coderabbit-webhooks-events
Implement CodeRabbit webhook signature validation and event handling. Use when setting up webhook endpoints, implementing signature verification, or handling CodeRabbit event notifications securely. Trigger with phrases like "coderabbit webhook", "coderabbit events", "coderabbit webhook signature", "handle coderabbit events", "coderabbit notifications".
80
77%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./plugins/saas-packs/coderabbit-pack/skills/coderabbit-webhooks-events/SKILL.mdQuality
Discovery
89%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a solid skill description that clearly identifies its niche (CodeRabbit webhook integration), provides explicit 'Use when' guidance, and includes natural trigger phrases. Its main weakness is that the capability listing could be more granular—specifying concrete actions like HMAC verification, payload parsing, or event routing would strengthen specificity.
Suggestions
Expand the capability list with more concrete actions, e.g., 'Validates HMAC-SHA256 signatures, parses webhook payloads, routes events by type, and returns appropriate HTTP status codes.'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (CodeRabbit webhooks) and some actions (signature validation, event handling), but doesn't list multiple concrete actions in detail—e.g., it doesn't specify parsing payloads, verifying HMAC signatures, routing event types, or returning proper HTTP responses. | 2 / 3 |
Completeness | Clearly answers both 'what' (implement webhook signature validation and event handling) and 'when' (setting up webhook endpoints, implementing signature verification, handling event notifications), with explicit trigger phrases provided. | 3 / 3 |
Trigger Term Quality | Includes a well-curated list of natural trigger phrases like 'coderabbit webhook', 'coderabbit events', 'coderabbit webhook signature', 'handle coderabbit events', and 'coderabbit notifications'—these are terms a user would naturally use when needing this skill. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive due to the specific 'CodeRabbit' product name combined with webhook signature validation—this is unlikely to conflict with generic webhook skills or other code review tool integrations. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
64%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a solid, actionable skill with executable TypeScript code and good structural organization. Its main weaknesses are the lack of validation/testing checkpoints in the workflow and some verbosity in sections that restate what the code already demonstrates (like the Output section). The inline comments explaining HTTP status codes and hash lengths are unnecessary for Claude.
Suggestions
Add explicit validation/testing steps (e.g., 'Test with: curl -X POST with a sample payload and verify 401 for bad signatures, 200 for valid ones') to improve workflow clarity.
Remove the 'Output' section entirely as it just restates what the code does, and trim inline comments like '# 256 bytes' and '# HTTP 200 OK' that explain things Claude already knows.
Add a verification step after deployment to confirm webhook events are being received and routed correctly, such as checking logs or a health endpoint.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill includes some unnecessary sections like 'Output' (which just restates what the code does), 'Prerequisites' that are somewhat obvious, and inline comments like '# 256 bytes' and '# HTTP 401 Unauthorized' that explain things Claude already knows. The event types table and error handling table add value, but the overall content could be tightened. | 2 / 3 |
Actionability | The skill provides fully executable TypeScript code for webhook signature validation, event routing, and review processing. The YAML configuration is concrete and copy-paste ready. Code examples are complete and specific with real function signatures and logic. | 3 / 3 |
Workflow Clarity | Steps are clearly numbered and sequenced (configure receiver → route events → process results → configure behavior), but there are no validation checkpoints or feedback loops. For a webhook setup involving signature verification and event processing, there should be explicit testing/validation steps (e.g., 'test with a sample payload', 'verify signature validation works before deploying'). | 2 / 3 |
Progressive Disclosure | The content is mostly inline with a reasonable structure, but the error handling table, metrics tracking example, and configuration could potentially be split out. The 'Next Steps' reference to 'coderabbit-deploy-integration' is good, but the Resources section just links to external docs without clear signaling of when to use each. The skill is somewhat long for a single file without better cross-referencing. | 2 / 3 |
Total | 9 / 12 Passed |
Validation
81%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 9 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
allowed_tools_field | 'allowed-tools' contains unusual tool name(s) | Warning |
frontmatter_unknown_keys | Unknown frontmatter key(s) found; consider removing or moving to metadata | Warning |
Total | 9 / 11 Passed | |
- Commit
70e9fa4
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.