hvac-marketing-skills

ben/hvac-marketing-skills

Fork 0

Commit graph

Author	SHA1	Message	Date
Corey Haines	c1be574c8b	fix: security hardening — move meta-ads to header auth, encode URLs Critical: - meta-ads: move access_token from URL query string to Authorization header to prevent credential leakage in server logs and referrers Medium (URL encoding): - g2: encode state and date filter values - trustpilot: use URLSearchParams for reviews list params - typeform: encode response IDs in delete endpoint - demio: encode event type filter - lemlist: encode email addresses in URL path segments Docs: - Fix 6 missing env vars in CLI README auth table - Fix .gitignore typo (extra space in .DS_Store pattern) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-17 22:39:16 -08:00
Corey Haines	2c26f8497b	feat: add --dry-run flag to all 47 CLI tools When --dry-run is passed, each CLI prints the HTTP request it would make (method, URL, headers, body) without actually calling fetch(). Auth credentials are masked as "***" in the output. Useful for verifying request shape and API endpoints without needing real API keys or making actual API calls. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-17 11:47:12 -08:00
Corey Haines	3a85964305	feat: add 23 new CLI tools and integration guides New tools across 13 categories: - Email/Newsletter: beehiiv, klaviyo, postmark, brevo, activecampaign - Data Enrichment: clearbit, apollo - CRO/Testing: hotjar, optimizely - Analytics: plausible - Scheduling: calendly, savvycal - Forms: typeform - Messaging: intercom - Social: buffer - Video: wistia - Payments: paddle - Affiliate: partnerstack - Reviews: trustpilot, g2 - Push: onesignal - Webinar: demio, livestorm Each tool includes a zero-dependency CLI and integration guide. Registry and CLI README updated with all new entries. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-17 11:28:41 -08:00

Author

SHA1

Message

Date

Corey Haines

c1be574c8b

fix: security hardening — move meta-ads to header auth, encode URLs

Critical:
- meta-ads: move access_token from URL query string to Authorization
  header to prevent credential leakage in server logs and referrers

Medium (URL encoding):
- g2: encode state and date filter values
- trustpilot: use URLSearchParams for reviews list params
- typeform: encode response IDs in delete endpoint
- demio: encode event type filter
- lemlist: encode email addresses in URL path segments

Docs:
- Fix 6 missing env vars in CLI README auth table
- Fix .gitignore typo (extra space in .DS_Store pattern)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-17 22:39:16 -08:00

Corey Haines

2c26f8497b

feat: add --dry-run flag to all 47 CLI tools

When --dry-run is passed, each CLI prints the HTTP request it would
make (method, URL, headers, body) without actually calling fetch().
Auth credentials are masked as "***" in the output.

Useful for verifying request shape and API endpoints without needing
real API keys or making actual API calls.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-17 11:47:12 -08:00

Corey Haines

3a85964305

feat: add 23 new CLI tools and integration guides

New tools across 13 categories:
- Email/Newsletter: beehiiv, klaviyo, postmark, brevo, activecampaign
- Data Enrichment: clearbit, apollo
- CRO/Testing: hotjar, optimizely
- Analytics: plausible
- Scheduling: calendly, savvycal
- Forms: typeform
- Messaging: intercom
- Social: buffer
- Video: wistia
- Payments: paddle
- Affiliate: partnerstack
- Reviews: trustpilot, g2
- Push: onesignal
- Webinar: demio, livestorm

Each tool includes a zero-dependency CLI and integration guide.
Registry and CLI README updated with all new entries.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-17 11:28:41 -08:00

3 commits