iii-queue-processing
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or security risks were identified. The skill defines standard architectural concepts like named queues, FIFO ordering, and retry policies.
- [DATA_EXPOSURE]: The skill uses 'iii-config.yaml' for configuration and 'messageReceiptId' for tracking, which are standard practices for the intended engine and do not involve credential exposure or data exfiltration.
- [COMMAND_EXECUTION]: No unauthorized or dangerous command execution patterns were found. The 'TriggerAction' primitives are part of the engine's internal API.
- [INDIRECT_PROMPT_INJECTION]: While the skill describes an agent processing external 'job payloads' (an attack surface for indirect prompt injection), it is documented as a standard architectural pattern for background tasks.
- Ingestion points: Consumer functions receive untrusted job payloads.
- Boundary markers: None specified in the reference documentation.
- Capability inventory: Uses 'registerFunction', 'trigger' (Enqueue), and 'state::set' in 'SKILL.md'.
- Sanitization: No explicit sanitization or validation of payload content is described in the markdown.
Audit Metadata