inngest-middleware
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions and code for integrating with various external libraries and services.\n
- Evidence: Installation commands and imports for @inngest/middleware-encryption, @inngest/middleware-sentry, openai, stripe, @prisma/client, and redis across all files.\n
- Status: All identified packages are official vendor resources or well-known, trusted service libraries.\n- [DATA_EXFILTRATION]: Patterns are provided for transmitting telemetry and error data to external platforms.\n
- Evidence: Implementation of Sentry error tracking and a custom reportError function that uses fetch to send context and stack traces to a configurable endpoint in references/built-in-middleware.md.\n
- Context: These are standard observability practices for production applications.\n- [PROMPT_INJECTION]: The skill describes patterns that ingest and process untrusted external data, creating a surface for indirect prompt injection.\n
- Ingestion points: Event data (ctx.event.data) and function results (result.data) are processed in the middleware lifecycle methods shown in SKILL.md and references/built-in-middleware.md.\n
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are used in the logging or error reporting examples.\n
- Capability inventory: The skill demonstrates capabilities for network requests (fetch), database operations (PrismaClient), and AI model interaction (OpenAI).\n
- Sanitization: No sanitization or filtering of the processed event data is demonstrated in the observability examples.
Audit Metadata