frappe-errors-api

Facilitates debugging and handling API errors in Frappe/ERPNext, ensuring correct HTTP status codes and preventing silent failures.

Install this skill

or

46/100

Security score

The frappe-errors-api skill was audited on May 28, 2026 and we found 18 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

low line 201

Fetch to external URL

SourceSKILL.md

201	fetch("/api/method/myapp.api.update", {

medium line 10

Webhook reference - potential data exfiltration

SourceSKILL.md

10	file upload failures, JSON parse errors in request/response, webhook delivery

medium line 12

Webhook reference - potential data exfiltration

SourceSKILL.md

12	Keywords: API error, 401, 403, 404, 417, 429, 500, CSRF, CORS, REST,, API call fails, 403 forbidden, CORS error, token expired, endpoint not found, webhook not received.

medium line 13

Webhook reference - potential data exfiltration

SourceSKILL.md

13	whitelist, webhook, rate limit, file upload, authentication token.

medium line 317

Webhook reference - potential data exfiltration

SourceSKILL.md

317	## Webhook Delivery Failures

low line 320

Webhook reference - potential data exfiltration

SourceSKILL.md

320	Error: Webhook not firing or returning errors

medium line 325

Webhook reference - potential data exfiltration

SourceSKILL.md

325	1. Check Error Log for webhook delivery errors

medium line 327

Webhook reference - potential data exfiltration

SourceSKILL.md

327	3. Check webhook condition — is it filtering out the event?

medium line 328

Webhook reference - potential data exfiltration

SourceSKILL.md

328	4. [v15+] Check Webhook Request Log for delivery status

low line 331

Webhook reference - potential data exfiltration

SourceSKILL.md

331	# Custom webhook with error handling

low line 333

Webhook reference - potential data exfiltration

SourceSKILL.md

333	def incoming_webhook():

low line 334

Webhook reference - potential data exfiltration

SourceSKILL.md

334	"""Handle incoming webhook with validation."""

low line 336

Webhook reference - potential data exfiltration

SourceSKILL.md

336	signature = frappe.request.headers.get("X-Webhook-Signature")

low line 349

Webhook reference - potential data exfiltration

SourceSKILL.md

349	frappe.enqueue(process_webhook_data, data=data, queue="short")

medium line 465

Webhook reference - potential data exfiltration

SourceSKILL.md

465	7. Return 200 quickly from incoming webhooks then process asynchronously

medium line 482

Webhook reference - potential data exfiltration

SourceSKILL.md

482	\| `references/patterns.md` \| Complete whitelisted method, webhook, external API patterns \|

low line 223

External URL reference

SourceSKILL.md

223	"allow_cors": "https://your-frontend.example.com"

low line 230

External URL reference

SourceSKILL.md

230	"allow_cors": ["https://app1.example.com", "https://app2.example.com"]

Scanned on May 28, 2026

View Security Dashboard

Installation guide →

GitHub Stars 125

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

claude-code api backend-developer devops-sre technical-writer development content media

Impertio-Studio/Frappe_Claude_Skill_Package