worker-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instruction override or bypass patterns detected.
- Data Exposure (SAFE): No hardcoded credentials or sensitive file access patterns found. The templates use external configuration for connections.
- Remote Code Execution (SAFE): While the skill instructions include
npx tsxfor running workers, this is a standard development practice. No piped remote execution or untrusted source downloads are present. - Indirect Prompt Injection (LOW): The worker template processes
job.datawhich is an untrusted ingestion point. - Ingestion points:
job.dataintemplates/worker.ts. - Boundary markers: None.
- Capability inventory: No unsafe tool calls are performed in the provided template.
- Sanitization: The template only performs
console.logon the data. Users should be advised to sanitize data if the processor performs shell commands or database writes.
Audit Metadata