Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.niteshift.dev/llms.txt

Use this file to discover all available pages before exploring further.

Use webhooks to respond to alerts, address tickets, or react to deploys. Use schedules to run audits, triage dependencies, or send weekly reports.

Examples

  • Datadog alerts, root-caused in Slack — when a Datadog monitor fires, the agent investigates with the Datadog MCP and posts the root cause back to the alert’s Slack thread.
  • Weekly flaky test fixes — every Monday morning, the agent scans the last week of GitHub Actions runs for flaky tests and opens a PR with an attempted fix for each.
  • Nightly bug hunt — every night, the agent reads the last 24 hours of commits, flags the riskiest changes, and opens a PR with fixes for any bugs it finds.

Scheduled tasks

Use a schedule for recurring work like dependency bumps, periodic test runs, code-quality scans, or weekly maintenance passes. Configure:
  • Repository, branch, and model
  • Schedule and task: describe in plain language what the agent should do and when it should run. Niteshift parses it into a task prompt, cron expression, timezone, and a human-readable schedule label.

Webhook triggers

Use a webhook for event-driven work like CI failures, monitoring alerts, deploy notifications, or anything else that emits an HTTP webhook. Configure:
  • Name, repository, branch, and model
  • Task prompt template: the instructions the agent gets each time a request hits the URL. Use {{payload.field}} (dot paths into the JSON) or {{payload_json}} / {{payload}} to insert the full request body as pretty-printed JSON.

Authentication

Each trigger has a single shared secret. Incoming requests authenticate with one of:
  • HMAC (preferred): send x-niteshift-signature and x-niteshift-timestamp headers. The signature is sha256=<hex> where the HMAC is computed over <timestamp>.<body> using the trigger secret. Includes timestamp-based replay protection.
  • Bearer token: send Authorization: Bearer <secret>. Use this for sources like Datadog that can set static custom headers but can’t compute a per-request signature.

Rate limiting

Each webhook URL is limited to 10 requests per rolling minute and 100 per 24 hours. The burst rule runs first; a request only counts toward the daily cap if it would have passed the burst check, so a flood of throttled calls does not use up the whole day. 429 responses: JSON with error and retryAfter (seconds), plus the Retry-After and X-RateLimit-* headers. Header values match whichever limit blocked you; X-RateLimit-Reset is a Unix time in seconds for the end of that limit’s current window.