Skills
skills/yonatangross/orchestkit/background-jobs/Gen Agent Trust Hub

background-jobs

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill establishes an attack surface for indirect prompt injection by processing untrusted external data while possessing high-privilege capabilities (Category 8).
  • Ingestion points: Entry points for untrusted data are defined in process_webhook (SKILL.md) and sync_external_data (scripts/arq-worker-template.py).
  • Boundary markers: Absent. There are no delimiters or explicit instructions for the agent to ignore embedded commands in the processed data.
  • Capability inventory: The templates include capabilities for persistent database modification via SQLAlchemy (scripts/arq-worker-template.py) and external network requests via httpx and requests (SKILL.md).
  • Sanitization: The provided templates do not demonstrate input validation, escaping, or sanitization logic for external payloads.
  • Credentials Unsafe (LOW): Hardcoded placeholder credentials found in worker configuration.
  • Evidence: The database_url in scripts/arq-worker-template.py contains user:pass. While these are clearly placeholders for development, they represent a credential exposure risk if replaced with real values in the source code.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:06 AM