The Agent Skills Directory

[SAFE]: The skill implements robust security measures for webhook integration. It utilizes HMAC-SHA256 for signature verification and crypto.timingSafeEqual to prevent timing attacks.\n- [SAFE]: Replay attack protection is included via timestamp validation, checking that incoming requests are within a valid time window (5 minutes) to prevent captured requests from being reused.\n- [COMMAND_EXECUTION]: The skill requests access to the Bash tool restricted to curl. This is used appropriately in the provided examples for testing webhook endpoints locally and interacting with well-known developer tools like ngrok and webhook.site.

clay-webhooks-events