Build a Stripe billing automation that processes HIPAA-bound patient records…
“Build a Stripe billing automation that processes HIPAA-bound patient records, syncs to Salesforce, and posts daily reports to Slack — needs GitHub Actions deployment”
$ npx mcpflix install 5wI4q41jWrites claude_desktop_config.json, prompts for any required API keys, and drops skills into ~/.claude/skills/. Backed up automatically.
What this stack is
What you're building
- Entities: HIPAA-bound patient records (PHI) — 1000s/day, Stripe billing transactions — recurring + one-time charges, Salesforce CRM sync — account + opportunity records, Daily reports — aggregated metrics + exceptions, GitHub Actions deployment pipeline
- Constraints: HIPAA compliance — PHI encryption at rest & in transit, audit logging, access controls, PCI DSS scope — no direct card handling (Stripe tokenization only), Deterministic billing — idempotency keys, no LLM-driven charge creation, Real-time sync latency — <5 min Salesforce updates, Daily report window — 23:59 UTC cutoff
- Out of scope: Patient authentication or identity verification (assume pre-verified), Refund arbitration or chargeback handling (manual review only), Custom Stripe webhook retry logic (use Stripe's built-in retries), Salesforce custom field schema design (assume fields exist)
Why this stack fits mcp-postgres stores encrypted patient billing state + audit logs with schema introspection; mcp-server-github-actions triggers deterministic charge + sync workflows on schedule; blocksuser-mcp-linear or aaronsb-jira-cloud-mcp routes billing exceptions to ops tickets; ask-slack-mcp-server posts daily digests without human intervention. Stripe + Salesforce integrations remain in deterministic server code (not AI-driven) to preserve compliance and idempotency.
Architecture
MCP Servers
PostgreSQL MCP
mcp-postgresOfficial Anthropic server; read-only schema introspection and query execution for compliance audits. Stores encrypted patient records and billing state with immutable audit trail.
GitHub Actions MCP
mcp-server-github-actionsDispatch scheduled workflows that execute Stripe charges, Salesforce syncs, and state logging in deterministic server code (not LLM-driven) to preserve idempotency and compliance.
Slack MCP
ask-slack-mcp-serverHTTP bridge for posting aggregated metrics and exception summaries to #billing channel without human intervention.
Jira Cloud MCP
@aaronsb/jira-cloud-mcpCreate tickets for failed charges, sync errors, and HIPAA audit flags; enables ops to triage without manual email.
Skills
Security Audit
/security-auditScans GitHub Actions workflows and server code for hardcoded secrets, missing encryption, and OWASP Top 10 issues before deployment.
Migration Safe
/migration-safeReviews any schema changes to the PostgreSQL audit table for locking, downtime risk, and backward compatibility — critical for HIPAA compliance.
PR Ready
/pr-readyRuns typecheck, tests, and lint on billing workflow code, then generates PR description from commits — ensures deterministic code quality before merge.
Install everything in one go
Copy a single setup guide that includes the MCP config and the skills installer script — paste into a doc to keep, or follow it section by section.
Implementation Plan
- Install MCP servers and save stack ⏱ 15m
Run npx mcpflix install <stack-id> to configure PostgreSQL, GitHub Actions, Slack, and Jira MCPs in Claude Code. The CLI will prompt for connection strings (Postgres), GitHub PAT, Slack bot token, and Jira API token, then write them to claude_desktop_config.json in one pass.
Done when:
- Running
npx mcpflix installwrites mcpServers entries for postgres, github-actions, slack, and jira without prompting again -
claude_desktop_config.jsoncontains encrypted env vars for all four MCPs
Files: ~/.claude/claude_desktop_config.json
Accounts: GitHub, Slack workspace, Jira Cloud, PostgreSQL instance
Env vars: POSTGRES_URL, GITHUB_PAT, SLACK_BOT_TOKEN, JIRA_API_TOKEN
Services: Node 18+
Verify:
Loading code…
- Create PostgreSQL audit schema for PHI ⏱ 30m · ⚠ high-risk
In Claude Code, use the PostgreSQL MCP to introspect your existing schema, then create an audit_log table with encrypted patient_id, billing_event, timestamp, and actor columns. Use pgcrypto extension (pgcrypto_encrypt()) to encrypt PHI at rest. Add row-level security (RLS) policies so only authenticated billing service can read/write. This table is the single source of truth for HIPAA compliance.
Done when:
- PostgreSQL schema includes
audit_logtable with pgcrypto encryption on patient_id - RLS policies enforce that only the billing service role can SELECT/INSERT
- Querying
SELECT COUNT(*) FROM audit_logreturns 0 initially
Files: migrations/001_audit_schema.sql
Env vars: POSTGRES_URL
Services: PostgreSQL 13+, pgcrypto extension enabled
Verify:
Loading code…
Rollback: psql $POSTGRES_URL -f migrations/001_audit_schema.sql.rollback
- Set up GitHub Actions billing workflow ⏱ 60m · ⚠ high-risk
Create .github/workflows/billing-daily.yml that runs at 23:59 UTC. The workflow should: (1) fetch pending charges from Postgres via psql query, (2) call Stripe API with idempotency keys to create charges (deterministic, no LLM), (3) log results to audit table, (4) sync successful charges to Salesforce via REST API, (5) post a summary to Slack via webhook. Use GitHub Secrets for Stripe SK, Salesforce token, and Slack webhook URL. Do NOT let Claude Code drive charge creation — only the workflow can call Stripe.
