webflow-webhooks-events
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate instructions and code snippets for integrating with Webflow's webhook system.
- [SAFE]: It correctly utilizes environment variables for sensitive data like WEBFLOW_API_TOKEN and WEBFLOW_WEBHOOK_SECRET, avoiding credential exposure.
- [SAFE]: The provided code for signature verification uses secure cryptographic practices, including timing-safe comparisons to mitigate timing side-channel attacks.
- [SAFE]: Tool usage (Bash with curl) is documented for interacting with official Webflow API endpoints and is consistent with the skill's stated purpose.
- [SAFE]: All external libraries mentioned (webflow-api, express, ioredis) are well-known, reputable packages used for their intended purposes.
Audit Metadata