New — webhooks your AI agents can wait on. Hook & Sense opening to early access.

Use case · QA Testing

Webhook tests that don't depend on Stripe's mood.

QA shouldn't mean clicking through a Stripe checkout 40 times to test edge cases. Capture real events once, replay them anywhere — manually or from CI.

What's painful today

  • Webhook test suites rely on hand-rolled fixtures that drift from real payloads over time.
  • Triggering edge events (refund, chargeback, dispute) in provider sandboxes is slow, manual, and sometimes impossible.
  • Webhook flakiness in CI is hard to reproduce — payloads aren't checked in, signatures rotate.

How HookSense solves it

HookSense is the callback layer for AI agents: an agent calls create_callback_endpoint, awaits the result with wait_for_callback, and trusts it because verify_signature already checked it.

Capture a library of real events

Trigger each scenario once in the provider's sandbox; HookSense captures the full payload (including signatures and timing). Reuse the same canonical webhooks across every test run.

Replay from CI

Use `hooksense replay --request-id X --target $TEST_ENV_URL` from your test pipeline. Same payload, same signature, every time. No more 'why did this pass yesterday?'

Assert on captured responses

HookSense records the response your endpoint returned (status, body, latency). Diff today's response against last week's to catch regressions before they ship.

See it in code

Replay a canonical test webhook from CI

# .github/workflows/integration-tests.yml
- name: Replay Stripe webhook fixture
  run: |
    npx hooksense replay \
      --request-id req_stripe_checkout_success \
      --target ${{ secrets.TEST_ENV_URL }}/webhooks/stripe

# Asserts that the captured response matches the expected status/body.

FAQ

How do I trigger replays from CI without leaking secrets?

The HookSense CLI accepts a scoped API token (`HOOKSENSE_TOKEN` env var) with replay-only permissions. Store it in your CI secret manager — never in code.

Can I parametrize the payload before replay?

Yes. The replay endpoint accepts header and body overrides — useful for swapping IDs or amounts per test run while keeping the signed structure intact.

What if my test target is behind auth?

Add custom headers to the replay request (auth bearer, basic auth, signed cookies). HookSense sends them alongside the original webhook headers.

Give your agent a callback URL in 30 seconds.

Run npx @hooksense/mcp in Claude Desktop, Cursor, or any MCP client. Free plan, no signup required. Paid plans are early-access.

Create a callback endpoint

Other use cases