The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or data exfiltration vectors were detected in the skill instructions or example code.
[SAFE]: The skill implements robust security practices, including HMAC-SHA256 signature verification for webhook payloads and timing-safe comparisons to prevent timing attacks during validation.
[SAFE]: All external dependencies (e.g., @paddle/paddle-node-sdk, paddle-python-sdk) and recommended tools (e.g., hookdeck-cli) are official libraries or vendor-owned resources.
[SAFE]: Secret management follows best practices by using placeholders in documentation and environment variable examples, rather than hardcoding credentials.

paddle-webhooks