clay-security-basics

Featured

Apply Clay security best practices for API keys, webhook secrets, and data access control. Use when securing Clay integrations, rotating API keys, auditing access, or implementing webhook authentication. Trigger with phrases like "clay security", "clay secrets", "secure clay", "clay API key security", "clay webhook security".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Clay Security Basics ## Overview Security best practices for Clay integrations covering API key management, webhook endpoint security, provider credential isolation, and lead data protection. Clay handles sensitive PII (emails, phone numbers, LinkedIn profiles) at scale, making security critical. ## Prerequisites - Clay account with admin access - Understanding of environment variables and secrets management - Access to deployment platform's secrets manager ## Instructions ### Step 1: Secure API Key Storage ```bash # .env (NEVER commit to git) CLAY_API_KEY=clay_ent_your_api_key_here CLAY_WEBHOOK_URL=https://app.clay.com/api/v1/webhooks/your-id # .gitignore — add these patterns .env .env.local .env.*.local *.key ``` For production, use your platform's secrets manager: ```bash # GitHub Actions gh secret set CLAY_API_KEY --body "clay_ent_your_key" # Google Cloud Secret Manager echo -n "clay_ent_your_key" | gcloud secrets create clay-api-key --data-file=- # AWS Secrets Manager aws secretsmanager create-secret \ --name clay/api-key \ --secret-string "clay_ent_your_key" ``` ### Step 2: Authenticate Incoming Webhook Callbacks When Clay's HTTP API columns call your endpoint, validate the request origin: ```typescript // src/middleware/clay-auth.ts import crypto from 'crypto'; const CLAY_WEBHOOK_SECRET = process.env.CLAY_WEBHOOK_SECRET!; function verifyClayCallback( payload: string, signature: string | undefined ): boolean { if (!signature || !CLAY_WEBHOOK...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI Google Cloud · Cloud GitHub · DevTools

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

clay-install-auth

Set up Clay account access, API keys, webhook URLs, and provider connections. Use when onboarding to Clay, connecting data providers, configuring API keys, or setting up webhook endpoints for programmatic data flow. Trigger with phrases like "install clay", "setup clay", "clay auth", "configure clay API key", "connect clay providers".

2,266 Updated today
jeremylongshore
AI & Automation Featured

clay-sdk-patterns

Apply production-ready patterns for integrating with Clay via webhooks and HTTP API. Use when building Clay integrations, implementing webhook handlers, or establishing team coding standards for Clay data pipelines. Trigger with phrases like "clay SDK patterns", "clay best practices", "clay code patterns", "clay integration patterns", "clay webhook patterns".

2,266 Updated today
jeremylongshore
AI & Automation Featured

klaviyo-security-basics

Apply Klaviyo security best practices for API key management and access control. Use when securing API keys, configuring OAuth scopes, implementing webhook signature verification, or auditing Klaviyo security configuration. Trigger with phrases like "klaviyo security", "klaviyo secrets", "secure klaviyo", "klaviyo API key security", "klaviyo OAuth".

2,266 Updated today
jeremylongshore
DevOps & Infrastructure Featured

clay-deploy-integration

Deploy Clay-powered applications to Vercel, Cloud Run, or Docker with proper secrets management. Use when deploying Clay webhook receivers, enrichment pipelines, or CRM sync services to production infrastructure. Trigger with phrases like "deploy clay", "clay Vercel", "clay production deploy", "clay Cloud Run", "clay Docker", "host clay integration".

2,266 Updated today
jeremylongshore
AI & Automation Featured

bamboohr-security-basics

Apply BambooHR security best practices for API keys, webhook verification, and PII data handling compliance. Use when securing API keys, implementing webhook signature validation, or handling sensitive employee data from BambooHR. Trigger with phrases like "bamboohr security", "bamboohr secrets", "secure bamboohr", "bamboohr PII", "bamboohr data protection".

2,266 Updated today
jeremylongshore