woocommerce-webhooks
Warn
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Unverifiable package versions in dependency manifests. The
package.jsonandrequirements.txtfiles across the Next.js, Express, and FastAPI examples specify versions for widely used packages (such asnext@^16.1.6,express@^5.2.1,jest@^30.2.0,fastapi>=0.128.1, andpytest>=9.0.2) that are not yet available in the official NPM or PyPI registries. This pattern represents a security risk where an attacker could preemptively register these versions to distribute malicious code via dependency confusion. - [PROMPT_INJECTION]: Indirect prompt injection surface via webhook payload ingestion. The handlers in
src/index.js,route.ts, andmain.pyingest untrusted JSON data from external HTTP POST requests. - Ingestion points:
request.json(),request.text(), andexpress.raw()are used to capture external payloads in the framework examples. - Boundary markers: No explicit delimiters or instructions are used to separate user-controlled data from system-level instructions within logging or processing logic.
- Capability inventory: The skill performs logging of event IDs and types, but does not currently perform high-risk actions such as file writes or network requests using the payload data.
- Sanitization: Payloads are validated as JSON, but individual fields are not sanitized or escaped before being logged or processed.
- [EXTERNAL_DOWNLOADS]: Installation of vendor-specific tools. The skill recommends installing
hookdeck-clivia npm or brew and references related skills within thehookdeckorganization on GitHub. - [SAFE]: Secure implementation of webhook signature verification. The provided handlers correctly utilize
crypto.timingSafeEqual(Node.js) andhmac.compare_digest(Python) to validate theX-WC-Webhook-Signatureheader, following industry best practices to mitigate timing-based side-channel attacks.
Audit Metadata