competition-queue-worker-drift
Competition Queue Worker Drift
Use this skill only as a downstream specialization after $ctf-sandbox-orchestrator is already active and has established sandbox assumptions, node ownership, and evidence priorities. If that has not happened yet, return to $ctf-sandbox-orchestrator first.
Use this skill when the decisive effect happens after enqueue, inside a worker, or only under async runtime state that differs from the request path.
Reply in Simplified Chinese unless the user explicitly requests English.
Quick Start
- Map the async chain first: enqueue point, queue payload, worker consumer, retries, and final side effect.
- Keep request-time state separate from worker-time state.
- Record queue name, message shape, worker config, retry policy, and downstream store in one chain.
- Compare synchronous path and async path when behavior diverges.
- Reproduce the smallest enqueue-to-side-effect flow that proves the decisive async drift.
Workflow
1. Map Enqueue And Worker Identity
- Record queue names, topics, cron schedules, delayed jobs, dead-letter queues, worker processes, and consumer groups.
- Note which config, env vars, feature flags, or credentials exist only in the worker environment.
- Keep enqueue request, stored payload, and worker identity tied together.
2. Trace Worker-Only State And Retries
- Show how worker runtime differs from the request path: different env, files, mounts, caches, permissions, or clocks.
- Record retry count, backoff, dedupe keys, failure handling, dead-letter flow, and idempotency behavior.
- Distinguish immediate request success from eventual worker success or failure.
3. Reduce To The Decisive Async Chain
- Compress the result to the smallest sequence: enqueue -> worker runtime -> retry or branch -> resulting effect.
- State clearly whether the decisive difference lives in payload shape, worker config, retry path, or downstream consumer.
- If the issue is really about the file parser invoked by the worker, switch back to the tighter file-parser skill.
Read This Reference
- Load
references/queue-worker-drift.mdfor the queue checklist, retry checklist, and evidence packaging.
What To Preserve
- Queue names, payloads, worker identities, retry metadata, dead-letter edges, and downstream effects
- The exact worker-only config or state that changes behavior
- One minimal enqueue-to-side-effect reproduction chain
More from galiais/ctf-sandbox-orchestrator
competition-prompt-injection
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for prompt-injection, retrieval poisoning, memory contamination, planner drift, MCP or tool-boundary abuse, and agent exfiltration challenges. Use when the user asks to analyze prompt injection, retrieval poisoning, memory contamination, planner drift, tool-argument corruption, or secret exposure caused by an agent chain. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
10competition-forensic-timeline
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for DFIR chronology, cross-artifact correlation, persistence chains, and incident timeline reconstruction. Use when the user asks to build a forensic timeline, correlate EVTX, PCAP, registry, disk, memory, mailbox, or browser artifacts, explain the order of attacker actions, or pinpoint the stage where the decisive artifact appears. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
9competition-agent-cloud
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for AI-agent, prompt-injection, MCP or toolchain, cloud, container, CI/CD, and supply-chain challenges. Use when the user asks to analyze prompt-to-tool flows, retrieval poisoning, mounted secrets, deployment drift, runtime-vs-manifest mismatches, registry provenance, or CI-produced artifacts under sandbox assumptions. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
8competition-lsass-ticket-material
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for LSASS-resident secrets, Windows logon sessions, Kerberos ticket caches, DPAPI-backed material, SSP artifacts, and replayable credential extraction. Use when the user asks to inspect LSASS memory, recover tickets or logon sessions, trace DPAPI or SSP material, distinguish which credential artifacts are replayable, or connect host-resident credential material to an accepted pivot or privilege edge. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
8competition-reverse-pwn
Internal downstream skill for ctf-sandbox-orchestrator. CTF-sandbox workflow for reverse engineering, malware, DFIR, firmware, pwnable, and native exploit challenges. Use when the user asks to reverse a binary, unpack a sample, inspect a memory dump or PCAP, recover malware behavior, debug a crash, or build or verify an exploit chain under sandbox assumptions. Use only after `$ctf-sandbox-orchestrator` has already established sandbox assumptions and routed here.
8ctf-sandbox-orchestrator
Default entrypoint and master ctf-sandbox-orchestrator workflow for CTF, exploit, reverse engineering, DFIR, pwnable, crypto, stego, mobile, AI-agent, cloud, container, Active Directory, Windows-host, and identity challenges. Use first when the user presents challenge infrastructure, binaries, prompts, hosts, or identities that should be treated as sandbox-internal by default and Codex needs to choose, route, and load the right downstream analysis path with concise evidence.
8