alipay-merchant-onboarding

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

支付宝商家入驻 Skill

Alipay Merchant Onboarding Skill

个人开发者支付宝商家入驻一站式解决方案。

One-stop solution for individual developers to onboard as Alipay merchants.

全局规范与铁律

Global Specifications and Iron Rules

使用声明

Usage Declaration

使用本 skill 即表示同意：

使用本服务需遵守法律法规、自行审核测试并承担使用责任
基于支付安全风控需要，我方需收集日志文件、环境信息等
禁止在代码、大模型对话等公网透露敏感信息（密码、API Keys、私钥等）

By using this skill, you agree to the following:

You must comply with laws and regulations when using this service, conduct your own audits and tests, and bear responsibility for usage
For payment security risk control needs, we need to collect log files, environment information, etc.
It is prohibited to disclose sensitive information (passwords, API Keys, private keys, etc.) in code, large model conversations, or other public network scenarios

⛔ 用户项目文件修改铁律（最高优先级）

⛔ Iron Rule for Modifying User Project Files (Highest Priority)

❌ 禁止：直接修改用户项目中的 .ts / .tsx / .js 文件
❌ 禁止：修改 alipay-sdk-config.ts 或类似的支付配置文件
✅ 正确：输出配置内容让用户自行复制
✅ 正确：告知用户需要修改的文件路径和具体内容

❌ Prohibited: Directly modify .ts / .tsx / .js files in the user's project
❌ Prohibited: Modify alipay-sdk-config.ts or similar payment configuration files
✅ Correct: Output configuration content for the user to copy manually
✅ Correct: Inform the user of the file path and specific content that needs to be modified

⛔ 应用公钥管理铁律（最高优先级）

⛔ Iron Rule for App Public Key Management (Highest Priority)

核心原则：公钥由用户自行生成，skill 只负责接收和配置，不生成、不推断、不改写、不透出生成逻辑。

❌ 禁止：自动为用户生成公钥或密钥对
❌ 禁止：向用户表示可以"帮助生成公钥"、"帮助生成密钥对"
❌ 禁止：提供任何密钥生成代码、命令或脚本
❌ 禁止：请求、接收或处理用户的私钥信息
❌ 禁止：在用户未明确提供 publicKey 时调用 createKeyConfirmPage
❌ 禁止：自动生成、推断、补全、改写或添加前后缀到 publicKey

✅ 必须：引导用户前往支付宝开放平台官方密钥生成工具
✅ 必须：只接受用户明确输入的完整 publicKey
✅ 必须：提醒用户妥善保管私钥，切勿泄露给任何人

标准引导话术： 请前往支付宝开放平台密钥生成工具（ https://opendocs.alipay.com/common/02kipk ）下载并使用官方工具生成应用公私钥对，生成后将应用公钥提供给我继续后续流程。官方工具生成的私钥格式默认为PKCS#8，部分开发语言仅支持PKCS#1，如果需要转换成PKCS#1，可使用官方工具-格式转换。 私钥请妥善保管，切勿泄露给任何人。

Core Principle: The public key is generated by the user themselves. The skill is only responsible for receiving and configuring it, and will not generate, infer, rewrite, or disclose the generation logic.

❌ Prohibited: Automatically generate public keys or key pairs for users
❌ Prohibited: Tell users that we can "help generate public keys" or "help generate key pairs"
❌ Prohibited: Provide any key generation code, commands, or scripts
❌ Prohibited: Request, receive, or process users' private key information
❌ Prohibited: Call createKeyConfirmPage when the user has not explicitly provided a publicKey
❌ Prohibited: Automatically generate, infer, complete, rewrite, or add prefixes/suffixes to publicKey

✅ Mandatory: Guide users to the official key generation tool of the Alipay Open Platform
✅ Mandatory: Only accept complete publicKey explicitly provided by users
✅ Mandatory: Remind users to properly store their private keys and never disclose them to anyone

Standard Guidance Script: Please go to the Alipay Open Platform Key Generation Tool (https://opendocs.alipay.com/common/02kipk) to download and use the official tool to generate the app public-private key pair. After generation, provide the app public key to me to continue the subsequent process. The private key generated by the official tool is in PKCS#8 format by default. Some development languages only support PKCS#1. If conversion to PKCS#1 is needed, you can use the format conversion function in the official tool. Please properly store your private key and never disclose it to anyone.

⛔ MCP调用铁律（最高优先级）

⛔ Iron Rule for MCP Calls (Highest Priority)

所有
export PLATFORM=${DEV_TOOL_NAME} && alipay-cli mcp call
命令必须严格按照技能文档中定义的参数名、参数结构、参数数量执行，一字不改。

✅ 必须：严格按照技能文档中的调用示例和参数结构执行
✅ 必须：使用文档中定义的完整参数，不得省略任何参数
✅ 必须：--json 和 2>/dev/null 同时使用
❌ 禁止：自行推断或猜测参数名
❌ 禁止：省略文档中定义的参数（包括 "ctx":{}）
❌ 禁止：添加文档中未定义的额外参数
❌ 禁止：修改参数的 JSON 嵌套结构

All
export PLATFORM=${DEV_TOOL_NAME} && alipay-cli mcp call
commands must be executed strictly in accordance with the parameter names, parameter structures, and number of parameters defined in the skill documentation, without any changes.

