system-bus
Facilitates the development and management of Inngest durable functions and webhooks, enhancing observability and deployment efficiency.
Install this skill
Security score
The system-bus skill was audited on May 12, 2026 and we found 31 security issues across 3 threat categories, including 2 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Curl to non-GitHub URL
| 85 | 5. verify `curl http://127.0.0.1:3111/` shows functions and `joelclaw functions` returns >0 |
Curl to non-GitHub URL
| 197 | - **Inngest server function registry goes stale** on worker restart. Always `curl -X PUT http://127.0.0.1:3111/api/inngest` after restart. If PUT returns `Empty reply from server`, check `~/.local/log |
Curl to non-GitHub URL
| 240 | curl http://localhost:3111/ | jq |
Curl to non-GitHub URL
| 258 | curl -X PUT http://127.0.0.1:3111/api/inngest |
Webhook reference - potential data exfiltration
| 4 | description: Develop, deploy, and debug the system-bus worker — joelclaw's 110+ Inngest durable function engine, webhook gateway, and observability pipeline. Triggers on 'add a function', 'new inngest |
Webhook reference - potential data exfiltration
| 16 | The system-bus worker (`@joelclaw/system-bus`) is joelclaw's event-driven backbone — 110+ Inngest durable functions, webhook ingestion, and observability. It runs as a Hono HTTP server registered with |
Webhook reference - potential data exfiltration
| 41 | │ ├── webhooks/ |
Webhook reference - potential data exfiltration
| 42 | │ │ ├── server.ts # Webhook router (mounted at /webhooks) |
Webhook reference - potential data exfiltration
| 44 | │ │ └── providers/ # Per-service webhook handlers |
Webhook reference - potential data exfiltration
| 64 | | `cluster` | k8s pod (GHCR image) | Webhooks (Front, GitHub, Vercel, Todoist, Mux), approvals, notifications, Slack backfill — stateless, network-only | |
Webhook reference - potential data exfiltration
| 89 | