Skylv Webhook Debugger
PassAudited by ClawScan on May 4, 2026.
Overview
This is a simple instruction-only webhook testing skill, with minor normal cautions about sending test HTTP payloads to external endpoints or public debugging tools.
This skill appears safe for basic webhook testing. Before using it, confirm the webhook URL, use fake test data, avoid secrets or production payloads, and be careful with public request-inspection services or ngrok tunnels.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may help send test requests to webhook URLs; using the wrong URL or real data could affect an external service.
The skill documents sending an HTTP POST payload, which is expected for webhook testing but should be limited to endpoints the user controls or is authorized to test.
Invoke-RestMethod -Uri "https://example.com/webhook" -Method POST -Headers $headers -Body $body
Use synthetic payloads and confirm the target webhook URL before sending requests.
Webhook payloads or local test services could be visible to third-party debugging platforms or reachable through a tunnel.
The skill suggests public webhook inspection services and a tunneling tool, which are common for debugging but can expose payload contents or local services if used carelessly.
- https://webhook.site - temporary public URL - https://requestbin.com - inspect payloads - ngrok http 3000 - forward to localhost
Do not send secrets, tokens, personal data, or production payloads to public debugging URLs, and close tunnels when testing is complete.