✅ Mandatory: Strictly follow the call examples and parameter structures in the skill documentation
✅ Mandatory: Use the complete parameters defined in the documentation, do not omit any parameters
✅ Mandatory: Use --json and 2>/dev/null together
❌ Prohibited: Infer or guess parameter names on your own
❌ Prohibited: Omit parameters defined in the documentation (including "ctx":{})
❌ Prohibited: Add extra parameters not defined in the documentation
❌ Prohibited: Modify the JSON nested structure of parameters

⛔ CLI 环境变量铁律（最高优先级）

⛔ Iron Rule for CLI Environment Variables (Highest Priority)

所有
export PLATFORM=${DEV_TOOL_NAME} && alipay-cli
命令调用前必须设置 PLATFORM 环境变量。

✅ 必须：在每个 alipay-cli 调用前设置 PLATFORM 环境变量
✅ 必须：DEV_TOOL_NAME 来自 Step 1 智能识别，缺失时填 "unknown"
❌ 禁止：省略 PLATFORM 环境变量直接调用 alipay-cli
❌ 禁止：硬编码 PLATFORM 值（如 PLATFORM=claudeCode）
❌ 禁止：使用分号 ; 连接（可能导致环境变量泄露）

The PLATFORM environment variable must be set before calling any
export PLATFORM=${DEV_TOOL_NAME} && alipay-cli
commands.

✅ Mandatory: Set the PLATFORM environment variable before each alipay-cli call
✅ Mandatory: DEV_TOOL_NAME comes from Step 1 intelligent recognition, fill in "unknown" if missing
❌ Prohibited: Call alipay-cli directly without setting the PLATFORM environment variable
❌ Prohibited: Hardcode the PLATFORM value (e.g., PLATFORM=claudeCode)
❌ Prohibited: Use semicolon ; to connect commands (may cause environment variable leakage)

⛔ 授权链接铁律（最高优先级）

⛔ Iron Rule for Authorization Links (Highest Priority)

CLI 的
login
命令返回
verification_url
字段，此链接无法用于授权，禁止透出给用户！

❌ 禁止透出：https://opengw.alipay.com/oauth/device（此链接无法授权）
✅ 正确链接：https://aipay.alipay.com/cli-auth?deviceCode=xxx&productCode=xxx&mccCode=xxx&platform=xxx

The
verification_url
field returned by the CLI's
login
command cannot be used for authorization, and it is prohibited to disclose it to users!

❌ Prohibited to disclose: https://opengw.alipay.com/oauth/device (this link cannot be used for authorization)
✅ Correct link: https://aipay.alipay.com/cli-auth?deviceCode=xxx&productCode=xxx&mccCode=xxx&platform=xxx

⛔ createKeyConfirmPage 返回处理铁律（最高优先级）

⛔ Iron Rule for Handling createKeyConfirmPage Returns (Highest Priority)

返回结果中禁止展示二维码链接和
alipays://
协议链接，只展示
confirmPageUrl
的 Markdown 链接。

❌ 禁止展示：二维码提示、alipays:// 协议链接
✅ 必须：将 confirmPageUrl 以 Markdown 链接格式输出
✅ 必须：等待用户确认后再继续后续步骤

It is prohibited to display QR code links and
alipays://
protocol links in the return results. Only display the Markdown link of
confirmPageUrl
.

❌ Prohibited to display: QR code prompts, alipays:// protocol links
✅ Mandatory: Output confirmPageUrl in Markdown link format
✅ Mandatory: Wait for user confirmation before proceeding with subsequent steps

⛔ 授权范围不满足处理铁律（最高优先级）

⛔ Iron Rule for Handling Insufficient Authorization Scope (Highest Priority)

当检测到授权范围不满足时，必须执行 logout 退出登录，然后重新授权。

❌ 禁止：检测到授权范围不满足后继续执行后续操作
❌ 禁止：不执行 logout 直接重新登录
✅ 必须：检测到后先 logout 再重新授权
✅ 必须：重新授权时使用正确的 scope（根据当前 salesCode 确定）

详细处理流程见
scripts/handle_scope_mismatch.sh

When detecting insufficient authorization scope, you must execute logout to exit login, then re-authorize.

❌ Prohibited: Continue executing subsequent operations after detecting insufficient authorization scope
❌ Prohibited: Re-login directly without executing logout
✅ Mandatory: Execute logout first, then re-authorize after detection
✅ Mandatory: Use the correct scope when re-authorizing (determined based on the current salesCode)

For detailed processing flow, see
scripts/handle_scope_mismatch.sh

能力概览

Capability Overview

能力	说明
产品推荐	根据用户业务场景推荐合适的签约产品（电脑网站支付/AI收）
MCC类目选择	引导用户选择经营类目，提供智能推荐
登录授权	alipay-cli OAuth 授权，获取用户身份和权限
资质信息收集	根据产品类型收集网站截图或服务注册信息
产品签约	提交签约申请，开通支付能力
应用发布	查询已有应用、复用/创建应用、设置公钥、提交审核
服务市场注册	AI收产品的服务市场上架

Capability	Description
Product Recommendation	Recommend appropriate contracted products based on user business scenarios (PC Website Payment/AI Pay)
MCC Category Selection	Guide users to select business categories and provide intelligent recommendations
Login Authorization	alipay-cli OAuth authorization to obtain user identity and permissions
Qualification Information Collection	Collect website screenshots or service registration information based on product type
Product Contract Signing	Submit contract signing applications to activate payment capabilities
Application Publication	Query existing applications, reuse/create applications, set public keys, and submit for review
Service Market Registration	Shelve AI Pay products on the service market

任务管理规范

Task Management Specifications

入驻流程必须使用 TaskCreate/TaskUpdate/TaskList 进行任务管理，确保流程可追踪、可断点续。

The onboarding process must use TaskCreate/TaskUpdate/TaskList for task management to ensure the process is traceable and resumable.

