Receive and verify Paddle webhooks in a Next.js Route Handler — signature verification, idempotency, retry semantics, and local testing.
87
80%
Does it follow best practices?
Impact
99%
1.13xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Fix and improve this skill with Tessl
tessl review fix ./skills/webhooks/SKILL.mdSecurity
2 findings — 2 medium severity. This skill can be installed but you should review these findings before use.
The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.
Third-party content exposure detected (high risk: 0.85). The required runtime path is the Next.js webhook `POST` route, which ingests Paddle’s webhook request body (`await request.text()`) and passes it to `paddle.webhooks.unmarshal(rawBody, secret, signature)`; this body is outsider-authored free text (sent by Paddle, not the operating user), creating indirect prompt-injection risk if any fields are later included in LLM context.
The skill is specifically designed for direct financial operations, giving the agent the ability to move money or execute financial transactions — such as payment processing, cryptocurrency operations, banking integrations, or market order execution.
Direct money access detected (high risk: 1.00). The skill is explicitly built around the Paddle payment gateway: it requires PADDLE_API_KEY, installs @paddle/paddle-node-sdk, creates a Paddle SDK instance, and references Paddle MCP methods (e.g., client.notificationSettings.create, client.notifications.replay, client.notifications.logs.list) and Paddle-specific operations like paddle.transactions.list(). It subscribes to and processes payment-related events (transaction.completed, subscription.*) and describes upserting transaction/subscription records and granting credits. Because it uses a specific payment provider's SDK and APIs (Paddle) rather than generic tooling, it meets the criteria for Direct Financial Execution authority.
72e6fdf
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.