< TOOLS

AOI TOOLS / 032 · AGENT SECURITY

WEBHOOK CHECK

Your AI agent's webhook accepts a forged signature. Find out in one command.

RUN IT — NO SETUP, STDLIB ONLY
curl -sO https://raw.githubusercontent.com/AOI-Future/agent-webhook-check/main/webhook_check.py && python3 webhook_check.py --demo

A webhook is the callback that lets an outside system trigger an agent action — a refund, a deploy, a fund movement. If the signature check can be fooled, an attacker drives your agent's hands. webhook-check runs four executable checks against your verifier and prints PASS / FAIL. Exit code is 0 if every check passes, 1 if any fails — so you can drop it into CI.

WHAT IT CHECKS

VT-D-050 Accepts a valid signature

Verifier is so strict it rejects genuine traffic — a broken control is not a secure one.

VT-D-051 Rejects a tampered body

An old signature is accepted for a mutated payload — the signature never actually binds the body.

VT-D-052 Length-safe on a forged short signature

A too-short signature runs a hand-rolled loop off the end and raises IndexError — a forged header crashes the handler (denial of service).

VT-D-053 Constant-time comparison

`==` or a byte loop leaks the valid HMAC through response timing — an attacker recovers the signature one byte at a time.

The fix for both real defects is one line: hmac.compare_digest, behind a startswith("sha256=") / length guard. The tool ships two worked references — a deliberately broken verifier and a correct one — so --demo finds a real bug with zero setup.

AUDIT YOUR OWN VERIFIER

python3 webhook_check.py --verifier yourmodule:verify

Any callable verify(secret: bytes, body: bytes, header: str) -> bool. It must not raise on malformed input; it must return False.

SOURCE ON GITHUB — MIT ↗

Read it, run it, share it. One file, no dependencies.

GET THE NEXT FREE CASE

This is one case from a larger map of the agent attack surface. Join the list for the next free check and a heads-up when the standards (MCP, EMA) move.

Powered by Substack — dispatch.aoifuture.com. No spam; unsubscribe any time.

Want the whole surface, and evidence you can defend?

This free tool covers one case and tells you PASS or FAIL. The full AI-Agent Security Verification Kit covers identity, tools, untrusted content, the MCP supply chain, and EMA — one command against your config — and seals each run into a single artifact (JSON + PDF) whose hash is countersigned by an RFC 3161 timestamp authority. Proof of what you tested and when. No secret leaves your machine — only a hash and a nonce.

The free book — AI Agent Security: A Field Manual — is out now, free, at leanpub.com/agent-security. The kit is publishing soon — join the list and I'll send the link at launch.

Explanation and a single check are free. Execution across the whole surface, and the signed proof, are the kit.