任务-Step对照表（强制遵守）

Task-Step Comparison Table (Mandatory Compliance)

任务序号	任务名称	对应Step	执行内容
任务1	环境检查	Step 1	检查 alipay-cli 安装状态和运行环境
任务2	方案规划	Step 2	根据用户业务推荐产品和经营类目
任务3	登录授权	Step 3	支付宝 OAuth 授权登录
任务4	资料采集	Step 4	收集网站截图（仅电脑网站支付未签约时）
任务5	入驻推进	Step 5	签约、服务注册、应用发布
任务6	流程结束	Step 6	输出入驻结果

Task No.	Task Name	Corresponding Step	Execution Content
Task 1	Environment Check	Step 1	Check alipay-cli installation status and operating environment
Task 2	Solution Planning	Step 2	Recommend products and business categories based on user business
Task 3	Login Authorization	Step 3	Alipay OAuth authorization login
Task 4	Information Collection	Step 4	Collect website screenshots (only when PC Website Payment is not signed)
Task 5	Onboarding Promotion	Step 5	Contract signing, service registration, application publication
Task 6	Process Completion	Step 6	Output onboarding results

任务创建铁律（最高优先级）

Iron Rule for Task Creation (Highest Priority)

必须严格按以下顺序一次性创建全部6个任务，不可乱序、不可遗漏：

TaskCreate({ subject: "环境检查", description: "检查 alipay-cli 安装状态和运行环境" })
TaskCreate({ subject: "方案规划", description: "根据用户业务推荐产品和经营类目" })
TaskCreate({ subject: "登录授权", description: "支付宝 OAuth 授权登录" })
TaskCreate({ subject: "资料采集", description: "收集网站截图（仅电脑网站支付未签约时）" })
TaskCreate({ subject: "入驻推进", description: "签约、服务注册、应用发布" })
TaskCreate({ subject: "流程结束", description: "输出入驻结果" })

All 6 tasks must be created in one go strictly in the following order, no disorder or omission allowed:

TaskCreate({ subject: "Environment Check", description: "Check alipay-cli installation status and operating environment" })
TaskCreate({ subject: "Solution Planning", description: "Recommend products and business categories based on user business" })
TaskCreate({ subject: "Login Authorization", description: "Alipay OAuth authorization login" })
TaskCreate({ subject: "Information Collection", description: "Collect website screenshots (only when PC Website Payment is not signed)" })
TaskCreate({ subject: "Onboarding Promotion", description: "Contract signing, service registration, application publication" })
TaskCreate({ subject: "Process Completion", description: "Output onboarding results" })

任务跳过规则

Task Skipping Rules

条件	跳过的任务	处理方式
AI收产品	任务4: 资料采集	直接标记 completed，输出"AI收无需资料采集"
已签约状态	任务4: 资料采集	直接标记 completed，输出"已签约，跳过资料采集"
已有上线应用	任务5 部分内容	仅执行服务注册或应用发布，跳过重复步骤

Condition	Skipped Task	Handling Method
AI Pay product	Task 4: Information Collection	Directly mark as completed and output "AI Pay does not require information collection"
Already signed status	Task 4: Information Collection	Directly mark as completed and output "Already signed, skip information collection"
Existing online application	Part of Task 5	Only execute service registration or application publication, skip duplicate steps

内存状态管理

Memory State Management

状态数据保存在对话上下文中，不使用文件持久化。流程结束后自动清理。

json

{
  "productName": "电脑网站支付|AI收",
  "salesCode": "I1080300001000041203|I1080300001000160457",
  "scope": "app:all,fast_instant_trade_pay:write|app:all,machine_pay:write,agmnt:write",
  "mccCode": "Axxxx_Bxxxx",
  "mccName": "一级类目 > 二级类目",
  "collect_information": {
    "pc_home_page_image": "fileKey（仅电脑网站支付）",
    "pc_shop_page_image": "fileKey（仅电脑网站支付）",
    "pc_payment_image": "fileKey（仅电脑网站支付）"
  }
}

禁止存储：deviceCode / browserUrl / verificationCode / ar_sign_data / service_market_data / appId / authToken 等

State data is stored in the conversation context, no file persistence is used. It will be automatically cleared after the process ends.

json

{
  "productName": "PC Website Payment|AI Pay",
  "salesCode": "I1080300001000041203|I1080300001000160457",
  "scope": "app:all,fast_instant_trade_pay:write|app:all,machine_pay:write,agmnt:write",
  "mccCode": "Axxxx_Bxxxx",
  "mccName": "Level 1 Category > Level 2 Category",
  "collect_information": {
    "pc_home_page_image": "fileKey (only for PC Website Payment)",
    "pc_shop_page_image": "fileKey (only for PC Website Payment)",
    "pc_payment_image": "fileKey (only for PC Website Payment)"
  }
}

Prohibited to store: deviceCode / browserUrl / verificationCode / ar_sign_data / service_market_data / appId / authToken, etc.

主流程

Main Process

流程概览

Process Overview

Step 1: 环境检查 → Step 2: 方案规划 → Step 3: 登录授权
    → Step 3.1: 签约状态查询（子操作）→ 判断后续流程
    → Step 4: 资料采集（条件执行）
    → Step 5: 入驻推进（签约 + 服务注册 + 应用发布）
    → Step 6: 流程结束

Step 1: Environment Check → Step 2: Solution Planning → Step 3: Login Authorization
    → Step 3.1: Contract Signing Status Query (sub-operation) → Determine subsequent process
    → Step 4: Information Collection (conditional execution)
    → Step 5: Onboarding Promotion (contract signing + service registration + application publication)
    → Step 6: Process Completion

Step 1: 环境检查

Step 1: Environment Check

1.1 CLI安装检查

1.1 CLI Installation Check

bash

if ! export PLATFORM=${DEV_TOOL_NAME} && alipay-cli version &>/dev/null; then
  echo "🔄 正在安装 alipay-cli..."
  curl -fsSL https://opengw.alipay.com/alipaycli/install | bash
fi

bash

if ! export PLATFORM=${DEV_TOOL_NAME} && alipay-cli version &>/dev/null; then
  echo "🔄 Installing alipay-cli..."
  curl -fsSL https://opengw.alipay.com/alipaycli/install | bash
fi

1.2 任务创建（必须在执行任何Step之前完成）

1.2 Task Creation (Must be completed before executing any Step)

按顺序创建全部6个任务（见任务管理规范），中间不执行任何操作。

Create all 6 tasks in order (see Task Management Specifications), no operations in between.

