lokalise-observability

Enables comprehensive observability for Lokalise integrations with metrics, traces, and alerts for effective monitoring.

Install this skill

or

0/100

Security score

The lokalise-observability skill was audited on May 12, 2026 and we found 49 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 156

Template literal with variable interpolation in command context

SourceSKILL.md

156

```bash

medium line 230

Template literal with variable interpolation in command context

SourceSKILL.md

230

```bash

medium line 159

Curl to non-GitHub URL

SourceSKILL.md

159	HEADERS=$(curl -sI "https://api.lokalise.com/api2/projects?limit=1" \

medium line 233

Curl to non-GitHub URL

SourceSKILL.md

233	curl -s -X POST "https://api.lokalise.com/api2/projects/${LOKALISE_PROJECT_ID}/webhooks" \

medium line 30

Webhook reference - potential data exfiltration

SourceSKILL.md

30	Monitor Lokalise translation pipeline health: API response times, rate limit consumption, translation completion rates, webhook delivery reliability, file upload/download status, and per-word cost tra

medium line 36

Webhook reference - potential data exfiltration

SourceSKILL.md

36	- Optional: webhook endpoint for real-time event monitoring

medium line 173

Webhook reference - potential data exfiltration

SourceSKILL.md

173	### Step 4: Monitor Webhook Delivery

medium line 175

Webhook reference - potential data exfiltration

SourceSKILL.md

175	Track webhook processing success and latency in your webhook handler.

low line 180

Webhook reference - potential data exfiltration

SourceSKILL.md

180	const webhookMetrics = {

low line 187

Webhook reference - potential data exfiltration

SourceSKILL.md

187	app.post("/webhooks/lokalise", async (req: express.Request, res: express.Response) => {

low line 188

Webhook reference - potential data exfiltration

SourceSKILL.md

188	webhookMetrics.received++;

low line 195

Webhook reference - potential data exfiltration

SourceSKILL.md

195	await processWebhookEvent(req.body);

low line 196

Webhook reference - potential data exfiltration

SourceSKILL.md

196	webhookMetrics.processed++;

low line 198

Webhook reference - potential data exfiltration

SourceSKILL.md

198	webhookMetrics.failed++;

low line 199

Webhook reference - potential data exfiltration

SourceSKILL.md

199	console.error("Webhook processing failed:", error);

low line 203

Webhook reference - potential data exfiltration

SourceSKILL.md

203	webhookMetrics.totalLatencyMs += latencyMs;

low line 205

Webhook reference - potential data exfiltration

SourceSKILL.md

205	emitCounter("lokalise_webhook_received_total", 1, {

low line 207

Webhook reference - potential data exfiltration

SourceSKILL.md

207	status: webhookMetrics.failed > 0 ? "error" : "ok",

low line 209

Webhook reference - potential data exfiltration

SourceSKILL.md

209	emitHistogram("lokalise_webhook_processing_ms", latencyMs, {

low line 215

Webhook reference - potential data exfiltration

SourceSKILL.md

215	// Health endpoint exposing webhook metrics

low line 216

Webhook reference - potential data exfiltration

SourceSKILL.md

216	app.get("/metrics/webhooks", (_req, res) => {

low line 218

Webhook reference - potential data exfiltration

SourceSKILL.md

218	received: webhookMetrics.received,

low line 219

Webhook reference - potential data exfiltration

SourceSKILL.md

219	processed: webhookMetrics.processed,

low line 220

Webhook reference - potential data exfiltration

SourceSKILL.md

220	failed: webhookMetrics.failed,

low line 221

Webhook reference - potential data exfiltration

SourceSKILL.md

221	avgLatencyMs: webhookMetrics.received > 0

low line 222

Webhook reference - potential data exfiltration

SourceSKILL.md

222	? Math.round(webhookMetrics.totalLatencyMs / webhookMetrics.received)

