Ccoldsmith
Public APIs, no signup, no key

Coldsmith API

Two JSON endpoints you can call from any backend, anywhere. Cold-email scoring on a 6-dimension rubric, plus Stripe webhook handler audit. Rate-limited to 20 requests/hour/IP, no auth.

POST/api/cold-email-audit

Score a cold email

Returns a 0-100 score across 6 dimensions plus the single biggest lever to pull.

Request body
{
  "email_body": "Hey Sarah, saw Vercel shipped edge KV last week...",
  "icp": "VP Eng at Series-B fintech"  // optional
}
Response
{
  "overall_score": 72,
  "one_line_verdict": "Sharp but salesy in the second sentence.",
  "biggest_lever": "Replace 'I help SaaS teams' with a concrete result.",
  "dimensions": [
    { "name": "Personalization", "score": 7, "verdict": "Recent signal cited.", "detail": "...", "fix": "..." },
    { "name": "Specificity of ask", "score": 8, "verdict": "Concrete CTA.", "detail": "...", "fix": null }
    // 4 more dimensions
  ],
  "rewrite_suggestion": "Hi Marcus...",
  "share_id": "3z4x074g5g3c"  // public result at /audit/{share_id}
}
Try it
curl -X POST https://coldsmith.dev/api/cold-email-audit \
  -H "Content-Type: application/json" \
  -d '{"email_body":"Hey Sarah...","icp":"VP Eng at fintech"}'
POST/api/webhook-audit

Audit a Stripe webhook handler

Returns a grade A-F with critical/high/medium/low findings against signature verification, idempotency, reply latency, event coverage, and more.

Request body
{
  "stack": "Node + Express. POST /api/stripe-webhook. Using stripe.webhooks.constructEvent. No idempotency check.",
  "payload": "...code or sample event JSON...",  // optional
  "concerns": "We had a duplicate charge incident"  // optional
}
Response
{
  "grade": "C",
  "one_line": "Verification present but idempotency gap is serious.",
  "findings": [
    {
      "severity": "high",
      "area": "Idempotency",
      "issue": "No event.id dedup; retries cause duplicate side effects.",
      "fix": "Check a processed_events table before processing..."
    }
    // more findings
  ],
  "next_step": "Add the processed_events table first."
}
Try it
curl -X POST https://coldsmith.dev/api/webhook-audit \
  -H "Content-Type: application/json" \
  -d '{"stack":"Node + Express, using stripe.webhooks.constructEvent..."}'
GET/api/audit-stats

Aggregate stats

Public running totals: count + average score + grade distribution across all audits run.

Response
{
  "total": 1247,
  "avg_score": 53.4,
  "grade_distribution": [
    { "grade": "A", "n": 42 },
    { "grade": "B", "n": 168 },
    { "grade": "C", "n": 391 },
    { "grade": "D", "n": 484 },
    { "grade": "F", "n": 162 }
  ]
}
Try it
curl https://coldsmith.dev/api/audit-stats

Rate limits + fair use

  • 20 requests / hour / IP on the audit endpoints; 10 / hour / IP on /interest. No auth, no key.
  • Each successful audit response includes a share_id you can use to render the public result page at /audit/<share_id> or embed the SVG badge at /audit/<share_id>/badge.svg.
  • The audit JSON is stable; we will not break it without versioning the URL.
  • If you build something that hits the rate cap regularly, reply to hello@coldsmith.dev and we will work out a higher tier.
  • The rubric itself is open. Download as markdown (CC0) for use in your own scoring pipeline, training docs, or internal tools. No attribution required.

Use cases

  • CRM integration: score every outbound draft before it sends, block any below 65.
  • Email tool browser extension: score on save in Smartlead, Instantly, Lemlist drafts.
  • Agency QA dashboard: bulk-score your clients' campaigns nightly.
  • Internal training: SDR onboarding tool, show what a 70+ email looks like.
  • Public widget: embed the rate-limited endpoint behind a form on your own site.