loom-webhooks
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill provides high-quality educational content and code snippets for webhook development following industry-standard security practices.
- [COMMAND_EXECUTION]: No shell command execution or risk of command injection detected.
- [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns detected. The network operations (using
node-fetch) are restricted to the primary purpose of delivering webhooks to configured endpoints as part of the implementation guide. - [CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were found. The code snippets correctly demonstrate using environment variables for secret management (e.g.,
process.env.WEBHOOK_SECRET). - [REMOTE_CODE_EXECUTION]: No remote code execution or dynamic execution patterns (like
evalorexec) were detected. - [PROMPT_INJECTION]: No instructions to override agent behavior or bypass safety guidelines were found.
Audit Metadata