Skip to content

ECINT-6556: add alerts webhook listener skill#401

Open
gulshngill wants to merge 3 commits intomainfrom
feat/alerts-webhook-listener-skill
Open

ECINT-6556: add alerts webhook listener skill#401
gulshngill wants to merge 3 commits intomainfrom
feat/alerts-webhook-listener-skill

Conversation

@gulshngill
Copy link
Copy Markdown
Contributor

@gulshngill gulshngill commented Apr 9, 2026
edited
Loading

Summary

  • New skill nansen-alerts-webhook-listener that sets up a local HTTP webhook server to receive Nansen smart alerts in real-time
  • Zero-dependency Node.js server with HMAC-SHA256 signature verification (sha256= prefixed), 1 MB body limit, localhost-only binding, and graceful shutdown
  • Recommends ngrok over localtunnel (tested: localtunnel silently drops connections after minutes, causing "503 Tunnel Unavailable" errors)
  • Includes security warning about tunnel exposure, asks user to confirm before proceeding
  • Does not create/modify alerts — sets up infrastructure and provides next-steps summary
  • OpenClaw integration: when OPENCLAW_GATEWAY_URL is set, the server forwards verified payloads directly to the local OpenClaw Gateway /hooks/agent endpoint, triggering an agent turn per alert — no polling, real-time push

Test plan

  • Tested end-to-end locally with live common-token-transfer alert (USDC >$10 on Ethereum)
  • Verified x-nansen-signature header format is sha256=<hex> — signature verification works after stripping prefix
  • Confirmed localtunnel instability (tunnel died twice in minutes, 65+ failed deliveries)
  • Confirmed ngrok stability (persistent connection, alerts flowing)
  • Verified unsigned requests are rejected with 401
  • Verified oversized payloads rejected with 413
  • Test OpenClaw Gateway forwarding with live OpenClaw instance
  • Test skill invocation from a fresh Claude Code session

🤖 Generated with Claude Code

@gulshngill @claude
feat: add alerts webhook listener skill
36936ac 
Skill that sets up a local HTTP server to receive Nansen smart alert
webhook payloads. Includes HMAC-SHA256 signature verification (sha256=
prefixed), body size limits, localhost-only binding, and public tunnel
setup via ngrok (recommended) or localtunnel (fallback).

Tested end-to-end with live alerts — verified signature format, tunnel
stability, and auto-disable recovery.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@gulshngill gulshngill changed the title feat: add alerts webhook listener skill ECINT-6556: add alerts webhook listener skill Apr 9, 2026
@gulshngill gulshngill requested review from TimNooren and kome12 April 9, 2026 10:01
gulshngill and others added 2 commits April 9, 2026 18:04
@gulshngill @claude
fix: update OpenClaw note and clean up skill
8fa66ae 
OpenClaw Gateway webhooks aren't publicly reachable, so mark skill as
local Claude Code only until OpenClaw exposes public webhook ingress.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@gulshngill @claude
feat: add OpenClaw Gateway forwarding support
0aec225 
When OPENCLAW_GATEWAY_URL is set, the webhook server forwards verified
alert payloads to the local OpenClaw Gateway /hooks/agent endpoint,
triggering an agent turn for each alert. Supports Bearer token auth
via OPENCLAW_AUTH_TOKEN.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kome12 kome12 Awaiting requested review from kome12

@TimNooren TimNooren Awaiting requested review from TimNooren

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gulshngill