CtrlK
BlogDocsLog inGet started
Tessl Logo

creating-webhook-handlers

Create webhook endpoints with signature verification, retry logic, and payload validation. Use when receiving and processing webhook events. Trigger with phrases like "create webhook", "handle webhook events", or "setup webhook handler".

78

Quality

Does it follow best practices?

Impact

No eval scenarios have been run

SecuritybySnyk

Advisory

Suggest reviewing before use

SKILL.md
Quality
Evals
Security

Quality

Content

100%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

A strong, well-structured skill body: concise overview, concrete actionable instructions, an explicitly sequenced workflow with a verification step, and clean progressive disclosure to real reference files. It avoids explaining basics Claude already knows.

DimensionReasoningScore

Conciseness

The body is lean and assumes Claude's competence — it does not explain what webhooks or HMAC are, and defers detail to reference files rather than padding the overview. Every section earns its place.

3 / 3

Actionability

Instruction-only but highly actionable: names the exact algorithm ('HMAC-SHA256', 'HMAC(raw_body, signing_secret)'), provider headers, idempotency storage in Redis, and a dispatch map. The instruction-only carve-out applies since guidance is concrete and specific despite no inline code.

3 / 3

Workflow Clarity

Eight numbered steps give a clear sequence, step 8 provides a validation checkpoint (replay tests with valid and tampered signatures), and the Error Handling table supplies cause/solution feedback loops for recovery.

3 / 3

Progressive Disclosure

Body is an overview that clearly signals one-level-deep references (implementation.md, errors.md, examples.md) — all of which exist in ./references/ — with content appropriately split and easy navigation.

3 / 3

Total

12

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

A well-crafted description that concisely states concrete capabilities, gives an explicit 'Use when' trigger with natural user phrases, and occupies a distinct niche. It uses imperative/third-person voice consistent with the strong examples.

DimensionReasoningScore

Specificity

Lists multiple concrete actions — 'signature verification, retry logic, and payload validation' plus 'webhook endpoints' — rather than vague language, matching the 'lists multiple specific concrete actions' anchor.

3 / 3

Completeness

Explicitly answers both 'what' (create webhook endpoints with signature verification, retry logic, payload validation) and 'when' (an explicit 'Use when receiving and processing webhook events' clause plus trigger phrases).

3 / 3

Trigger Term Quality

Provides natural phrases users would say — 'create webhook', 'handle webhook events', 'setup webhook handler' — giving good coverage of likely trigger terms.

3 / 3

Distinctiveness Conflict Risk

Targets a clear niche (webhook receivers) with provider-specific signature schemes, making it unlikely to trigger for unrelated skills.

3 / 3

Total

12

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

allowed_tools_field

'allowed-tools' contains unusual tool name(s)

Warning

frontmatter_unknown_keys

Unknown frontmatter key(s) found; consider removing or moving to metadata

Warning

Total

14

/

16

Passed

Repository
jeremylongshore/claude-code-plugins-plus-skills
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.