← 返回 Skills 市场
7schmiede

Hookaido Webhook Integration

作者 Sebastian Gieseler · GitHub ↗ · v2.6.0 · MIT-0
cross-platform ✓ 安全检测通过
1009
总下载
1
收藏
1
当前安装
12
版本数
在 OpenClaw 中安装
/install hookaido
功能描述
Webhook infrastructure for receiving, queuing, and delivering webhooks. Operate Hookaido webhook ingress, durable webhook queue (SQLite/Postgres), webhook de...
使用说明 (SKILL.md)

Hookaido

Overview

Implement and troubleshoot Hookaido with a config-first workflow: edit Hookaidofile, validate, run, exercise ingress/pull/exec flows, then diagnose queue health and DLQ behavior. Treat Hookaido v2.6.0's modular architecture as additive in this skill: keep the existing workflow intact by default, and opt into modules such as postgres, gRPC workers, subprocess delivery (deliver exec), or release verification only when they materially help the task. Use conservative, reversible changes and validate before runtime operations.

Workflow

  1. Confirm target topology: inbound+pull (HTTP or gRPC), push outbound, subprocess exec, or internal queue, plus the queue backend (sqlite, memory, or postgres).
  2. Choose runtime mode and ensure hookaido exists where tools execute.
    • Host-binary mode: use the install action from metadata.openclaw.install.
    • Host fallback: run bash {baseDir}/scripts/install_hookaido.sh (pinned v2.6.0, SHA256-verified).
    • Public repo/source mode: use the public upstream repo github.com/nuetzliches/hookaido via go install github.com/nuetzliches/hookaido/cmd/[email protected] when a source-based install is preferred.
    • Docker-sandbox mode: use a sandbox image that already includes hookaido (preferred), or install inside sandbox via agents.defaults.sandbox.docker.setupCommand.
    • Keep host install actions available as fallback and to satisfy metadata.openclaw.requires.bins.
  3. Inspect and update Hookaidofile minimally.
  4. Run format and validation before starting or reloading:
    • hookaido config fmt --config ./Hookaidofile
    • hookaido config validate --config ./Hookaidofile
    • hookaido config validate --config ./Hookaidofile --strict-secrets when secret refs or Vault-backed config are involved.
  5. Start runtime and verify health:
    • hookaido run --config ./Hookaidofile --db ./.data/hookaido.db
    • hookaido run --config ./Hookaidofile --postgres-dsn "$HOOKAIDO_POSTGRES_DSN" when queue postgres is selected.
    • curl http://127.0.0.1:2019/healthz?details=1
  6. Validate end-to-end behavior:
    • ingress request accepted and queued
    • consumer dequeue/ack/nack/extend path works (HTTP pull, batch ack/nack, plus gRPC pull when enabled)
  7. For incidents, inspect backlog and DLQ first, then mutate.

Task Playbooks

Configure Ingress and Pull Consumption

  1. Define a route with explicit auth and pull path (HTTP pull, optional gRPC pull worker listener).
  2. Keep secrets in env/file refs, never inline.
  3. Verify route and global pull auth are consistent.
  4. Test with a real webhook payload and a dequeue/ack cycle, using batch ack/nack when worker throughput matters.

Prefer this baseline:

ingress {
  listen :8080
}

pull_api {
  listen :9443
  grpc_listen :9943 # optional gRPC pull-worker listener
  auth token env:HOOKAIDO_PULL_TOKEN
}

/webhooks/github {
  auth hmac env:HOOKAIDO_INGRESS_SECRET
  pull { path /pull/github }
}

Configure Push Delivery

  1. Use push delivery only when inbound connectivity to the service is acceptable.
  2. Set timeout and retry policy explicitly.
  3. Validate downstream idempotency since delivery is at-least-once.
/webhooks/stripe {
  auth hmac env:STRIPE_SIGNING_SECRET
  deliver "https://billing.internal/stripe" {
    retry exponential max 8 base 2s cap 2m jitter 0.2
    timeout 10s
  }
}

Configure Subprocess Delivery (deliver exec)

  1. Use exec delivery when the target is a local script or binary, not an HTTP service.
  2. Payload is piped to stdin; metadata arrives as env vars (HOOKAIDO_ROUTE, HOOKAIDO_EVENT_ID, HOOKAIDO_ATTEMPT, etc.).
  3. Exit code determines retry behavior: 0 = ack, 1-125 = retry, 126/127 = immediate DLQ.
  4. sign directives are not supported with exec (compile error).
/webhooks/github {
  auth hmac {
    provider github
    secret env:GITHUB_WEBHOOK_SECRET
  }
  deliver exec "/opt/hooks/deploy.sh" {
    timeout 30s
    retry exponential max 3 base 1s cap 30s jitter 0.2
    env DEPLOY_ENV production
    env NOTIFY_URL {env.SLACK_WEBHOOK_URL}
  }
}

