [ ] BILLING.md created
- [ ] STATE.md updated

## Output Contract

| Field | Value |
|-------|-------|
| **Artifacts** | Billing service files, webhook handlers, paywall middleware, `docs/BILLING.md` |
| **State Update** | `.claude/project/STATE.md` — mark task complete, log files modified |
| **Decision Log** | `.claude/project/knowledge/DECISIONS.md` — billing model, provider choice |
| **Handoff Event** | `TASK_COMPLETED` (monetization implemented) |

Related Skills

Supply Chain Audit

5
from BasharAmso/Bashi

Audit the dependency supply chain for security risks beyond what `npm audit` or `pip audit` catches. Analyzes dependency health, maintainer trust signals, typosquatting risk, and transitive dependency exposure.

SEO Audit

5
from BasharAmso/Bashi

Audit web pages for search engine optimization: meta tags, heading hierarchy, structured data, image optimization, mobile-friendliness, and content quality. Complements SKL-0013 (Growth & Distribution) by validating what was built.

Pitch Deck

5
from BasharAmso/Bashi

Create a structured pitch deck outline for investors, stakeholders, or partners. Covers problem, solution, market, traction, team, and ask. Natural output after PRD + Problem Stress Test validation.

Launch Checklist

5
from BasharAmso/Bashi

Pre-launch validation covering everything deployment (SKL-0021) doesn't: analytics, error tracking, social meta, legal pages, email setup, DNS, SSL, and go-live readiness. Produces a launch readiness report with pass/fail checklist. Use this skill before going live on any project.

Insecure Defaults Detection

5
from BasharAmso/Bashi

Detect insecure default configurations, hardcoded credentials, fail-open security patterns, and dangerous default values in application code and configuration files. Complements SKL-0015 (Security Audit) by focusing on configuration-level vulnerabilities that dependency scanners miss.

Differential Security Review

5
from BasharAmso/Bashi

Security-focused review of code changes using git diff analysis. Identifies security implications of recent modifications — new attack surfaces, removed protections, changed auth logic, and risky refactors. Complements SKL-0016 (Code Review) with a security lens on diffs.

Copywriting

5
from BasharAmso/Bashi

Write conversion-focused copy using proven frameworks (AIDA, PAS, BAB). Produces headlines, CTAs, landing page copy, email sequences, and micro-copy. Ensures copy matches brand voice and target audience.

Competitor Analysis

5
from BasharAmso/Bashi

Structured competitor research: features, pricing, positioning, gaps, and differentiation strategy. Feeds into PRD Writing (SKL-0004) and Problem Stress Test (SKL-0027) with better market context.

UX Design

5
from BasharAmso/Bashi

Design user experiences including wireframes, flows, and interaction patterns. Use this skill when UX design work is requested, including onboarding flows and interface layouts.

User Acceptance Testing

5
from BasharAmso/Bashi

Structured QA testing with four modes: diff-aware (auto-scoped to branch changes), full (systematic exploration), quick (30-second smoke test), and regression (compare against baseline). Produces health score, structured reports, and actionable bug lists. Use this skill when UAT is requested or a feature is ready for acceptance testing.

Token Audit

5
from BasharAmso/Bashi

Audit the current project for token waste patterns. Produces a Token Health Report with scored findings and actionable fixes. Use this skill when token usage feels high, sessions are hitting limits, or before optimizing costs.

Test Writing

5
from BasharAmso/Bashi

Write automated tests for existing or new functionality. Use this skill when tests are requested, including unit tests, integration tests, and end-to-end tests.