Skylv Webhook Debugger
AdvisoryAudited by Static analysis on May 4, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may help send test requests to webhook URLs; using the wrong URL or real data could affect an external service.
The skill documents sending an HTTP POST payload, which is expected for webhook testing but should be limited to endpoints the user controls or is authorized to test.
Invoke-RestMethod -Uri "https://example.com/webhook" -Method POST -Headers $headers -Body $body
Use synthetic payloads and confirm the target webhook URL before sending requests.
Webhook payloads or local test services could be visible to third-party debugging platforms or reachable through a tunnel.
The skill suggests public webhook inspection services and a tunneling tool, which are common for debugging but can expose payload contents or local services if used carelessly.
- https://webhook.site - temporary public URL - https://requestbin.com - inspect payloads - ngrok http 3000 - forward to localhost
Do not send secrets, tokens, personal data, or production payloads to public debugging URLs, and close tunnels when testing is complete.