Code Room
Code reviewHardcr-p017
Subject SecurityLevel Senior–Staff~18 minCommon in Security interviewsIndustries Software development

Question

Review this code that trusts a third-party webhook payload.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewpython
def handle_webhook(req):    data = req.json()    amount = data['amount']    credit_account(data['user_id'], amount)
Run or narrate your approach, then ask the coach.