Skip to main content

Takumi Guard Now Supports Test Breach Notifications

· 3 min read
Cheng-Jui Chen
Cheng-Jui Chen
Software Engineer @ GMO Flatt Security Inc.

Takumi Guard now lets you send a test breach notification from the settings page, so you can verify that your webhook endpoints and email addresses actually receive notifications before a real malicious-package advisory ever lands.

Overview

Guard's breach notifications alert your team when a package you downloaded turns out to be malicious. Until now, there was no way to confirm that the notification pipeline was working end-to-end without waiting for an actual advisory to be published. With this release, you can trigger a test notification on demand and immediately verify the full delivery chain — that the webhook URL is reachable, the signature secret is correct, and the email inbox is receiving messages.

On the Breach Notifications settings page, select which channels to test — registered webhook endpoints, confirmed email addresses, or both — and click Send test notification.

Test notifications use fixture content so the recipient can never mistake them for a real incident:

  • Webhook: the payload has the same structure as a real breach notification, but the envelope type is guard.test_notification (instead of guard.malicious_package_detected), and the data block carries is_test: true. The advisory ID starts with TEST-.
  • Email: the email body looks like a real breach notification but begins with a TEST NOTIFICATION banner explaining that no malicious package was actually detected.

Webhook Payload Example

A test notification webhook request has the same shape as a real one. The type and is_test fields let your integration distinguish it from production alerts.

{
  "type": "guard.test_notification",
  "timestamp": "2026-05-12T04:00:00Z",
  "data": {
    "advisory": {
      "advisory_id": "TEST-...",
      "package_name": "@takumi-guard/evil-test-package",
      "...": "..."
    },
    "affected_downloads": [{ "...": "..." }],
    "summary": { "...": "..." },
    "is_test": true
  }
}

is_test is present and set to true only for test notifications. Real malicious-package payloads omit this field entirely, so you can use its presence as a reliable filter in your automation.

Getting Started

  1. In the Takumi / Shisho Cloud console, navigate to Guard > Settings and open the Breach Notifications section.
  2. Select the channels you want to test (webhook, email, or both).
  3. Click Send test notification.
  4. Inspect what arrived at your endpoint or inbox to confirm everything is working.

For the full walkthrough and detailed payload/email examples, see the breach notifications user guide.

info

This feature requires an active Takumi subscription with Guard enabled. Access to the settings page requires the Takumi Manager or Owner role.