The Agent Skills Directory

[SAFE]: The skill follows security best practices by instructing users to manage sensitive credentials (API keys and webhook secrets) using platform-native secret management tools (e.g., vercel env, fly secrets, gcloud secrets) rather than hardcoding them in the application source code.
[SAFE]: Hardcoded strings like sk_prod_xyz and whsec_prod_abc are identified as documentation placeholders for the user to replace with their own values, posing no risk to the agent or user environment.
[SAFE]: The provided webhook implementation include a signature verification step (verifySignature), which protects the application from processing unauthorized or forged requests.
[SAFE]: All external network communication is directed to the official and well-known Attio API domain (api.attio.com).
[SAFE]: Dependencies such as @vercel/node are standard packages from the official Vercel registry for serverless functions.

attio-deploy-integration