Configure Provider-Compatible HMAC

  1. Use provider github, provider gitea, provider stripe, or provider cituro for webhook providers with their own signature format.
  2. Provider mode disables timestamp/nonce replay protection (providers do not send those headers).
  3. signature_header, timestamp_header, nonce_header, and tolerance are forbidden in provider mode (compile error).
/webhooks/github {
  auth hmac {
    provider github
    secret env:GITHUB_WEBHOOK_SECRET
  }
  pull { path /pull/github }
}

/webhooks/gitea {
  auth hmac {
    provider gitea
    secret env:GITEA_WEBHOOK_SECRET
  }
  pull { path /pull/gitea }
}

/webhooks/stripe {
  auth hmac {
    provider stripe
    secret env:STRIPE_SIGNING_SECRET
  }
  pull { path /pull/stripe }
}

/webhooks/cituro {
  auth hmac {
    provider cituro
    secret env:CITURO_WEBHOOK_SECRET
  }
  pull { path /pull/cituro }
}

Use SSE Streaming (v2.5.3+)

  1. SSE replaces polling for real-time webhook delivery — use GET {pull.path}/stream instead of repeated POST .../dequeue.
  2. ACK/NACK operations use the same existing POST endpoints; no protocol change.
  3. Multiple concurrent SSE connections act as competing consumers.
  4. Configure keepalive interval (keepalive) and max connection duration (max_duration) in the route's pull block.
# Connect SSE stream (persistent, server pushes events)
curl -sS -N "http://localhost:9443/pull/github/stream" \
  -H "Authorization: Bearer $HOOKAIDO_PULL_TOKEN"

# ACK received event
curl -sS -X POST "http://localhost:9443/pull/github/ack" \
  -H "Authorization: Bearer $HOOKAIDO_PULL_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"lease_id":"lease_xyz"}'

Configure Queue Backends

  1. Default to sqlite unless the task explicitly needs ephemeral dev mode or shared Postgres storage.
  2. Treat memory and postgres as additive v2 modules, not replacements for existing sqlite workflows.
  3. When using postgres, document the DSN source and validate health plus backlog endpoints after startup.

Prefer these patterns:

queue sqlite

queue memory

queue postgres

Operate Queue and DLQ

  1. Start with health details and backlog endpoints.
  2. Inspect DLQ before requeue or delete.
  3. If requeueing many items, explain expected impact and rollback path.
  4. Require clear operator reason strings for mutating admin calls.

Use:

  • GET /healthz?details=1
  • GET /backlog/trends
  • GET /dlq
  • POST /dlq/requeue
  • POST /dlq/delete

Use MCP Mode for AI Operations

  1. Default to --role read for diagnostics.
  2. Enable mutations only with explicit operator intent:
    • --enable-mutations --role operate --principal \x3Cidentity>
  3. Enable runtime control only for admin workflows:
    • --enable-runtime-control --role admin --pid-file \x3Cpath>
  4. Include reason for mutation calls and keep it specific.

Register as Claude Code MCP Plugin

Add to .claude/settings.json (or ~/.claude/settings.json for global use):

{
  "mcpServers": {
    "hookaido": {
      "command": "hookaido",
      "args": [
        "mcp", "serve",
        "--config", "./Hookaidofile",
        "--db", "./.data/hookaido.db",
        "--role", "read"
      ]
    }
  }
}

For operate role (queue mutations):

{
  "mcpServers": {
    "hookaido": {
      "command": "hookaido",
      "args": [
        "mcp", "serve",
        "--config", "./Hookaidofile",
        "--db", "./.data/hookaido.db",
        "--enable-mutations",
        "--role", "operate",
        "--principal", "claude"
      ]
    }
  }
}

The MCP server exposes structured tools directly — no shell output parsing. Claude Code discovers available tools at startup and uses them with typed parameters.

Verify Public Releases

  1. Prefer official release assets from the public Hookaido repo.
  2. When supply-chain assurance matters, validate checksums, signature material, and provenance before rollout.
  3. Keep verification optional by default so existing skill flows do not become heavier unless the task requires it.

