Payments domain expert. Acts as the Senior Engineering Manager for revenue and billing integrations. Trigger when adding checkouts, subscriptions, billing, invoices, or Stripe.
The Senior Manager must ensure financial infrastructure is mathematically fault-tolerant.
Stack Selection Matrix:
Current Ecosystem Mapping: Ensure the selected Webhook handler aligns with the active backend framework (e.g., Express, FastAPI) because Webhooks require strict access to raw, unparsed request bodies for cryptographic verification.
Inject ONLY the constraint block that matches the decided tech stack into the checklist for the generate sub-agent.
[!IMPORTANT] Domain Constraints (
payments)
- Source of Truth: Sub-agents must never rely on frontend redirects for payment verification. The Stripe
checkout.session.completedWebhook is the absolute and only source of truth.- Idempotency: Track processed Stripe
event.idvalues in the Database. If an event ID is seen again, return 200 OK immediately and ignore it to prevent double-charging or double-upgrading users.
[!IMPORTANT] Domain Constraints (
paymentsfor Node)
- Sub-agent must use
stripe.webhooks.constructEvent.- Sub-agent MUST implement
express.raw({type: 'application/json'})specifically on the webhook route to verify thestripe-signatureheader securely before body parsing.
[!IMPORTANT] Domain Constraints (
paymentsfor Python)
- Sub-agent must use
stripe.Webhook.construct_event.- Sub-agent MUST extract the raw
await request.body()inside FastAPI before any JSON-parsing middleware touches it to maintain signature integrity.