agent-job-background
Pass
Audited by Gen Agent Trust Hub on May 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill correctly utilizes environment variables (AGENT_JOB_TOKEN, APP_URL, USER_ID) for secure authentication and configuration. Network requests are made to a configurable backend service via the fetch API, and there is no evidence of hardcoded credentials, unauthorized file access, or obfuscated logic.
- [PROMPT_INJECTION]: The skill acts as a relay for user-provided instructions to be processed by a secondary agent instance in a background container.
- Ingestion points: User-provided description argument in agent-job-background.js.
- Boundary markers: Instructions in SKILL.md mandate passing the input verbatim and unchanged, which bypasses summarization or sanitization by the primary agent.
- Capability inventory: The skill performs a POST request to a background job API to launch new agent instances with unspecified tool access.
- Sanitization: No explicit sanitization or filtering is performed on the user-provided prompt before it is transmitted to the downstream API.
Audit Metadata