inngest-middleware
Fail
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): No malicious behavior patterns detected. The code snippets provide standard educational examples for logging, error tracking, and dependency injection.
- [DATA_EXFILTRATION] (SAFE): The skill demonstrates best practices by using environment variables (
process.env) for sensitive data such asENCRYPTION_KEYandSENTRY_DSNrather than hardcoding credentials. - [EXTERNAL_DOWNLOADS] (SAFE): The referenced Node.js packages (
inngest,openai,@prisma/client) are standard, well-known libraries for the TypeScript ecosystem. - [COMMAND_EXECUTION] (SAFE): No shell command execution, subprocess spawning, or dangerous system calls were identified.
- [PROMPT_INJECTION] (SAFE): No prompt injection or behavior override attempts were found.
- [Indirect Prompt Injection] (SAFE):
- Ingestion points: Event payloads and function results are processed in
transformInputandtransformOutputmethods. - Boundary markers: None present in the simplified examples.
- Capability inventory: Code examples perform logging, metrics tracking, and database updates.
- Sanitization: Not explicitly shown, but the context is focused on infrastructure-level middleware rather than LLM prompt construction.
- [False Positive Note] (INFO): The automated security alert regarding 'logger.info' being a malicious URL is a false positive; it is a standard logging method call used throughout the software industry.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata