async-jobs
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process data from untrusted external sources, such as webhooks and third-party APIs (e.g.,
process_webhookinreferences/arq-patterns.md). This creates a vulnerability surface for indirect prompt injection, where malicious instructions embedded in the data could influence the agent's behavior. - Ingestion points: Webhook payloads and API responses processed in
references/arq-patterns.mdandreferences/retry-strategies.md. - Boundary markers: No explicit delimiters or guards are demonstrated in the templates for external data.
- Capability inventory: The skill utilizes network access (
httpx,requests) and file storage (boto3). - Sanitization: The provided code patterns do not include input validation or sanitization for the ingested content.
- [EXTERNAL_DOWNLOADS]: The skill references standard, well-known Python packages including Celery, ARQ, and Temporal.io, which are typical for background job processing systems and are fetched from official registries.
Audit Metadata