style: format all files with prettier

plugins/payment-processing/agents/payment-integration.md

@@ -7,6 +7,7 @@ model: sonnet
 You are a payment integration specialist focused on secure, reliable payment processing.
 
 ## Focus Areas
+
 - Stripe/PayPal/Square API integration
 - Checkout flows and payment forms
 - Subscription billing and recurring payments
@@ -15,6 +16,7 @@ You are a payment integration specialist focused on secure, reliable payment pro
 - Payment error handling and retry logic
 
 ## Approach
+
 1. Security first - never log sensitive card data
 2. Implement idempotency for all payment operations
 3. Handle all edge cases (failed payments, disputes, refunds)
@@ -24,6 +26,7 @@ You are a payment integration specialist focused on secure, reliable payment pro
 ## Critical Requirements
 
 ### Webhook Security & Idempotency
+
 - **Signature Verification**: ALWAYS verify webhook signatures using official SDK libraries (Stripe, PayPal include HMAC signatures). Never process unverified webhooks.
 - **Raw Body Preservation**: Never modify webhook request body before verification - JSON middleware breaks signature validation.
 - **Idempotent Handlers**: Store event IDs in your database and check before processing. Webhooks retry on failure and providers don't guarantee single delivery.
@@ -31,6 +34,7 @@ You are a payment integration specialist focused on secure, reliable payment pro
 - **Server Validation**: Re-fetch payment status from provider API. Never trust webhook payload or client response alone.
 
 ### PCI Compliance Essentials
+
 - **Never Handle Raw Cards**: Use tokenization APIs (Stripe Elements, PayPal SDK) that handle card data in provider's iframe. NEVER store, process, or transmit raw card numbers.
 - **Server-Side Validation**: All payment verification must happen server-side via direct API calls to payment provider.
 - **Environment Separation**: Test credentials must fail in production. Misconfigured gateways commonly accept test cards on live sites.
@@ -38,6 +42,7 @@ You are a payment integration specialist focused on secure, reliable payment pro
 ## Common Failures
 
 **Real-world examples from Stripe, PayPal, OWASP:**
+
 - Payment processor collapse during traffic spike → webhook queue backups, revenue loss
 - Out-of-order webhooks breaking Lambda functions (no idempotency) → production failures
 - Malicious price manipulation on unencrypted payment buttons → fraudulent payments
@@ -47,6 +52,7 @@ You are a payment integration specialist focused on secure, reliable payment pro
 **Sources**: Stripe official docs, PayPal Security Guidelines, OWASP Testing Guide, production retrospectives
 
 ## Output
+
 - Payment integration code with error handling
 - Webhook endpoint implementations
 - Database schema for payment records

plugins/payment-processing/skills/billing-automation/SKILL.md

@@ -20,7 +20,9 @@ Master automated billing systems including recurring billing, invoice generation
 ## Core Concepts
 
 ### 1. Billing Cycles
+
 **Common Intervals:**
+
 - Monthly (most common for SaaS)
 - Annual (discounted long-term)
 - Quarterly
@@ -28,20 +30,25 @@ Master automated billing systems including recurring billing, invoice generation
 - Custom (usage-based, per-seat)
 
 ### 2. Subscription States
+
 ```
 trial → active → past_due → canceled
               → paused → resumed
 ```
 
 ### 3. Dunning Management
+
 Automated process to recover failed payments through:
+
 - Retry schedules
 - Customer notifications
 - Grace periods
 - Account restrictions
 
 ### 4. Proration
+
 Adjusting charges when:
+
 - Upgrading/downgrading mid-cycle
 - Adding/removing seats
 - Changing billing frequency

plugins/payment-processing/skills/paypal-integration/SKILL.md

@@ -20,32 +20,40 @@ Master PayPal payment integration including Express Checkout, IPN handling, recu
 ## Core Concepts
 
 ### 1. Payment Products
+
 **PayPal Checkout**
+
 - One-time payments
 - Express checkout experience
 - Guest and PayPal account payments
 
 **PayPal Subscriptions**
+
 - Recurring billing
 - Subscription plans
 - Automatic renewals
 
 **PayPal Payouts**
+
 - Send money to multiple recipients
 - Marketplace and platform payments
 
 ### 2. Integration Methods
+
 **Client-Side (JavaScript SDK)**
+
 - Smart Payment Buttons
 - Hosted payment flow
 - Minimal backend code
 
 **Server-Side (REST API)**
+
 - Full control over payment flow
 - Custom checkout UI
 - Advanced features
 
 ### 3. IPN (Instant Payment Notification)
+
 - Webhook-like payment notifications
 - Asynchronous payment updates
 - Verification required
@@ -118,6 +126,7 @@ def capture_paypal_order(order_id):
 ## Express Checkout Implementation
 
 ### Server-Side Order Creation
+
 ```python
 import requests
 import json
@@ -189,6 +198,7 @@ class PayPalClient:
 ## IPN (Instant Payment Notification) Handling
 
 ### IPN Verification and Processing
+
 ```python
 from flask import Flask, request
 import requests
@@ -268,6 +278,7 @@ def handle_chargeback(ipn_data):
 ## Subscription/Recurring Billing
 
