The Agent Skills Directory

[SAFE]: The skill provides templates for implementing secure webhook endpoints.
[SAFE]: Signature verification correctly utilizes crypto.timingSafeEqual to mitigate timing attacks.
[SAFE]: Replay attack protection is implemented by validating the x-ideogram-timestamp header against a 5-minute window.
[SAFE]: Sensitive information such as webhook secrets and Redis connection strings are managed via environment variables rather than being hardcoded.
[SAFE]: External tools mentioned for testing (webhook.site, ngrok) are standard developer utilities and are used in an appropriate context.

ideogram-webhooks-events