Done when:
- Workflow runs on schedule
0 23 * * *(23:59 UTC) - Workflow uses GitHub Secrets for Stripe, Salesforce, Slack tokens
- Stripe charge calls include
idempotency_keyheader - Workflow logs all actions to PostgreSQL audit_log table
Files: .github/workflows/billing-daily.yml
Accounts: Stripe account, Salesforce org, Slack workspace
Env vars: STRIPE_SECRET_KEY, SALESFORCE_TOKEN, SLACK_WEBHOOK_URL
Services: GitHub Actions enabled
Verify:
Loading code…
Rollback: git revert <commit-hash> && git push
- Create Stripe charge + Salesforce sync server code ⏱ 60m · ⚠ high-risk
In your repo root, create src/billing-service.ts (or .js) with three deterministic functions: (1) chargePatient(patientId, amount, idempotencyKey) — calls Stripe API with the key and returns charge ID, (2) syncToSalesforce(chargeId, patientId) — upserts an Opportunity record in Salesforce with charge metadata, (3) logAuditEvent(patientId, event, chargeId) — inserts into PostgreSQL audit_log with encrypted PHI. These functions are called by the GitHub Actions workflow, not by Claude Code. Include error handling and retry logic for Salesforce (exponential backoff, max 3 retries).
Done when:
-
chargePatient()function includes idempotency_key in Stripe API call -
syncToSalesforce()includes exponential backoff retry logic -
logAuditEvent()encrypts patient_id before INSERT - All three functions have TypeScript types and JSDoc comments
Files: src/billing-service.ts, src/types.ts
Env vars: STRIPE_SECRET_KEY, SALESFORCE_TOKEN, POSTGRES_URL
Services: Node 18+, npm
Verify:
Loading code…
Rollback: git revert <commit-hash> && npm run build
- Configure Jira exception routing ⏱ 30m · • medium-risk
In Claude Code, use the Jira MCP to create a project for billing ops (e.g., 'BILLING'). Then, in your billing-service.ts, add a function createBillingException(error, patientId, chargeId) that calls Jira API to create a ticket with severity label ('critical' for failed charges, 'info' for sync delays). The GitHub Actions workflow should call this function on any error. This ensures ops sees exceptions in Jira within minutes, not hours.
Done when:
- Jira project 'BILLING' exists and is accessible via API token
-
createBillingException()creates a ticket with error details and patient_id (encrypted in description) - GitHub Actions workflow calls
createBillingException()on Stripe or Salesforce errors
Files: src/jira-service.ts
Accounts: Jira Cloud
Env vars: JIRA_API_TOKEN, JIRA_INSTANCE_URL
Verify:
Loading code…
- Build daily Slack digest reporter ⏱ 45m
Create src/slack-reporter.ts with a function postDailyDigest() that queries PostgreSQL for yesterday's billing metrics (total charges, success rate, failed count, Salesforce sync lag), formats them as a Slack Block Kit message, and posts to #billing via the Slack MCP. Run this function at 00:05 UTC (5 min after the billing workflow completes). Include a summary of any Jira tickets created overnight so ops can glance at exceptions.
Done when:
-
postDailyDigest()queries PostgreSQL audit_log for yesterday's events - Slack message includes: total charges, success %, failed count, Salesforce sync lag
- Slack message includes link to BILLING Jira project for overnight exceptions
- Workflow runs at 00:05 UTC daily
Files: src/slack-reporter.ts, .github/workflows/billing-daily.yml
Env vars: SLACK_BOT_TOKEN, POSTGRES_URL
Services: Slack workspace
Verify:
Loading code…
- Run security audit and deploy ⏱ 30m · ⚠ high-risk
Before merging, run /security-audit to scan billing-service.ts, jira-service.ts, and the GitHub Actions workflow for hardcoded secrets, missing encryption, and OWASP issues. Fix any findings. Then run /pr-ready to typecheck, test, and lint. Once passing, create a PR, get approval, and merge to main. GitHub Actions will deploy on merge.
Done when:
-
/security-auditreports 0 hardcoded secrets and 0 OWASP issues -
/pr-readypasses typecheck, tests, and lint - PR is approved and merged to main
- GitHub Actions deployment workflow runs and succeeds
Accounts: GitHub with write access to main Services: GitHub Actions
Verify:
Loading code…
Rollback: git revert <merge-commit-hash> && git push
- Verify end-to-end billing flow in staging ⏱ 30m · • medium-risk
In a staging environment, manually trigger the GitHub Actions workflow with a test patient record. Verify: (1) Stripe charge is created with correct idempotency key, (2) audit_log entry appears in PostgreSQL with encrypted patient_id, (3) Salesforce Opportunity is created/updated, (4) Slack digest posts at 00:05 UTC, (5) any errors create Jira tickets. Do NOT run against production data until all checks pass.
Done when:
- Stripe charge appears in Stripe dashboard with correct amount and idempotency key
- PostgreSQL audit_log contains entry with encrypted patient_id
- Salesforce Opportunity record exists with charge metadata
- Slack message posts to #billing-staging with correct metrics
- No Jira exceptions created (all steps succeed)
Accounts: Staging Stripe account, Staging Salesforce org, Staging Slack channel Services: PostgreSQL staging instance
Verify:
Loading code…
Build your own — or save this one
Describe your project and our AI will design a complete stack — architecture diagram, MCP servers, skills, and step-by-step setup. Sign up free to save and share your own.