Use:

  • hookaido verify-release --checksums ./hookaido_v2.6.0_checksums.txt --require-provenance

Validation Checklist

  • hookaido config validate returns success before runtime start/reload.
  • hookaido config validate --strict-secrets is used when secret refs, Vault, or public-release rollout validation matters.
  • Health endpoint is reachable and reports expected queue/backend state.
  • Pull consumer can dequeue, ack, nack, and extend with valid token (HTTP, SSE, and optional gRPC transport), including batch ack/nack when enabled.
  • For push mode, retry/timeout behavior is explicitly configured.
  • For exec mode, handler script is executable, reads stdin, and uses exit codes correctly (0=ack, non-zero=retry, 126/127=DLQ).
  • For queue postgres, runtime is started with --postgres-dsn or HOOKAIDO_POSTGRES_DSN.
  • Any DLQ mutation is scoped, justified, and logged.

Safety Rules

  • Do not disable auth to "make tests pass."
  • Do not suggest direct mutations before read-only diagnostics.
  • Treat queue operations as at-least-once; require idempotent handlers.
  • Keep secrets in env: or file: refs.

References

  • Read references/operations.md for command snippets and API payload templates.
安全使用建议
This skill appears to do what it says: install and operate the open-source hookaido CLI. Before installing, review the Hookaidofile and any 'deliver exec' entries (they can run local scripts with webhook payloads). Prefer the Docker sandbox if you’re unsure about installing a host binary. The included installer downloads from GitHub releases and verifies pinned SHA256 checksums — verify those checksums yourself if you need extra assurance. Only provide HOOKAIDO_PULL_TOKEN and ingress secrets to trusted deployments, and avoid enabling exec delivery or broad mutation/operate roles unless you trust the configured scripts and operators.
功能分析
Type: OpenClaw Skill Name: hookaido Version: 2.6.0 The Hookaido skill bundle is a well-documented integration for a webhook infrastructure tool. It includes a hardened installation script (scripts/install_hookaido.sh) that performs SHA256 checksum verification for all platform-specific binaries. The SKILL.md file provides clear operational guidance, including safety rules that instruct the AI agent to prioritize read-only diagnostics, maintain authentication, and use conservative changes. While the tool supports high-privilege features like subprocess execution (deliver exec) and MCP-based administrative control, these are documented as core functionalities for webhook handling and are accompanied by appropriate security warnings and configuration examples.
能力标签
requires-oauth-tokenrequires-sensitive-credentials
能力评估
Purpose & Capability
Name/description, required binary (hookaido), required env vars (HOOKAIDO_PULL_TOKEN, HOOKAIDO_INGRESS_SECRET), CLI commands, and install options all align with operating a Hookaido webhook ingress/queue/delivery tool.
Instruction Scope
SKILL.md instructs the agent to edit/validate/run Hookaidofile, run the hookaido CLI, and inspect local state (DB, backlog, DLQ). It also documents 'deliver exec' (subprocess delivery) and examples that reference optional secrets (GITHUB_WEBHOOK_SECRET, STRIPE_SIGNING_SECRET, HOOKAIDO_POSTGRES_DSN). These are expected for webhook delivery tooling but warrant caution: enabling exec delivery or applying unreviewed Hookaidofile contents can run local scripts or mutate queued items.
Install Mechanism
Installer options include go install (pulls Go module) and direct downloads from GitHub releases. Downloads are pinned to v2.6.0 and the included install script verifies SHA256 checksums — this is acceptable and lower-risk than arbitrary URLs, but installing binaries or running go install will write executables to disk and fetch upstream code.
Credentials
The two required env vars (HOOKAIDO_PULL_TOKEN primary, HOOKAIDO_INGRESS_SECRET) are proportional to the skill’s purposes (pull auth and HMAC ingress). The docs reference additional optional secrets (provider webhook secrets, POSTGRES DSN) for optional features; these are not declared as required and are reasonable to be optional.
Persistence & Privilege
always:false and no indication the skill force-enables itself or alters other skills. The installer writes a binary to typical per-user locations (~/.local/bin or ~/.openclaw/tools) which is normal for a CLI tool. The docs include examples for adding an MCP plugin to a user-specific .claude/settings.json but do not perform that change automatically.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install hookaido
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /hookaido 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v2.6.0
- Version bump to 2.6.0 with updated binaries and install sources. - Added a LICENSE file. - Support for new webhook providers and delivery types reflected in documentation. - Expanded install matrix for more platforms with version 2.6.0 artifacts. - Documentation updates to reference v2.6.0 features and instructions.
