Skills
skills/btfranklin/skills/openai-django-webhooks/Gen Agent Trust Hub

openai-django-webhooks

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill provides documentation and reference code for building a service layer and webhook handler in Django for OpenAI. No malicious code, exfiltration patterns, or obfuscation were detected.
  • [PROMPT_INJECTION]: The skill handles untrusted data from the OpenAI Responses API, which represents an indirect prompt injection surface.
  • Ingestion points: The Django webhook view processes JSON payloads from the OpenAI API as described in references/OPENAI_DJANGO_WEBHOOKS.md.
  • Boundary markers: Use of svix.webhooks.Webhook.verify is recommended to validate payload integrity and authenticity.
  • Capability inventory: The suggested implementation involves database writes and HTMX polling to update the frontend.
  • Sanitization: Cryptographic verification of the source is explicitly included; implementation of output encoding is left to standard Django templates.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 09:14 AM
Security Audit — agent-trust-hub — openai-django-webhooks