webhook-processor
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified within the skill instructions or code examples. The provided logic follows industry best practices for webhook management.
- [SAFE]: The skill explicitly promotes defensive security measures, such as using crypto.timingSafeEqual for signature validation to protect against timing attacks and ensuring signatures are verified prior to payload processing.
- [EXTERNAL_DOWNLOADS]: The skill suggests using standard and well-known Node.js libraries, including express, bullmq, and ioredis, to implement the webhook receiver and worker architecture. These are reputable packages for web servers and job queue management.
Audit Metadata