frappe-api-handler

Generates secure API methods and REST endpoints for Frappe applications, enhancing backend development capabilities.

Install this skill

89/100

Security score

The frappe-api-handler skill was audited on Jun 11, 2026 and we found 3 security issues across 1 threat category. Review the findings below before installing.

Categories Tested

Security Issues

low line 162

Webhook reference - potential data exfiltration

SourceSKILL.md

162	│ └── Webhooks (configured in UI or via DocType)

medium line 255

Webhook reference - potential data exfiltration

SourceSKILL.md

255	- ALWAYS verify webhook HMAC (`X-Frappe-Webhook-Signature`) when exposing inbound webhook receivers.

medium line 266

Webhook reference - potential data exfiltration

SourceSKILL.md

266	From frappe-core-api: prefer token auth for integrations; store API secrets immediately when generated (shown once); session cookies expire (~3 days) — not for long-lived integrations; set Webhook

Scanned on Jun 11, 2026

View Security Dashboard

Installation guide →

GitHub Stars 8

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

claude frontend design docx api database testing mobile backend backend-developer fullstack-developer product-manager development product

vyogotech/frappe-apps-manager