attio-webhooks-events
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or unauthorized data access were detected. The skill purely provides instructional code and documentation for integrating with the Attio CRM platform.
- [SAFE]: Secret management follows industry best practices by utilizing
process.envfor storing sensitive credentials like the Attio API Key and Webhook Secret. - [SAFE]: The provided signature verification logic uses secure cryptographic comparisons (
crypto.timingSafeEqual) and implements timestamp checks to prevent replay attacks. - [EXTERNAL_DOWNLOADS]: The skill references official Attio documentation and API endpoints (
api.attio.com), which are well-known and legitimate services for this integration use case.
Audit Metadata