graham.systems / lure
Enable LLMs to handle webhooks with plaintext files
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

move create-lure skill to root SKILL.md and update to current verify format

graham.systems 8cc3e26c d8155215

+19 -78
+17 -4
.claude/skills/create-lure/SKILL.md SKILL.md
··· 10 10 1. **Gather requirements.** If not already provided, ask the user: 11 11 - What webhook source and event is this for? 12 12 - What path should it be mounted at? (e.g. `github/push` → `lures/github/push.lure`) 13 - - Does the provider sign requests? If so, what method (HMAC?), which header or query parameter carries the signature, and what environment variable holds the secret? 13 + - Does the provider sign requests? If so: 14 + - HMAC or literal token comparison? 15 + - Which header or query parameter carries the signature or token? 16 + - What environment variable holds the secret? 17 + - For HMAC: does the provider prefix the digest (e.g. `sha256=`)? 14 18 - What should the LLM do when it receives this webhook? 15 19 - Is there any application-specific config to include? 16 20 ··· 28 32 Specifies how to authenticate incoming webhook requests. Omit if the provider 29 33 does not sign requests. Only one strategy may be specified. 30 34 31 - HMAC: 35 + HMAC (e.g. GitHub, GitLab — computes SHA-256 over the request body): 32 36 33 37 ```yaml 34 38 verify: 35 39 hmac: 36 - location: header # or "query" 37 - name: X-Hub-Signature-256 # header or query parameter name 40 + header: X-Hub-Signature-256 # or query: param-name 41 + prefix: "sha256=" # optional: stripped before comparing the digest 42 + secret: $ENV_VAR_NAME # must be an environment variable reference 43 + ``` 44 + 45 + Literal (e.g. Forgejo, Omi — compares value directly against the secret): 46 + 47 + ```yaml 48 + verify: 49 + literal: 50 + header: Authorization # or query: uid 38 51 secret: $ENV_VAR_NAME # must be an environment variable reference 39 52 ``` 40 53
+2 -74
README.md
··· 95 95 ## Generating lures 96 96 97 97 Since `.lure` files follow a structured format, they are well-suited to be 98 - generated by an LLM. Copy the prompt below into any LLM conversation, replace 99 - the placeholder at the end with a description of your webhook, and the LLM will 100 - produce a ready-to-use `.lure` file. 101 - 102 - ```` 103 - You are generating a .lure file for the Lure webhook library. A .lure file is 104 - a Markdown file with YAML frontmatter. The filename without the .lure extension 105 - determines the webhook path relative to the configured base path: `push.lure` 106 - handles `<basePath>/push`, and `github/push.lure` handles 107 - `<basePath>/github/push`. 108 - 109 - ## Frontmatter 110 - 111 - ### `verify` (optional) 112 - 113 - Specifies how to authenticate incoming webhook requests. Omit if the provider 114 - does not sign requests. Only one strategy may be specified. 115 - 116 - HMAC (e.g. GitHub, GitLab — computes SHA-256 over the request body): 117 - 118 - ```yaml 119 - verify: 120 - hmac: 121 - header: X-Hub-Signature-256 # or query: param-name 122 - prefix: "sha256=" # optional: stripped before comparing the digest 123 - secret: $ENV_VAR_NAME # must be an environment variable reference 124 - ``` 125 - 126 - Literal (e.g. Forgejo, plain API key — compares value directly): 127 - 128 - ```yaml 129 - verify: 130 - literal: 131 - header: Authorization # or query: uid 132 - secret: $ENV_VAR_NAME # must be an environment variable reference 133 - ``` 134 - 135 - ### `payload` (optional) 136 - 137 - ```yaml 138 - payload: 139 - contentType: json # currently the only supported value 140 - ``` 141 - 142 - ### `config` (optional) 143 - 144 - An arbitrary object passed as-is to the application callback. Use this for any 145 - application-specific values you want to associate with this lure. 146 - 147 - ```yaml 148 - config: 149 - key: value 150 - ``` 151 - 152 - ## Template body 153 - 154 - Below the frontmatter is a Liquid template (https://liquidjs.com). Write it as 155 - a natural language prompt for the LLM that will process the webhook. The 156 - following variables are available: 157 - 158 - - `payload` — the request body (parsed JSON for `contentType: json`) 159 - - `headers` — request headers as a plain object with lowercase keys (e.g. `{{ headers["x-my-header"] }}`) 160 - - `query` — query string as a plain object (e.g. `{{ query.foo }}`) 161 - 162 - Use `{{ expression }}` to interpolate values and `{% if %}...{% endif %}` for 163 - conditionals. 164 - 165 - ## Task 166 - 167 - Generate a .lure file for the following webhook: 168 - 169 - [DESCRIBE THE WEBHOOK SOURCE, EVENT TYPE, PAYLOAD SHAPE, VERIFICATION METHOD, 170 - AND WHAT THE LLM RECEIVING THE PROMPT SHOULD DO IN RESPONSE] 171 - ```` 98 + generated by an LLM. A `create-lure` skill is available in 99 + [SKILL.md](./SKILL.md) at the root of this repository. 172 100 173 101 ## Lifecycle 174 102