v2.2.4
- Added .clawhubignore and LICENSE files to the repository. - Introduced scripts/publish.sh for automation or publishing tasks. - Updated install instructions and binaries to target Hookaido v2.2.2. - Minor version bump to 2.2.4 for the skill descriptor.
v2.2.3
- Updated default Hookaido version references from v2.2.0 to v2.2.1 in install workflows and documentation. - Adjusted pinned install script, binary download URLs, and Go module install steps for v2.2.1. - SKILL.md and related docs now reflect usage and recommendations for Hookaido v2.2.1. - No functional logic changes; update is focused on maintaining compatibility with upstream v2.2.1 release.
v2.2.2
- Updated the skill version to 2.2.2. - Clarified and shortened the description for better readability and focus on core Hookaido webhook functionality. - Improved documentation by emphasizing webhook infrastructure, queue backends, delivery modes, and CLI usage. - No functional or interface changes—documentation only.
v2.2.1
Version 2.2.1 - Updated install methods and binary URLs to use Hookaido v2.2.0. - Added and documented subprocess delivery support (deliver exec). - Specified required environment variables (e.g., HOOKAIDO_PULL_TOKEN, HOOKAIDO_INGRESS_SECRET). - Improved docs/playbooks for provider-compatible HMAC authentication (GitHub/Gitea). - Minor workflow and metadata clarifications to reflect new features and requirements.
v2.0.1
Update Name and Description
v2.0.0
Hookaido v2.0.0 is a major release with new modular backend and verification features. - Added support for modular queue backends (`sqlite`, `memory`, `postgres`) - Introduced release signature and checksum verification via `verify-release` - Playbooks and validation flows updated to cover new backend options and stricter secret checking - New install sources and instructions, including source-based install and updated artifact URLs for v2.0.0 - Documentation and workflow steps expanded for batch pull/ack and Postgres queue scenarios
v1.5.0
- Updated hookaido version to 1.5.0 for all platform installers. - Workflow and install instructions updated to reference v1.5.0. - Description clarified to include "webhook/webhooks ingress and delivery." - No functional or procedural changes beyond version updates.
v1.4.0
Summary: Adds gRPC-pull support, updates install/download targets, and revises operation/validation flows. - Added support for gRPC pull-worker listeners and gRPC pull operations. - Updated install/download URLs to reference hookaido v1.4.0 binaries. - Revised workflow and playbooks to include gRPC in topologies and validation steps. - Clarified pull API models and sample configurations with optional gRPC listener. - Improved validation checklist to cover gRPC-pull and related consumer actions.
v1.3.0
hookaido v1.3.0 introduces improved runtime install guidance, especially supporting Docker environments. - Updated install links to reference v1.3 binaries for all platforms. - Expanded workflow section to clearly document host and Docker-based install options, including SHA256 verification. - Added instructions for sandbox/Docker image and `setupCommand` usage to support new execution environments. - Maintained host install as fallback and for requirements check. - No breaking changes to configuration or runtime operation.
v1.2.0
- Added install instructions and automated installation support for the hookaido CLI via scripts/install_hookaido.sh. - Updated SKILL.md to include OpenClaw install metadata and provide step-by-step installation guidance. - Users can now ensure hookaido is on PATH either through OpenClaw install actions or the provided shell script.
v1.0.0
Initial release of the Hookaido skill. - Provides guidance for creating, reviewing, and operating Hookaido webhook queue setups. - Includes workflows for config validation, running, health checks, and queue/DLQ triage. - Offers step-by-step playbooks for configuring ingress, pull, and push delivery modes. - Documents safe operation, mutation, and production hardening practices. - Emphasizes conservative changes, validation, and secure secret handling.
元数据
Slug hookaido
版本 2.6.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 12
常见问题

Hookaido Webhook Integration 是什么?

Webhook infrastructure for receiving, queuing, and delivering webhooks. Operate Hookaido webhook ingress, durable webhook queue (SQLite/Postgres), webhook de... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1009 次。

如何安装 Hookaido Webhook Integration?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install hookaido」即可一键安装,无需额外配置。

Hookaido Webhook Integration 是免费的吗?

是的,Hookaido Webhook Integration 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Hookaido Webhook Integration 支持哪些平台?

Hookaido Webhook Integration 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Hookaido Webhook Integration?

由 Sebastian Gieseler(@7schmiede)开发并维护,当前版本 v2.6.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论