- amplitude: mask api_key in dry-run body output
- livestorm: add missing Bearer prefix to Authorization header
- mixpanel: mask token/$token in dry-run ingestion body output
- onesignal: change auth from 'Key' to 'Basic' per OneSignal REST API docs
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fixes found by automated codex review of all 47 CLI tools:
- resend: webhook field name endpoint_url -> endpoint
- mailchimp: change from Bearer to Basic auth per API docs
- kit: fail fast when api_secret required but not set
- activecampaign: automation add-contact needs --contact-id not --email
- google-ads: budget updateMask must be snake_case (amount_micros)
- meta-ads: special_ad_categories default to ['NONE'] not empty array
- linkedin-ads: add required X-RestLi-Protocol-Version header
- onesignal: auth prefix should be Key, not Basic
- mixpanel: query dates must be YYYY-MM-DD, not relative strings
- wistia: change from Bearer to Basic auth per API docs
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When --dry-run is passed, each CLI prints the HTTP request it would
make (method, URL, headers, body) without actually calling fetch().
Auth credentials are masked as "***" in the output.
Useful for verifying request shape and API endpoints without needing
real API keys or making actual API calls.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
