inngest-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines patterns for workflows that ingest and process data from untrusted external events, presenting a surface for indirect prompt injection.
- Ingestion points: Data from external events (e.g.,
front/inbound_received) is ingested into the workflow context through theevent.dataobject inSKILL.md. - Boundary markers: The provided code snippets do not include explicit delimiters, tags, or instructions to the agent to disregard embedded commands within the processed data.
- Capability inventory: The workflow logic demonstrates high-privilege capabilities such as executing actions via
executeActionand creating drafts through external APIs. - Sanitization: There is no evidence of sanitization, escaping, or validation of the
contextvariable before it is interpolated into the agent's prompt via thebuildPrompt(context)function call.
Audit Metadata