The Agent Skills Directory

[SAFE]: The skill focuses on secure webhook implementation. It correctly demonstrates the use of HMAC-SHA256 for signing payloads and constant-time comparison methods (hmac.compare_digest) to protect against timing attacks, as seen in SKILL.md and references/webhook-security.md.
[SAFE]: Implements replay attack prevention by requiring and validating timestamp headers. The code includes checks for timestamp age within a defined tolerance window (e.g., 5 minutes).
[SAFE]: Provides patterns for idempotent processing using event IDs and storage locks (e.g., Redis). This ensures that incoming webhook data is processed exactly once, which is a critical safety feature for event-driven systems.
[SAFE]: External dependencies and tools mentioned, such as Stripe CLI, GitHub CLI, and the Flask framework, are well-known and widely trusted industry standards used for their intended purposes.
[SAFE]: The skill handles external data ingestion through webhooks but provides the necessary architectural safeguards (signature verification, structured schema validation) to prevent indirect prompt injection or data corruption.

webhook-integration-patterns