The Agent Skills Directory

[SAFE]: The skill provides robust implementation patterns for HubSpot v3 signature verification using HMAC-SHA256.
[SAFE]: Security best practices are followed, such as using crypto.timingSafeEqual in JavaScript and hmac.compare_digest in Python to mitigate timing attacks.
[SAFE]: Replay protection is correctly implemented by validating the X-HubSpot-Request-Timestamp against a five-minute window.
[SAFE]: The skill correctly instructs developers to use raw request bodies for verification, which is essential for cryptographic integrity in webhook handlers.
[SAFE]: No malicious behaviors, such as prompt injection, hardcoded credentials, or data exfiltration, were detected during the analysis.

hubspot-webhooks