clay-incident-runbook
Facilitates rapid incident response for Clay outages, including triage, mitigation, and postmortem procedures.
Install this skill
Security score
The clay-incident-runbook skill was audited on May 12, 2026 and we found 30 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 44 | ```bash |
Curl to non-GitHub URL
| 55 | curl -s -o /dev/null -w "clay.com: HTTP %{http_code}\n" https://www.clay.com |
Webhook reference - potential data exfiltration
| 6 | Use when Clay enrichments stop working, webhook delivery fails, |
Webhook reference - potential data exfiltration
| 29 | Rapid response procedures for Clay-related production incidents. Clay is a hosted SaaS platform, so incidents fall into two categories: (1) Clay-side issues (platform outage, provider degradation) and |
Webhook reference - potential data exfiltration
| 35 | | P1 | Complete data flow stopped | < 15 min | Credits exhausted, webhook URL expired, Clay outage | |
Webhook reference - potential data exfiltration
| 37 | | P3 | Minor impact | < 4 hours | Single provider down, intermittent webhook failures | |
Webhook reference - potential data exfiltration
| 58 | # 2. Test webhook delivery |
Webhook reference - potential data exfiltration
| 59 | echo "--- Webhook Test ---" |
Webhook reference - potential data exfiltration
| 60 | if [ -n "${CLAY_WEBHOOK_URL:-}" ]; then |
Webhook reference - potential data exfiltration
| 61 | WEBHOOK_CODE=$(curl -s -o /dev/null -w "%{http_code}" \ |
Webhook reference - potential data exfiltration
| 62 | -X POST "$CLAY_WEBHOOK_URL" \ |
Webhook reference - potential data exfiltration
| 65 | echo "Webhook: HTTP $WEBHOOK_CODE" |
Webhook reference - potential data exfiltration
| 66 | if [ "$WEBHOOK_CODE" = "200" ]; then echo " -> Webhook OK"; fi |
Webhook reference - potential data exfiltration
| 67 | if [ "$WEBHOOK_CODE" = "404" ]; then echo " -> ISSUE: Webhook URL invalid/expired"; fi |
Webhook reference - potential data exfiltration
| 68 | if [ "$WEBHOOK_CODE" = "429" ]; then echo " -> ISSUE: Rate limited"; fi |
Webhook reference - potential data exfiltration
| 70 | echo "CLAY_WEBHOOK_URL not set!" |
Webhook reference - potential data exfiltration
| 109 | ├── Is the webhook accepting data? (Test with curl) |
Webhook reference - potential data exfiltration
| 110 | │ ├── NO: Re-create webhook (50K limit may be hit) → P1 |
Webhook reference - potential data exfiltration
| 127 | **P1: Webhook URL Expired (50K Limit)** |
Webhook reference - potential data exfiltration
| 129 | 1. Check: Table > + Add > Webhooks — does existing webhook show "limit reached"? |
Webhook reference - potential data exfiltration
| 130 | 2. Fix: Create new webhook on same table |
Webhook reference - potential data exfiltration
| 131 | 3. Update: Change CLAY_WEBHOOK_URL in all deployment secrets |
Webhook reference - potential data exfiltration
| 132 | 4. Verify: Send test payload to new webhook URL |
Webhook reference - potential data exfiltration
| 182 | | Root Cause | [e.g., Webhook hit 50K limit without monitoring] | |
Webhook reference - potential data exfiltration
| 193 | | Webhook test returns nothing | Webhook URL malformed | Re-copy full URL from Clay table | |
External URL reference
| 55 | curl -s -o /dev/null -w "clay.com: HTTP %{http_code}\n" https://www.clay.com |
External URL reference
| 78 | -X POST "https://api.clay.com/v1/people/enrich" \ |
External URL reference
| 92 | CALLBACK_URL="${CLAY_CALLBACK_URL:-https://your-app.com/api/health}" |
External URL reference
| 199 | - [Clay Community Support](https://community.clay.com) |
External URL reference
| 200 | - [Clay University](https://university.clay.com) |