replicate-webhooks
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing standard dependencies from the npm and PyPI registries, such as FastAPI, Express, and Next.js. It also suggests using the Hookdeck CLI for local development, which is a well-known service for webhook debugging.
- [PROMPT_INJECTION]: The skill implements endpoints for receiving external webhook data, creating an inherent surface for indirect prompt injection.
- Ingestion points: Ingestion occurs at the
POST /webhooks/replicateendpoint defined inexamples/express/src/index.js,examples/fastapi/main.py, andexamples/nextjs/app/webhooks/replicate/route.ts. - Boundary markers: Absent; the code parses the JSON payload directly after successful signature verification.
- Capability inventory: The skill's capabilities are limited to logging prediction metadata (e.g., status, IDs, and log lengths) to the console. No high-risk operations such as
eval(),exec(), or subprocess spawning are performed on the ingested data. - Sanitization: Absent; fields from the parsed JSON payload are interpolated directly into log strings without explicit sanitization or filtering.
Audit Metadata