inngest-flow-control
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior or bypass safety filters.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected. Mention of 'openai' is used as a configuration key for concurrency limits, not a secret token.
- Obfuscation (SAFE): No Base64 encoding, zero-width characters, or homoglyphs are present.
- Remote Code Execution (SAFE): No remote scripts are downloaded or executed. The code provided consists of illustrative TypeScript snippets for the Inngest SDK.
- Dynamic Execution (SAFE): The 'priority' configuration uses string expressions for dynamic evaluation, which is a standard feature of the Inngest SDK for processing event data. This is contextually appropriate for the skill's primary purpose.
- Indirect Prompt Injection (SAFE): While the skill demonstrates processing event data (untrusted input surface), it does so within the context of infrastructure configuration (flow control) rather than natural language processing, presenting no significant injection risk to the agent.
Audit Metadata