Skip to main content

frappe-errors-api

Facilitates debugging and handling API errors in Frappe/ERPNext, ensuring accurate HTTP status codes and preventing silent failures.

Install this skill

or
46/100

Security score

The frappe-errors-api skill was audited on May 16, 2026 and we found 18 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

low line 201

Fetch to external URL

SourceSKILL.md
201fetch("/api/method/myapp.api.update", {
medium line 10

Webhook reference - potential data exfiltration

SourceSKILL.md
10file upload failures, JSON parse errors in request/response, webhook delivery
medium line 12

Webhook reference - potential data exfiltration

SourceSKILL.md
12Keywords: API error, 401, 403, 404, 417, 429, 500, CSRF, CORS, REST,, API call fails, 403 forbidden, CORS error, token expired, endpoint not found, webhook not received.
medium line 13

Webhook reference - potential data exfiltration

SourceSKILL.md
13whitelist, webhook, rate limit, file upload, authentication token.
medium line 317

Webhook reference - potential data exfiltration

SourceSKILL.md
317## Webhook Delivery Failures
low line 320

Webhook reference - potential data exfiltration

SourceSKILL.md
320Error: Webhook not firing or returning errors
medium line 325

Webhook reference - potential data exfiltration

SourceSKILL.md
3251. Check Error Log for webhook delivery errors
medium line 327

Webhook reference - potential data exfiltration

SourceSKILL.md
3273. Check webhook condition — is it filtering out the event?
medium line 328

Webhook reference - potential data exfiltration

SourceSKILL.md
3284. [v15+] Check Webhook Request Log for delivery status
low line 331

Webhook reference - potential data exfiltration

SourceSKILL.md
331# Custom webhook with error handling
low line 333

Webhook reference - potential data exfiltration

SourceSKILL.md
333def incoming_webhook():
low line 334

Webhook reference - potential data exfiltration

SourceSKILL.md
334"""Handle incoming webhook with validation."""
low line 336

Webhook reference - potential data exfiltration

SourceSKILL.md
336signature = frappe.request.headers.get("X-Webhook-Signature")
low line 349

Webhook reference - potential data exfiltration

SourceSKILL.md
349frappe.enqueue(process_webhook_data, data=data, queue="short")
medium line 465

Webhook reference - potential data exfiltration

SourceSKILL.md
4657. **Return 200 quickly** from incoming webhooks then process asynchronously
medium line 482

Webhook reference - potential data exfiltration

SourceSKILL.md
482| `references/patterns.md` | Complete whitelisted method, webhook, external API patterns |
low line 223

External URL reference

SourceSKILL.md
223"allow_cors": "https://your-frontend.example.com"
low line 230

External URL reference

SourceSKILL.md
230"allow_cors": ["https://app1.example.com", "https://app2.example.com"]
Scanned on May 16, 2026
View Security Dashboard
Installation guide →
GitHub Stars 102
Rate this skill
Categorydevelopment
UpdatedJune 15, 2026
claude-codeclaudeapibackend-developerdata-engineerproduct-managerdevelopmentproduct
OpenAEC-Foundation/Frappe_Claude_Skill_Package