Skills
skills/lobbi-docs/claude/FastAPI Background Tasks/Gen Agent Trust Hub

FastAPI Background Tasks

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the arq package from the official Python package index. This is a well-known and reputable library for asynchronous task management.
  • [COMMAND_EXECUTION]: Includes the standard CLI command arq app.workers.main.WorkerSettings to initialize and run the background worker process.
  • [PROMPT_INJECTION]: The skill demonstrates a pattern for ingesting user data via a logging endpoint.
  • Ingestion points: The /log POST endpoint in SKILL.md accepts an unvalidated message string.
  • Boundary markers: No delimiters or boundary markers are used in the logging implementation.
  • Capability inventory: The skill utilizes file system write capabilities via the write_log function (open("log.txt", "a")).
  • Sanitization: No input sanitization or validation is applied to the message before it is written to the local log file.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 07:27 PM