medium line 228

Webhook reference - potential data exfiltration

SourceSKILL.md

228	### Step 5: Register Webhooks for Key Events

low line 233

Webhook reference - potential data exfiltration

SourceSKILL.md

233	curl -s -X POST "https://api.lokalise.com/api2/projects/${LOKALISE_PROJECT_ID}/webhooks" \

low line 248

Webhook reference - potential data exfiltration

SourceSKILL.md

248	}' \| jq '{webhook_id: .webhook.webhook_id, events: .webhook.events}'

low line 277

Webhook reference - potential data exfiltration

SourceSKILL.md

277	- alert: WebhookDeliveryFailing

low line 278

Webhook reference - potential data exfiltration

SourceSKILL.md

278	expr: rate(lokalise_webhook_received_total{status="error"}[1h]) > 3

low line 280

Webhook reference - potential data exfiltration

SourceSKILL.md

280	summary: "Lokalise webhook deliveries failing ({{ $value }} errors/hour)"

medium line 300

Webhook reference - potential data exfiltration

SourceSKILL.md

300	\| Webhook Success Rate \| `rate(lokalise_webhook_received_total{status="ok"}[5m])` \| Time series \|

medium line 307

Webhook reference - potential data exfiltration

SourceSKILL.md

307	- Webhook delivery tracking with latency and error counters

medium line 308

Webhook reference - potential data exfiltration

SourceSKILL.md

308	- Prometheus alerting rules for rate limiting, API errors, stalled progress, and webhook failures

medium line 315

Webhook reference - potential data exfiltration

SourceSKILL.md

315	\| Webhook not firing \| Wrong event type registered \| Verify event names match API reference \|

medium line 321

Webhook reference - potential data exfiltration

SourceSKILL.md

321	- [Lokalise Webhooks API](https://developers.lokalise.com/reference/create-a-webhook)

medium line 322

Webhook reference - potential data exfiltration

SourceSKILL.md

322	- [Lokalise Webhook Events](https://developers.lokalise.com/docs/webhook-events)

medium line 329

Webhook reference - potential data exfiltration

SourceSKILL.md

329	For setting up real-time automation based on webhook events, see `lokalise-webhooks-events`. For incident response procedures when alerts fire, see `lokalise-incident-runbook`.

low line 57

Access to .env file

SourceSKILL.md

57	const lok = new LokaliseApi({ apiKey: process.env.LOKALISE_API_TOKEN! });

low line 159

External URL reference

SourceSKILL.md

159	HEADERS=$(curl -sI "https://api.lokalise.com/api2/projects?limit=1" \

low line 233

External URL reference

SourceSKILL.md

233	curl -s -X POST "https://api.lokalise.com/api2/projects/${LOKALISE_PROJECT_ID}/webhooks" \

low line 237

External URL reference

SourceSKILL.md

237	"url": "https://hooks.company.com/lokalise",

low line 269

External URL reference

SourceSKILL.md

269	runbook: "Check https://status.lokalise.com. Enable fallback translations."

low line 321

External URL reference

SourceSKILL.md

321	- [Lokalise Webhooks API](https://developers.lokalise.com/reference/create-a-webhook)

low line 322

External URL reference

SourceSKILL.md

322	- [Lokalise Webhook Events](https://developers.lokalise.com/docs/webhook-events)

low line 323

External URL reference

SourceSKILL.md

323	- [Lokalise API Rate Limits](https://developers.lokalise.com/reference/api-rate-limits)

low line 324

External URL reference

SourceSKILL.md

324	- [Lokalise Project Statistics](https://developers.lokalise.com/reference/retrieve-a-project)

low line 325

External URL reference

SourceSKILL.md

325	- [Prometheus Alerting Rules](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/)

Scanned on May 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2.2K

Rate this skill

Categorymarketing

UpdatedMay 20, 2026

claude claude-code codex frontend design docx git api testing backend growth-marketer product-marketer data-analyst datadog marketing data analytics

jeremylongshore/claude-code-plugins-plus-skills