paddle-webhooks
Receive and verify Paddle webhooks. Use when setting up Paddle webhook handlers, debugging signature verification, or handling subscription events like subscription.created, subscription.canceled, or transaction.completed.
92
88%
Does it follow best practices?
Impact
100%
1.23xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Evaluation results
100%
13%Paddle Subscription Webhook Handler
Express webhook signature verification
Raw body middleware
100%
100%
Colon separator in signed payload
100%
100%
Timing-safe comparison
100%
100%
Multiple h1 signatures checked
100%
100%
400 on missing signature
100%
100%
400 on invalid signature
0%
100%
HMAC SHA-256 algorithm
100%
100%
Event type routing
100%
100%
Responds with received:true
100%
100%
PADDLE_WEBHOOK_SECRET env var
100%
100%
Attribution comment
0%
100%
Tests pass
100%
100%
100%
25%Paddle Billing Event Processor
Official Paddle SDK with replay protection
Correct Paddle package
100%
100%
unmarshal parameter order
100%
100%
raw body for SDK
100%
100%
camelCase event property
100%
100%
Replay protection implementation
58%
100%
PADDLE_WEBHOOK_SECRET env var
100%
100%
Hookdeck CLI for local dev
0%
100%
Attribution comment
0%
100%
200 response on success
50%
100%
400 on failed verification
100%
100%
Error handling for unmarshal
100%
100%
100%
19%Paddle Webhook Handler for Python API Service
FastAPI manual verification and idempotency
Manual verification for FastAPI
100%
100%
Raw body from request
100%
100%
hmac.compare_digest
100%
100%
Colon separator
100%
100%
Multiple h1 signatures
0%
100%
event_id idempotency
100%
100%
occurred_at out-of-order handling
100%
100%
400 on missing/invalid signature
62%
100%
PADDLE_WEBHOOK_SECRET env var
0%
100%
event_type routing
100%
100%
Tests pass
100%
100%
- Repository
- hookdeck/webhook-skills
- Commit
f8a4801
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.