How Garudust’s event triggers automate workflows with webhooks

Garudust simplifies event-driven automation by consolidating every external interaction—whether from chat messages, cron jobs, or webhook calls—into a single primitive: agent.run(task). This unified approach means any system capable of sending an HTTP POST can trigger Garudust, transforming routine tasks into intelligent workflows without complex middleware.

How the webhook adapter processes events

When Garudust is configured to use a webhook platform, it launches an Axum HTTP server and registers a POST endpoint at a user-defined path. Incoming requests follow a structured format, such as:

{
  "text": "A new billing invoice has arrived from Acme Corp for $4,200.",
  "callback_url": "
  "user_id": "billing-watcher",
  "session_key": "billing-acme-corp"
}

Key fields include:

• text: The task prompt for the agent to execute.
• callback_url: The endpoint Garudust will POST results to.
• user_id (optional): Used for role-based access control.
• session_key (optional): Locks conversation history to a specific session. If omitted, it defaults to webhook:{callback_url}.

Garudust wraps this data into an InboundMessage, routes it through the GatewayHandler, and initiates agent.run(). Once processing completes, the agent posts the response back to the provided callback_url, such as:

{
  "text": "Invoice from Acme Corp for $4,200 — categorized as SaaS/Infrastructure. Flagged for approval above $3,000 threshold. Draft approval request sent to #finance."
}

The HTTP response for your POST endpoint is immediately 202 Accepted, confirming asynchronous task initiation.

Security measures for event triggers

Garudust enforces strict security by validating HMAC-SHA256 signatures for all incoming requests. Configure a shared secret to enable this protection, and the system will sign all outgoing POST requests with:

X-Hub-Signature-256: sha256=<hex(HMAC-SHA256(secret, raw_body))>

Requests lacking a valid signature are rejected with a 401 error. Additionally, network guards block callback URLs pointing to private IP ranges (192.168.x.x, 10.x.x.x, localhost), preventing agents from being coerced into interacting with internal systems.

Core patterns for seamless integration

The division of labor between external systems and Garudust is clear:

• Event sources (email, calendars, databases, queues) handle filtering and matching logic before triggering.
• Garudust executes the agent.run(task) based on the provided description.
• Your system processes results via the callback_url.

Neither side needs to understand the internal structure of the other, enabling modular and maintainable workflows.

Real-world use cases for Garudust triggers

Monitor billing emails for invoices

Email processors can scan for billing emails from specific senders, extract details like subject, sender, and amount, then trigger Garudust:

{
  "text": "New invoice received: Stripe — $1,840 for May 2026. Attach to this month's expense report and notify the finance channel if it exceeds the $1,500 alert threshold.",
  "callback_url": "
  "session_key": "finance-inbox"
}

The agent reads the expense report file, adds a line item, and posts a Slack notification. The email processor remains agnostic to expense systems or Slack integrations.

Gate GitHub PR reviews with AI

GitHub Actions workflows can invoke Garudust after a PR is opened in the main branch. The workflow constructs a payload from GitHub context:

{
  "text": "PR #214 opened by @alice: 'feat: add OAuth2 PKCE flow'. Changed files: src/auth/oauth.rs, src/auth/pkce.rs, tests/auth_integration.rs. Diff summary attached. Review for security issues in the auth flow and post a summary comment.",
  "callback_url": "
  "session_key": "pr-214"
}

The session_key tied to PR #214 ensures subsequent triggers—such as new commits or re-reviews—continue within the same conversation thread.

Detect database anomalies automatically

Monitoring jobs can query database tables on a schedule and validate aggregate metrics. Upon breaching a threshold, instead of sending a static alert, they trigger Garudust:

{
  "text": "Anomaly detected: orders table insert rate dropped 94% in the last 10 minutes (baseline 340/min, current 19/min). Last successful insert: 09:42 UTC. Investigate root cause and summarize for on-call.",
  "callback_url": "
  "session_key": "incident-2026-05-23-orders"
}

The agent uses terminal tools to run additional queries, checks the latest deployment, and generates a structured incident summary. The monitoring job only needs to identify the breach.

Track external attendees in calendar events

Calendar integrations can poll Google Calendar (or receive push notifications) and trigger Garudust when an event includes attendees from external domains:

{
  "text": "New calendar event: 'Q3 partnership discussion' on 2026-06-04 14:00 UTC. External attendees: jane@partner.com, bob@partner.com. Prepare a one-page briefing on Partner Corp using the CRM notes and recent email thread.",
  "callback_url": "
  "session_key": "meeting-prep-2026-06-04"
}

Garudust handles the briefing generation, while the calendar integration focuses solely on filtering external attendees.

Process variable workloads from task queues

Background workers pulling tasks from queues (SQS, Redis, RabbitMQ) can forward each task to Garudust for agent-based processing. This approach suits high-variability workloads where agents handle individual tasks independently:

{
  "text": "Customer support ticket #8821 (priority: high): User reports that export to CSV silently truncates rows above 10,000. Reproduce the scenario, identify the code path responsible, and draft a fix description for the engineering team.",
  "callback_url": "
  "session_key": "ticket-8821"
}

Queue workers dequeue tasks, format the text payload, and send webhook requests. Multiple tickets can spawn concurrent agent sessions for parallel processing.

Session keys: enabling continuity across triggers

The session_key is the backbone of multi-step workflows. By binding a unique key to a series of event triggers, Garudust ensures conversation history is preserved across calls. For example:

• A PR review trigger for commit #1 and a re-review trigger for commit #2 share the same conversation thread.
• Billing invoices from the same vendor maintain context for follow-up actions.

This continuity transforms one-off event triggers into cohesive, context-aware workflows, reducing redundancy and improving efficiency.

Looking ahead, Garudust’s event triggers will continue to evolve, offering tighter integrations with enterprise tools and enhanced support for real-time collaboration. Organizations seeking to automate workflows without sacrificing security or scalability will find Garudust’s approach both innovative and practical.