message-worker-thread
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface via incoming worker thread messages.
- Ingestion points: Data enters the skill via the message event listener on the worker port in src/index.ts.
- Boundary markers: The communication protocol does not implement explicit boundary markers or delimiters for user-provided data payloads.
- Capability inventory: The library is designed to facilitate command execution through the user-implemented exec method in subclasses, which may perform sensitive tasks.
- Sanitization: The framework performs no sanitization or schema validation on incoming messages before they are passed to the processing logic.
Audit Metadata