Skip to main content

appfolio-webhooks-events

Handles AppFolio webhook events for real-time property management notifications, enabling seamless integration with CRM and accounting systems.

Install this skill

or
53/100

Security score

The appfolio-webhooks-events skill was audited on May 23, 2026 and we found 19 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 31

Template literal with variable interpolation in command context

SourceSKILL.md
31"Authorization": `Bearer ${process.env.APPFOLIO_API_KEY}`,
low line 28

Fetch to external URL

SourceSKILL.md
28const response = await fetch("https://api.appfolio.com/v1/webhooks", {
medium line 2

Webhook reference - potential data exfiltration

SourceSKILL.md
2name: appfolio-webhooks-events
medium line 3

Webhook reference - potential data exfiltration

SourceSKILL.md
3description: 'Handle AppFolio webhook events for property management notifications.
medium line 5

Webhook reference - potential data exfiltration

SourceSKILL.md
5Trigger: "appfolio webhook".
medium line 19

Webhook reference - potential data exfiltration

SourceSKILL.md
19# AppFolio Webhooks & Events
medium line 23

Webhook reference - potential data exfiltration

SourceSKILL.md
23AppFolio Stack delivers real-time webhook notifications for property management lifecycle events including tenant onboarding, lease execution, rent payments, and maintenance workflows. Use these webho
medium line 25

Webhook reference - potential data exfiltration

SourceSKILL.md
25## Webhook Registration
low line 28

Webhook reference - potential data exfiltration

SourceSKILL.md
28const response = await fetch("https://api.appfolio.com/v1/webhooks", {
low line 35

Webhook reference - potential data exfiltration

SourceSKILL.md
35url: "https://yourapp.com/webhooks/appfolio",
low line 37

Webhook reference - potential data exfiltration

SourceSKILL.md
37secret: process.env.APPFOLIO_WEBHOOK_SECRET,
low line 51

Webhook reference - potential data exfiltration

SourceSKILL.md
51.createHmac("sha256", process.env.APPFOLIO_WEBHOOK_SECRET!)
low line 67

Webhook reference - potential data exfiltration

SourceSKILL.md
67app.post("/webhooks/appfolio", express.raw({ type: "application/json" }), verifyAppFolioSignature, (req, res) => {
low line 31

Access to .env file

SourceSKILL.md
31"Authorization": `Bearer ${process.env.APPFOLIO_API_KEY}`,
low line 37

Access to .env file

SourceSKILL.md
37secret: process.env.APPFOLIO_WEBHOOK_SECRET,
low line 51

Access to .env file

SourceSKILL.md
51.createHmac("sha256", process.env.APPFOLIO_WEBHOOK_SECRET!)
low line 28

External URL reference

SourceSKILL.md
28const response = await fetch("https://api.appfolio.com/v1/webhooks", {
low line 35

External URL reference

SourceSKILL.md
35url: "https://yourapp.com/webhooks/appfolio",
low line 121

External URL reference

SourceSKILL.md
121- [AppFolio Stack APIs](https://www.appfolio.com/stack/partners/api)
Scanned on May 23, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.2K
Rate this skill
Categoryreal estate
UpdatedJune 10, 2026
claudeclaude-codedesignstripeapimobileproperty-managerreal-estate-agentbusiness-developmentreal estatesales
jeremylongshore/claude-code-plugins-plus-skills