1.3 智能识别 AI 编程工具

1.3 Intelligent Recognition of AI Programming Tools

执行
scripts/detect_dev_tool.sh
，返回值写入
DEV_TOOL_NAME
。缺失时填 "unknown"。只输出"环境已具备，可以继续流程。"，禁止透出检测细节。

Execute
scripts/detect_dev_tool.sh
, write the return value to
DEV_TOOL_NAME
. Fill in "unknown" if missing. Only output "Environment is ready, you can continue the process.", do not disclose detection details.

1.4 内存状态初始化

1.4 Memory State Initialization

初始化对话上下文变量：productName, salesCode, scope, mccCode, mccName, collect_information

Initialize conversation context variables: productName, salesCode, scope, mccCode, mccName, collect_information

Step 2: 方案规划

Step 2: Solution Planning

核心原则：直接推荐 + 不认可再调整

Core Principle: Direct Recommendation + Adjust if Not Approved

根据用户描述直接推荐产品和经营类目，不询问不纠结
用户确认 → 进入 Step 3；用户不认可 → 提供同类目备选（最多3个）

Directly recommend products and business categories based on user description, no inquiries or hesitation
User confirms → Enter Step 3; User does not approve → Provide alternative categories in the same category (max 3)

产品匹配规则

Product Matching Rules

场景关键词	推荐产品	salesCode	scope
网站、网页、PC、电脑、电商、商城	电脑网站支付	I1080300001000041203	app:all,fast_instant_trade_pay:write
AI、智能体、大模型、Agent、MCP	AI收	I1080300001000160457	app:all,machine_pay:write,agmnt:write
无明确场景特征	电脑网站支付（默认）	I1080300001000041203	app:all,fast_instant_trade_pay:write

Scenario Keywords	Recommended Product	salesCode	scope
Website, web page, PC, computer, e-commerce, mall	PC Website Payment	I1080300001000041203	app:all,fast_instant_trade_pay:write
AI, agent, large model, Agent, MCP	AI Pay	I1080300001000160457	app:all,machine_pay:write,agmnt:write
No clear scenario features	PC Website Payment (default)	I1080300001000041203	app:all,fast_instant_trade_pay:write

MCC匹配

MCC Matching

读取
references/mcc-reference.md
进行语义匹配。禁止 LLM 自行生成 mccCode。

Read
references/mcc-reference.md
for semantic matching. Prohibited for LLM to generate mccCode on its own.

用户确认后的流程

Process After User Confirmation

用户确认方案后 → 直接进入登录授权并输出授权信息，不需要再次确认。

After user confirms the solution → Directly enter login authorization and output authorization information, no need for re-confirmation.

Step 3: 登录授权

Step 3: Login Authorization

详见

references/authorization.md

See
references/authorization.md
for details

关键流程

Key Process

whoami 检查登录状态（过期时不中断流程，Step 3 统一处理）

执行

export PLATFORM=${DEV_TOOL_NAME} && alipay-cli login --non-interactive --scope "$SCOPE" --json 2>&1

解析 device_code → 构建授权链接

https://aipay.alipay.com/cli-auth?deviceCode=xxx&productCode=xxx&mccCode=xxx&platform=xxx

输出授权信息（产品类型、经营类目、确认码、链接）→ 等待用户确认

用户确认后执行

export PLATFORM=${DEV_TOOL_NAME} && alipay-cli login --complete --json 2>&1

whoami check login status (do not interrupt the process when expired, handle uniformly in Step 3)

Execute

export PLATFORM=${DEV_TOOL_NAME} && alipay-cli login --non-interactive --scope "$SCOPE" --json 2>&1

Parse device_code → Construct authorization link

https://aipay.alipay.com/cli-auth?deviceCode=xxx&productCode=xxx&mccCode=xxx&platform=xxx

Output authorization information (product type, business category, confirmation code, link) → Wait for user confirmation

After user confirmation, execute

export PLATFORM=${DEV_TOOL_NAME} && alipay-cli login --complete --json 2>&1

Scope 映射

Scope Mapping

产品	scope
电脑网站支付	`app:all,fast_instant_trade_pay:write`
AI收	`app:all,machine_pay:write,agmnt:write`

Product	scope
PC Website Payment	`app:all,fast_instant_trade_pay:write`
AI Pay	`app:all,machine_pay:write,agmnt:write`

授权信息展示规范（最高优先级）

Authorization Information Display Specifications (Highest Priority)

必须固定展示4项信息 + 授权链接（Markdown格式），禁止条件性隐藏：

产品类型 2. 经营类目(mccName + mccCode) 3. 确认码 4. 授权链接有效期 + 链接

Must display 4 fixed items of information + authorization link (Markdown format), no conditional hiding allowed:

Product type 2. Business category (mccName + mccCode) 3. Confirmation code 4. Authorization link validity period + link

Step 3.1: 授权后处理（登录授权子流程）

Step 3.1: Post-Authorization Handling (Login Authorization Sub-process)

签约状态查询

Contract Signing Status Query

bash

export PLATFORM=${DEV_TOOL_NAME} && alipay-cli mcp call ar-query.queryArInfosBySalesProd \
  -d '{"request":{"salesProductCodes":["<salesCode>"]},"ctx":{}}' --json 2>/dev/null

bash

export PLATFORM=${DEV_TOOL_NAME} && alipay-cli mcp call ar-query.queryArInfosBySalesProd \
  -d '{"request":{"salesProductCodes":["<salesCode>"]},"ctx":{}}' --json 2>/dev/null

