realtime
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation refers to the installation and use of @trigger.dev/react-hooks and @trigger.dev/sdk. While these are legitimate packages for the Trigger.dev service, they are not on the predefined list of trusted organizations.
- [CREDENTIALS_UNSAFE] (SAFE): The skill demonstrates secure handling of credentials by showing how to generate short-lived, scoped public tokens on the backend rather than exposing master API keys.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill provides patterns for ingesting and displaying data from external task runs and AI streams, which constitutes a potential injection surface. 1. Ingestion points: run.output and aiStream data processed in React components. 2. Boundary markers: No explicit boundary markers or 'ignore' instructions are demonstrated in the snippets. 3. Capability inventory: Updating UI components, logging status, and streaming AI responses. 4. Sanitization: The examples do not explicitly show sanitization of the run output or stream parts before rendering.
Audit Metadata