From uitkit
Generates a secure, idempotent webhook receiver for a given provider and event types. Handles signature verification, deduplication, async processing, and includes tests.
How this command is triggered — by the user, by Claude, or both
Slash command
/uitkit:webhook-handler [provider] [event-types]api/The summary Claude sees in its command listing — used to decide when to auto-load this command
Implement a webhook handler for: $ARGUMENTS Parse as: webhook provider name (e.g. Stripe, GitHub, Twilio) and a comma-separated list of event types to handle. If provider is unknown, build a generic signed-webhook pattern. Security — non-negotiable: - Verify the provider's signature before processing any payload. Read the provider's docs pattern for the exact header and HMAC algorithm (usually `HMAC-SHA256`) - Compare signatures with a constant-time comparison function — never string equality - Reject requests with missing or invalid signatures with `401` immediately — log the failure - V...
Implement a webhook handler for: $ARGUMENTS
Parse as: webhook provider name (e.g. Stripe, GitHub, Twilio) and a comma-separated list of event types to handle. If provider is unknown, build a generic signed-webhook pattern.
Security — non-negotiable:
HMAC-SHA256)401 immediately — log the failuretimestamp field if the provider includes one; reject events older than 5 minutes to prevent replay attacksIdempotency:
200 immediately — do not reprocessProcessing pattern:
200 — do not make the provider wait for business logicHandler structure:
Write tests for: valid signature, invalid signature, duplicate event, each event type dispatched correctly.
npx claudepluginhub uitbreidenos/uitkit/create-webhook-handlerGenerates production-ready webhook endpoints with signature verification, idempotency, retry handling, event routing, and monitoring setup across configurable providers.
/forge-webhook-skillScaffolds a hardened webhook receiver for any provider from an AsyncAPI YAML spec or JSON event-type list. Generates signature-verified Hono routes, Zod schemas, D1 tables, typed handler stubs, and E2E fixtures.
/webhookDesigns, implements, and secures inbound/outbound webhook systems with retries, HMAC verification, DLQ, subscriptions; produces DB schemas, event catalogs, OpenAPI specs, docs, monitoring configs, validation reports. Supports provider configs (e.g., Stripe) and audits.
/create-hookScaffolds, debugs, validates, and analyzes Claude Code hooks with built-in templates and conflict detection.
/implement-eventsGenerates event publishers, subscribers, message broker integration, and async communication patterns for event-driven microservices.