Skills
skills/yonatangross/orchestkit/celery-advanced/Gen Agent Trust Hub

celery-advanced

Warn

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • PROMPT_INJECTION (MEDIUM): An indirect prompt injection surface exists in references/canvas-workflows.md where untrusted data is processed through pipelines with critical capabilities.\n
  • Ingestion point: extract_data and transform_data tasks receiving external IDs and raw data.\n
  • Boundary markers: None defined in the pattern samples.\n
  • Capability inventory: write_to_destination, process_payment, and alert_team.\n
  • Sanitization: Includes apply_schema validation, which is a recommended but incomplete mitigation against adversarial input.\n- EXTERNAL_DOWNLOADS (LOW): Documentation recommends installing common packages such as django-celery-beat and flower from trusted registries.\n- COMMAND_EXECUTION (LOW): Use of Redis Lua scripting in references/rate-limiting-patterns.md for atomic token bucket operations. This logic is statically defined and does not incorporate untrusted external input.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 11:33 PM