签约状态判断与分支

Contract Signing Status Judgment and Branches

状态	产品类型	后续流程
NOT_SIGNED	电脑网站支付	Step 4 资料采集（3张截图）→ Step 5
NOT_SIGNED	AI收	直接 Step 5（签约+服务注册+应用发布）
SIGNED	电脑网站支付	直接 Step 5（仅应用发布）
SIGNED	AI收	直接 Step 5（服务注册+应用发布）

详细判断逻辑和脚本见
references/product-sign.md
和
scripts/query_sign_status.sh

Status	Product Type	Subsequent Process
NOT_SIGNED	PC Website Payment	Step 4 Information Collection (3 screenshots) → Step 5
NOT_SIGNED	AI Pay	Directly Step 5 (contract signing + service registration + application publication)
SIGNED	PC Website Payment	Directly Step 5 (only application publication)
SIGNED	AI Pay	Directly Step 5 (service registration + application publication)

For detailed judgment logic and scripts, see
references/product-sign.md
and
scripts/query_sign_status.sh

Step 4: 资料采集

Step 4: Information Collection

⚠️ 仅针对"电脑网站支付"产品且未签约时执行，AI收跳过此步骤。

📋 电脑网站支付需要 3 张网站截图：
  1. 首页截图  2. 商品页截图  3. 支付页截图
请上传截图后继续。

上传与解析脚本见
scripts/upload_screenshots.sh

bash

undefined

⚠️ Only execute for "PC Website Payment" product and when not signed, skip this step for AI Pay.

📋 PC Website Payment requires 3 website screenshots:
  1. Homepage screenshot  2. Product page screenshot  3. Payment page screenshot
Please upload the screenshots to continue.

For upload and parsing scripts, see
scripts/upload_screenshots.sh

bash

undefined

上传截图获取 fileKey

Upload screenshot to get fileKey

export PLATFORM=${DEV_TOOL_NAME} && alipay-cli file upload "$FILE_PATH" -s payMerchantcodeSkill --json 2>/dev/null

undefined

export PLATFORM=${DEV_TOOL_NAME} && alipay-cli file upload "$FILE_PATH" -s payMerchantcodeSkill --json 2>/dev/null

undefined

Step 5: 入驻推进

Step 5: Onboarding Promotion

⚠️ 签约、服务注册、应用发布串行执行。

步骤	模块	适用产品	详见
5.1	产品签约	所有产品	`references/product-sign.md`
5.2	服务市场注册	仅AI收	`references/service-registration.md`
5.3	应用发布	所有产品	`references/app-release.md`

⚠️ Contract signing, service registration, and application publication are executed serially.

Step	Module	Applicable Products	See Details
5.1	Product Contract Signing	All products	`references/product-sign.md`
5.2	Service Market Registration	AI Pay only	`references/service-registration.md`
5.3	Application Publication	All products	`references/app-release.md`

Step 6: 流程结束

Step 6: Process Completion

输出格式详见对客输出规范 - 流程结束输出规范

使用 TaskUpdate 标记所有任务为 completed。

See Customer Output Specifications - Process Completion Output Specifications for output format

Use TaskUpdate to mark all tasks as completed.

⛔ 模块强读铁律（最高优先级）

⛔ Iron Rule for Mandatory Module Reading (Highest Priority)

执行任何模块前，必须先读取对应的 references 文档获取完整参数和流程，禁止凭记忆执行！

✅ 必须：执行签约相关操作前 → 先读取 references/product-sign.md
✅ 必须：执行应用发布相关操作前 → 先读取 references/app-release.md
✅ 必须：执行服务市场注册相关操作前 → 先读取 references/service-registration.md
✅ 必须：执行登录授权相关操作前 → 先读取 references/authorization.md
❌ 禁止：不读文档直接调用任何 MCP 方法
❌ 禁止：凭记忆猜测或推断 MCP 方法名、参数名、参数结构
❌ 禁止：自行编造文档中不存在的 MCP 方法（如 deleteService、updateApplication 等）
❌ 禁止：将签约模块的 ctx 参数习惯带入应用发布模块
❌ 禁止：将应用发布模块的无 ctx 习惯带入签约模块

Before executing any module, you must first read the corresponding references document to obtain complete parameters and processes. Prohibited to execute based on memory!

✅ Mandatory: Before executing contract signing-related operations → Read references/product-sign.md first
✅ Mandatory: Before executing application publication-related operations → Read references/app-release.md first
✅ Mandatory: Before executing service market registration-related operations → Read references/service-registration.md first
✅ Mandatory: Before executing login authorization-related operations → Read references/authorization.md first
❌ Prohibited: Call any MCP methods directly without reading the documentation
❌ Prohibited: Guess or infer MCP method names, parameter names, or parameter structures based on memory
❌ Prohibited: Fabricate MCP methods that do not exist in the documentation (such as deleteService, updateApplication, etc.)
❌ Prohibited: Bring the ctx parameter habit from the contract signing module into the application publication module
❌ Prohibited: Bring the no-ctx habit from the application publication module into the contract signing module

模块入口指引

Module Entry Guide

签约模块 →

references/product-sign.md

Contract Signing Module →

references/product-sign.md

⚠️ 执行签约前必须先读此文档

功能：签约状态查询 + 签约申请提交
MCP：ar-sign.apply / ar-query.queryArInfosBySalesProd（⚠️ 需要 ctx）
签约JSON结构（电脑网站支付含webAppDTO+screenshot / AI收无webAppDTO）
关键变量：bizRequestNo（每次生成新UUID）、mccCode、channelCode、orderType
签约输出规范（费率免责声明）

⚠️ Must read this document before executing contract signing

Function: Contract signing status query + contract signing application submission
MCP: ar-sign.apply / ar-query.queryArInfosBySalesProd (⚠️ Requires ctx)
Contract signing JSON structure (PC Website Payment includes webAppDTO+screenshot / AI Pay has no webAppDTO)
Key variables: bizRequestNo (generate new UUID each time), mccCode, channelCode, orderType
Contract signing output specifications (rate disclaimer)

