Bot intelligence record

GitHub Hookshot

Usually allow

Use the github-hookshot identifier to separate GitHub webhook or service callback traffic from normal visitor requests in server logs.

Webhook Verified Bot Confidence: Medium Verified: Yes robots.txt: Unknown
Operator
GitHub
Family
GitHub
Type
Webhook
Source type
Verified Directory
Last checked
2026-05-20

User-Agent Pattern

GitHub
github-hookshot
Verification note

User-agent strings are identification signals, not proof of identity. Confirm important allow, block, or rate-limit decisions with logs, DNS or IP evidence, request behavior, or operator documentation when available.

Robots.txt Snippet

Click snippet to copy 
User-agent: github-hookshot
Disallow: /

Click the snippet to copy it, or highlight the text manually.

Handling Guidance

Depends

This bot is usually safe to allow when the request source is verified and the traffic matches your site policy.

Webhook notifications, callbacks, payment events, or service-to-service integration requests.

Record Details

Structured data
Operator
GitHub
Family
GitHub
Type
Webhook
Purpose
Webhook
Identity type
Verified Bot
Confidence
Medium
Last verified
2026-04-19
Last checked
2026-05-20
Source type
Verified Directory
Verification
Public verified bot directory listing
Spoofing risk
Medium

Notes

GitHub Hookshot is listed in the Botcrawl directory as a webhook callback service from GitHub. The primary identifier for log review is github-hookshot.

Identification

  • User-agent pattern: github-hookshot
  • Family: GitHub
  • Type: Webhook
  • Kind: Webhook

Common use

Webhook notifications, callbacks, payment events, or service-to-service integration requests.

Verification and handling

Confirm the user-agent against server logs and use published operator documentation, IP ranges, reverse DNS, or other trust signals when available.

Directory guidance marks the risk level as Safe and the blocking decision as Depends. Do not rely on the user-agent string alone because user-agent strings can be copied or spoofed.

Robots.txt handling: Unknown.

Evidence and Source

  • Public verified bot directory listing
  • Match `github-hookshot` as a case-insensitive substring in HTTP user-agent logs. Review bot_aliases for alternate names or product labels. Do not treat a user-agent match alone as proof of identity for allow-listing.
  • Webhook notifications, callbacks, payment events, or service-to-service integration requests.
  • Medium

https://bots.fyi/d/github-hookshot

Same family: GitHub

github-camo Safe

GitHub Camo

GitHub Camo is a preview bot associated with GitHub, used for GitHub's image proxy service.

Operator and family: GitHub Type: Preview
Verified robots.txt: Unknown Block: Depends Verified Bot

Similar purpose: Webhook

YokoyGroupAG Safe

Yokoy Group Webhooks

Yokoy is a spend management SAAS solution. Webhooks generate requests to book expenses or invoices to customer's ERP system whenever the processing and approval process has been completed.

Operator and family: Yokoy Group AG Type: Webhook
Verified robots.txt: No Block: No Verified Bot
Zapier Safe

Zapier

Zapier is a webhook callback service from Zapier Inc. used for service notifications, callbacks, or integration events.

Operator and family: Zapier Inc. Type: Webhook
Verified robots.txt: No Block: No Verified Bot
Zendesk Webhook Safe

Zendesk Webhook

Webhooks for development of Zendesk ticketing system and apps.

Operator and family: Zendesk Type: Webhook
Verified robots.txt: No Block: No Verified Bot
Indy Library Safe

Worldline Bot

Worldline Bot is a webhook callback service from Worldline used for service notifications, callbacks, or integration events.

Operator and family: Worldline Type: Webhook
Verified robots.txt: No Block: No Verified Bot

Monitor This Bot In Edge

Botcrawl Edge

Use Botcrawl Edge to see matching traffic, create allow or block rules, and control this bot across connected sites.

Get Edge Now Open BotDB