cron-scheduling

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill defines patterns for fetching and processing data from external databases, which creates an indirect prompt injection surface when combined with technical capabilities.
  • Ingestion points: Processes organization-specific data fetched via database queries as seen in the dailyDigest example in SKILL.md.
  • Boundary markers: Does not include explicit delimiters or instructions for the agent to treat external data as untrusted or to ignore embedded commands.
  • Capability inventory: Utilizes Bash, Read, and Grep for managing backend configurations and system files.
  • Sanitization: No specific data sanitization or validation steps are prescribed for the agent to perform on data retrieved from the database before it is included in the execution context.
  • [EXTERNAL_DOWNLOADS]: The skill references documentation and implementation guides from well-known services and organizations, including Vercel, Inngest, and OpenAI. These references are used for architectural grounding and are sourced from official domains.
  • [COMMAND_EXECUTION]: The skill involves the configuration and management of deployment-related files (such as vercel.json) and backend script handlers, requiring standard command-line tools for execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 04:35 AM
Security Audit — agent-trust-hub — cron-scheduling