应用发布模块 →

references/app-release.md

Application Publication Module →

references/app-release.md

⚠️ 执行应用发布前必须先读此文档

功能：查询已有应用 → 复用/创建 → 设置公钥 → 提交审核
MCP：apprelease.*（7个方法）（⚠️ 不需要 ctx，参数结构与签约模块完全不同）
⛔ 应用MCP调用铁律（request包裹、无ctx、appTypes用数组）
应用复用强制原则（只可复用ON_LINE状态）
createKeyConfirmPage 返回处理规范（仅展示confirmPageUrl）

⚠️ Must read this document before executing application publication

Function: Query existing applications → Reuse/create → Set public key → Submit for review
MCP: apprelease.* (7 methods) (⚠️ Does not require ctx, parameter structure is completely different from the contract signing module)
⛔ Iron Rule for Application MCP Calls (request wrapping, no ctx, appTypes uses array)
Mandatory principle for application reuse (only reuse ON_LINE status)
createKeyConfirmPage return handling specifications (only display confirmPageUrl)

服务市场注册模块 →

references/service-registration.md

Service Market Registration Module →

references/service-registration.md

⚠️ 执行服务注册前必须先读此文档

功能：AI收产品服务上架（先查后建）
MCP：仅2个方法 → a2a-pay-service.discoverBazaarServicesForMcp / saveBazaarServiceForMcp
5步流程：查询 → 判断 → 用户决策 → 提交 → 处理结果
⛔ 禁止：使用文档未定义的方法（如 deleteService、updateService）
入参校验规则 + 服务数量≤20限制 + 修改需传全部字段

⚠️ Must read this document before executing service registration

Function: Shelve AI Pay products on the service market (query first, then create)
MCP: Only 2 methods → a2a-pay-service.discoverBazaarServicesForMcp / saveBazaarServiceForMcp
5-step process: Query → Judgment → User decision → Submit → Process results
⛔ Prohibited: Use methods not defined in the documentation (such as deleteService, updateService)
Input parameter verification rules + service quantity ≤20 limit + all fields must be passed for modification

MCC推荐模块 →

references/mcc-reference.md

MCC Recommendation Module →

references/mcc-reference.md

MCC类目参考表，用于语义匹配推荐经营类目
⛔ 禁止LLM自行生成mccCode，必须从文档精确匹配

MCC category reference table, used for semantic matching to recommend business categories
⛔ Prohibited for LLM to generate mccCode on its own, must match exactly from the document

CLI命令规范 →

references/cli-commands.md

CLI Command Specifications →

references/cli-commands.md

所有 alipay-cli 命令的调用格式和参数规范
登录/授权/文件上传/MCP调用的详细说明

Calling format and parameter specifications for all alipay-cli commands
Detailed instructions for login/authorization/file upload/MCP calls

MCP方法声明 →

references/mcp-methods.md

MCP Method Declarations →

references/mcp-methods.md

所有 MCP 方法的参数结构和调用示例
⛔ 严禁虚拟MCP方法调用

Parameter structures and call examples for all MCP methods
⛔ Strictly prohibited to call virtual MCP methods

登录授权 →

references/authorization.md

references/authorization.md

登录状态检查、授权链接生成、重新授权、权限检查的完整流程
⛔ 重新授权三参数铁律（deviceCode, productCode, mccCode 缺一不可）

Complete process of login status check, authorization link generation, re-authorization, and permission check
⛔ Iron Rule for re-authorization three parameters (deviceCode, productCode, mccCode are all required)

错误处理 →

references/error-handling.md

Error Handling →

references/error-handling.md

错误类型识别优先级 + 统一错误处理模板
MCP认证错误、服务错误、授权不匹配、后端业务错误的处理

Error type identification priority + unified error handling template
Handling of MCP authentication errors, service errors, authorization mismatch, backend business errors

对客输出规范

Customer Output Specifications

1. 方案规划输出规范

1. Solution Planning Output Specifications

markdown

让我先帮您规划方案，然后逐步完成入驻流程。
---
📋 根据您的[用户业务描述]，我为您推荐以下方案：

| 项目 | 信息 |
|------|------|
| 产品类型 | [产品名称] |
| 经营类目 | [一级类目] > [二级类目] ([mccCode]) |

请确认方案是否合适？确认后将继续下一步。

不认可调整输出：

markdown

📋 了解，为您推荐[一级类目]类目下的其他选项：

| 序号 | 经营类目 | 适用场景 |
|------|----------|----------|
| 1 | [一级类目] > [二级类目1] | [适用场景1] |
| 2 | [一级类目] > [二级类目2] | [适用场景2] |

请选择序号，或继续描述您的经营场景。

markdown

Let me first help you plan the solution, then complete the onboarding process step by step.
---
📋 Based on your [user business description], I recommend the following solution:

| Item | Information |
|------|------|
| Product Type | [Product Name] |
| Business Category | [Level 1 Category] > [Level 2 Category] ([mccCode]) |

Please confirm if the solution is appropriate? We will proceed to the next step after confirmation.

Output for Adjustment When Not Approved:

markdown

📋 Understood, here are other options in the [Level 1 Category] category for you:

| No. | Business Category | Applicable Scenario |
|------|----------|----------|
| 1 | [Level 1 Category] > [Level 2 Category 1] | [Applicable Scenario 1] |
| 2 | [Level 1 Category] > [Level 2 Category 2] | [Applicable Scenario 2] |

Please select the number, or continue describing your business scenario.

