webhooks
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill demonstrates a strong security posture by implementing timing-safe signature verification using
timingSafeEqualand providing clear documentation on signature algorithms for different providers.\n- [EXTERNAL_DOWNLOADS]: Includes instructions for interacting with the official REST APIs of well-known and trusted services, such as Vercel and GitHub, for webhook registration purposes.\n- [COMMAND_EXECUTION]: Provides standard operational and debugging commands for the developer, including the use ofopensslfor manual HMAC testing and the author's ownjoelclawCLI for service management.\n- [CREDENTIALS_UNSAFE]: Features a secure secret management workflow that utilizes a leasing system (secrets lease) to provision environment variables at runtime, effectively preventing the use of hardcoded credentials.\n- [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection as the gateway processes external webhook payloads. Ingestion points: Webhook endpoints defined inSKILL.md(e.g.,/webhooks/todoist). Boundary markers: The prompt-building logic innew-provider-checklist.mduses Markdown headers to delimit external data. Capability inventory: The system can trigger Inngest functions and push notifications to thejoelclawgateway. Sanitization: The provided TypeScript templates extract specific fields but do not explicitly show sanitization of external strings before prompt interpolation.
Audit Metadata