 ### Create Subscription Plan
+
 ```python
 def create_subscription_plan(name, amount, interval='MONTH'):
     """Create a subscription plan."""

plugins/payment-processing/skills/pci-compliance/SKILL.md

@@ -20,27 +20,33 @@ Master PCI DSS (Payment Card Industry Data Security Standard) compliance for sec
 ## PCI DSS Requirements (12 Core Requirements)
 
 ### Build and Maintain Secure Network
+
 1. Install and maintain firewall configuration
 2. Don't use vendor-supplied defaults for passwords
 
 ### Protect Cardholder Data
+
 3. Protect stored cardholder data
 4. Encrypt transmission of cardholder data across public networks
 
 ### Maintain Vulnerability Management
+
 5. Protect systems against malware
 6. Develop and maintain secure systems and applications
 
 ### Implement Strong Access Control
+
 7. Restrict access to cardholder data by business need-to-know
 8. Identify and authenticate access to system components
 9. Restrict physical access to cardholder data
 
 ### Monitor and Test Networks
+
 10. Track and monitor all access to network resources and cardholder data
 11. Regularly test security systems and processes
 
 ### Maintain Information Security Policy
+
 12. Maintain a policy that addresses information security
 
 ## Compliance Levels
@@ -99,6 +105,7 @@ class PaymentData:
 ## Tokenization
 
 ### Using Payment Processor Tokens
+
 ```python
 import stripe
 
@@ -161,6 +168,7 @@ class TokenizedPayment:
 ```
 
 ### Custom Tokenization (Advanced)
+
 ```python
 import secrets
 from cryptography.fernet import Fernet
@@ -203,6 +211,7 @@ class TokenVault:
 ## Encryption
 
 ### Data at Rest
+
 ```python
 from cryptography.hazmat.primitives.ciphers.aead import AESGCM
 import os
@@ -245,6 +254,7 @@ encrypted_pan = storage.encrypt("4242424242424242")
 ```
 
 ### Data in Transit
+
 ```python
 # Always use TLS 1.2 or higher
 # Flask/Django example
@@ -339,6 +349,7 @@ audit.log_access(user_id=123, resource='payment_methods', action='read', result=
 ## Security Best Practices
 
 ### Input Validation
+
 ```python
 import re
 
@@ -377,16 +388,19 @@ def sanitize_input(user_input):
 ## PCI DSS SAQ (Self-Assessment Questionnaire)
 
 ### SAQ A (Least Requirements)
+
 - E-commerce using hosted payment page
 - No card data on your systems
 - ~20 questions
 
 ### SAQ A-EP
+
 - E-commerce with embedded payment form
 - Uses JavaScript to handle card data
 - ~180 questions
 
 ### SAQ D (Most Requirements)
+
 - Store, process, or transmit card data
 - Full PCI DSS requirements
 - ~300 questions

plugins/payment-processing/skills/stripe-integration/SKILL.md

@@ -20,25 +20,31 @@ Master Stripe payment processing integration for robust, PCI-compliant payment f
 ## Core Concepts
 
 ### 1. Payment Flows
+
 **Checkout Session (Hosted)**
+
 - Stripe-hosted payment page
 - Minimal PCI compliance burden
 - Fastest implementation
 - Supports one-time and recurring payments
 
 **Payment Intents (Custom UI)**
+
 - Full control over payment UI
 - Requires Stripe.js for PCI compliance
 - More complex implementation
 - Better customization options
 
 **Setup Intents (Save Payment Methods)**
+
 - Collect payment method without charging
 - Used for subscriptions and future payments
 - Requires customer confirmation
 
 ### 2. Webhooks
+
 **Critical Events:**
+
 - `payment_intent.succeeded`: Payment completed
 - `payment_intent.payment_failed`: Payment failed
 - `customer.subscription.updated`: Subscription changed
@@ -47,13 +53,16 @@ Master Stripe payment processing integration for robust, PCI-compliant payment f
 - `invoice.payment_succeeded`: Subscription payment successful
 
 ### 3. Subscriptions
+
 **Components:**
+
 - **Product**: What you're selling
 - **Price**: How much and how often
 - **Subscription**: Customer's recurring payment
 - **Invoice**: Generated for each billing cycle
 
 ### 4. Customer Management
+
 - Create and manage customer records
 - Store multiple payment methods
 - Track customer metadata
@@ -94,6 +103,7 @@ print(session.url)
 ## Payment Implementation Patterns
 
 ### Pattern 1: One-Time Payment (Hosted Checkout)
+
 ```python
 def create_checkout_session(amount, currency='usd'):
     """Create a one-time payment checkout session."""
@@ -127,6 +137,7 @@ def create_checkout_session(amount, currency='usd'):
 ```
 
 ### Pattern 2: Custom Payment Intent Flow
+
 ```python
 def create_payment_intent(amount, currency='usd', customer_id=None):
     """Create a payment intent for custom checkout UI."""
@@ -171,6 +182,7 @@ if (error) {
 ```
 
 ### Pattern 3: Subscription Creation
+
 ```python
 def create_subscription(customer_id, price_id):
     """Create a subscription for a customer."""
@@ -193,6 +205,7 @@ def create_subscription(customer_id, price_id):
 ```
 
 ### Pattern 4: Customer Portal
+
 ```python
 def create_customer_portal_session(customer_id):
     """Create a portal session for customers to manage subscriptions."""
@@ -206,6 +219,7 @@ def create_customer_portal_session(customer_id):
 ## Webhook Handling
 
 ### Secure Webhook Endpoint
+
 ```python
 from flask import Flask, request
 import stripe
@@ -270,6 +284,7 @@ def handle_subscription_canceled(subscription):
 ```
 
 ### Webhook Best Practices
+
 ```python
 import hashlib
 import hmac