2. 服务列表输出规范

2. Service List Output Specifications

| 序号 | 服务ID | 服务名称 | 描述 | 价格 | 状态 | 服务地址 |

3. 签约信息输出规范（含费率免责声明）

3. Contract Signing Information Output Specifications (Including Rate Disclaimer)

签约信息包含费率时，必须附加免责声明：

markdown

📋 签约信息：
  • 签约状态：[状态]
  • 费率：[费率值]

> 由于支付宝可能会有阶段性的优惠活动，实际费率可能低于该页面费率，具体以相应费用账单为准。

When contract signing information includes rates, must add a disclaimer:

markdown

📋 Contract Signing Information:
  • Signing Status: [Status]
  • Rate: [Rate Value]

> Due to possible periodic promotional activities by Alipay, the actual rate may be lower than the rate shown on this page. Please refer to the corresponding expense bill for details.

4. 流程结束输出规范

4. Process Completion Output Specifications

电脑网站支付：

markdown

🎉 支付宝商家入驻流程结束！

| 模块 | 项目 | 信息 |
|------|------|------|
| 📦 产品信息 | 产品类型 | [产品名称] |
| 📦 产品信息 | 经营类目 | [类目名称] |
| 📋 签约信息 | 签约状态 | [状态] |
| 📋 签约信息 | 费率 | [费率值]（如有） |
| 📱 应用信息 | 应用ID | [appId] |
| 📱 应用信息 | 应用状态 | [状态] |

> 由于支付宝可能会有阶段性的优惠活动，实际费率可能低于该页面费率，具体以相应费用账单为准。

AI收产品（含服务市场信息）： 在上述表格基础上增加🔧服务信息行（服务ID、服务名称、服务描述、服务状态、服务地址）。

PC Website Payment:

markdown

🎉 Alipay Merchant Onboarding Process Completed!

| Module | Item | Information |
|------|------|------|
| 📦 Product Information | Product Type | [Product Name] |
| 📦 Product Information | Business Category | [Category Name] |
| 📋 Contract Signing Information | Signing Status | [Status] |
| 📋 Contract Signing Information | Rate | [Rate Value] (if applicable) |
| 📱 Application Information | App ID | [appId] |
| 📱 Application Information | App Status | [Status] |

> Due to possible periodic promotional activities by Alipay, the actual rate may be lower than the rate shown on this page. Please refer to the corresponding expense bill for details.

AI Pay Product (Including Service Market Information): Add 🔧 Service Information rows (Service ID, Service Name, Service Description, Service Status, Service Address) to the above table.

错误处理

Error Handling

错误类型	识别关键词	处理方式
认证错误	HTTP 401, Authorization is empty	logout → 重新授权
服务错误	MCP 调用失败（非401）	提示检查网络后重试
授权信息不匹配	mccCode/salesProductCodes is not auth, scope is not auth	logout → 重新授权
签约错误	errorCode, errorMessage	展示错误，引导用户修正

统一错误检测模板：

bash

if echo "$RESULT" | grep -qiE "HTTP 401|Authorization is empty|mccCode.*is not auth|salesProductCodes.*is not auth|scope.*is not auth|授权信息不匹配"; then
  # → 执行 scripts/handle_scope_mismatch.sh
fi

详细错误处理见
references/error-handling.md

Error Type	Identification Keywords	Handling Method
Authentication Error	HTTP 401, Authorization is empty	logout → Re-authorize
Service Error	MCP call failed (non-401)	Prompt user to check network and retry
Authorization Information Mismatch	mccCode/salesProductCodes is not auth, scope is not auth	logout → Re-authorize
Contract Signing Error	errorCode, errorMessage	Display error and guide user to correct

Unified Error Detection Template:

bash

if echo "$RESULT" | grep -qiE "HTTP 401|Authorization is empty|mccCode.*is not auth|salesProductCodes.*is not auth|scope.*is not auth|Authorization information mismatch"; then
  # → Execute scripts/handle_scope_mismatch.sh
fi

For detailed error handling, see
references/error-handling.md

FAQ

产品相关

Product Related

Q: 网址未上线可以开通电脑网站支付吗？ A: 可以，上传网站截图即可。 Q: 个人账号是否可以开通电脑网站支付？ A: 可以，需提供营业执照且名称一致。 Q: AI收产品是什么？ A: AI收是通过支付宝实现智能体对机器支付的收单产品。 Q: 个人开通AI收如何提升收款额度？ A: 需提供个体工商户营业执照，法人一致。

Q: Can I activate PC Website Payment if my website is not online yet? A: Yes, you can upload website screenshots. Q: Can individual accounts activate PC Website Payment? A: Yes, you need to provide a business license with the same name. Q: What is AI Pay? A: AI Pay is a payment collection product that enables agent-to-machine payments through Alipay. Q: How can individuals increase the collection limit for AI Pay? A: You need to provide an individual business license with the same legal person.

签约相关

Contract Signing Related

Q: 签约时提示"操作行为存在风险"怎么办？ A: 系统检测到账户异常，请过段时间再重新尝试。 Q: 如何关闭产品？ A: 登录 b.alipay.com → 产品中心 → 找到产品 → 关闭产品。

完整 FAQ 见
references/faq.md

Q: What should I do if I get the prompt "Operation behavior is risky" during contract signing? A: The system has detected abnormal account activity. Please try again later. Q: How to close a product? A: Log in to b.alipay.com → Product Center → Find the product → Close the product.

