ce-webhooks
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references documentation and markdown content from
commercengine.ioandllm-docs.commercengine.io. These are official vendor resources belonging to the skill author and are used for documentation purposes. - [COMMAND_EXECUTION]: While the skill requests the
Bashtool, no executable scripts or malicious commands are present in the provided files. The documentation describes standard webhooks processing logic. - [CREDENTIALS_UNSAFE]: No hardcoded secrets were detected. The skill correctly recommends using environment variables (
CE_WEBHOOK_SECRET) and provides code for secure signature verification usingcrypto.timingSafeEqualto prevent timing attacks. - [PROMPT_INJECTION]: No malicious instructions designed to bypass agent safety filters or override system prompts were found in the documentation or metadata.
Audit Metadata