postmark-webhooks
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements standard webhook handling logic consistent with Postmark's official documentation. It provides clear guidance on authentication using either Basic Auth or URL tokens.
- [EXTERNAL_DOWNLOADS]: The documentation recommends the Hookdeck CLI for local testing. This is a legitimate development tool provided by the skill's author for creating local tunnels.
- [COMMAND_EXECUTION]: Setup instructions include the use of
openssl randto generate secure, high-entropy tokens for webhook authentication, which is a recommended security practice. - [CREDENTIALS_UNSAFE]: The skill correctly demonstrates secret management by providing
.env.examplefiles and instructing the user to store their tokens in environment variables, avoiding hardcoded credentials.
Audit Metadata