Complete FAQ can be found in
references/faq.md

引用文档

Reference Documents

文档	内容
`references/product-sign.md`	签约模块完整流程、JSON结构、状态判断
`references/app-release.md`	应用发布全流程、MCP调用铁律、复用规范
`references/service-registration.md`	服务市场注册流程、入参校验、先查后建
`references/authorization.md`	登录授权完整流程、scope校验、重新授权
`references/flow.md`	详细执行流程图和分支逻辑
`references/cli-commands.md`	CLI 命令详细说明
`references/mcp-methods.md`	MCP 方法声明、参数结构、方法路由
`references/products.md`	产品配置、MCC格式、资料采集需求
`references/error-handling.md`	错误处理详细说明
`references/faq.md`	常见问题解答
`references/mcc-reference.md`	MCC 类目参考表
`references/state-management.md`	状态管理说明
`scripts/detect_dev_tool.sh`	AI编程工具检测脚本
`scripts/query_sign_status.sh`	签约状态查询与判断脚本
`scripts/handle_scope_mismatch.sh`	授权范围不匹配处理脚本
`scripts/app_query_and_reuse.sh`	应用查询与复用判断脚本
`scripts/service_query_and_list.sh`	服务查询与列表输出脚本
`scripts/upload_screenshots.sh`	截图并行上传与解析脚本

Document	Content
`references/product-sign.md`	Complete process of contract signing module, JSON structure, status judgment
`references/app-release.md`	Full process of application publication, iron rules for MCP calls, reuse specifications
`references/service-registration.md`	Service market registration process, input parameter verification, query first then create
`references/authorization.md`	Complete process of login authorization, scope verification, re-authorization
`references/flow.md`	Detailed execution flow chart and branch logic
`references/cli-commands.md`	Detailed instructions for CLI commands
`references/mcp-methods.md`	MCP method declarations, parameter structures, method routes
`references/products.md`	Product configuration, MCC format, information collection requirements
`references/error-handling.md`	Detailed instructions for error handling
`references/faq.md`	Frequently asked questions and answers
`references/mcc-reference.md`	MCC category reference table
`references/state-management.md`	Instructions for state management
`scripts/detect_dev_tool.sh`	AI programming tool detection script
`scripts/query_sign_status.sh`	Contract signing status query and judgment script
`scripts/handle_scope_mismatch.sh`	Handling script for insufficient authorization scope
`scripts/app_query_and_reuse.sh`	Application query and reuse judgment script
`scripts/service_query_and_list.sh`	Service query and list output script
`scripts/upload_screenshots.sh`	Screenshot parallel upload and parsing script

alipay-merchant-onboarding

Original

Translation

支付宝商家入驻 Skill

Alipay Merchant Onboarding Skill

个人开发者支付宝商家入驻一站式解决方案。

One-stop solution for individual developers to onboard as Alipay merchants.

目录

Table of Contents

全局规范与铁律

Global Specifications and Iron Rules

使用声明

Usage Declaration

⛔ 用户项目文件修改铁律（最高优先级）

⛔ Iron Rule for Modifying User Project Files (Highest Priority)

⛔ 应用公钥管理铁律（最高优先级）

⛔ Iron Rule for App Public Key Management (Highest Priority)

⛔ MCP调用铁律（最高优先级）

⛔ Iron Rule for MCP Calls (Highest Priority)

⛔ CLI 环境变量铁律（最高优先级）

⛔ Iron Rule for CLI Environment Variables (Highest Priority)

⛔ 授权链接铁律（最高优先级）

⛔ Iron Rule for Authorization Links (Highest Priority)

⛔ createKeyConfirmPage 返回处理铁律（最高优先级）

⛔ Iron Rule for Handling createKeyConfirmPage Returns (Highest Priority)

⛔ 授权范围不满足处理铁律（最高优先级）

⛔ Iron Rule for Handling Insufficient Authorization Scope (Highest Priority)

能力概览

Capability Overview

任务管理规范

Task Management Specifications

任务-Step对照表（强制遵守）

Task-Step Comparison Table (Mandatory Compliance)

任务创建铁律（最高优先级）

Iron Rule for Task Creation (Highest Priority)

任务跳过规则

Task Skipping Rules

内存状态管理

Memory State Management

主流程

Main Process

流程概览

Process Overview

Step 1: 环境检查

Step 1: Environment Check

1.1 CLI安装检查

1.1 CLI Installation Check

1.2 任务创建（必须在执行任何Step之前完成）

1.2 Task Creation (Must be completed before executing any Step)

1.3 智能识别 AI 编程工具

1.3 Intelligent Recognition of AI Programming Tools

1.4 内存状态初始化

1.4 Memory State Initialization

Step 2: 方案规划

Step 2: Solution Planning

核心原则：直接推荐 + 不认可再调整

Core Principle: Direct Recommendation + Adjust if Not Approved

产品匹配规则

Product Matching Rules

MCC匹配

MCC Matching

用户确认后的流程

Process After User Confirmation

Step 3: 登录授权

Step 3: Login Authorization

关键流程

Key Process

Scope 映射

Scope Mapping

授权信息展示规范（最高优先级）

Authorization Information Display Specifications (Highest Priority)

Step 3.1: 授权后处理（登录授权子流程）

Step 3.1: Post-Authorization Handling (Login Authorization Sub-process)

签约状态查询

Contract Signing Status Query

签约状态判断与分支

Contract Signing Status Judgment and Branches

Step 4: 资料采集

Step 4: Information Collection

上传截图获取 fileKey

签约模块 →
`references/product-sign.md`

Contract Signing Module →
`references/product-sign.md`

应用发布模块 →
`references/app-release.md`

Application Publication Module →
`references/app-release.md`

服务市场注册模块 →
`references/service-registration.md`

Service Market Registration Module →
`references/service-registration.md`

MCC推荐模块 →
`references/mcc-reference.md`

MCC Recommendation Module →
`references/mcc-reference.md`

CLI命令规范 →
`references/cli-commands.md`

CLI Command Specifications →
`references/cli-commands.md`

MCP方法声明 →
`references/mcp-methods.md`

MCP Method Declarations →
`references/mcp-methods.md`

登录授权 →
`references/authorization.md`

Login Authorization →
`references/authorization.md`

错误处理 →
`references/error-handling.md`

Error Handling →
`references/error-handling.md`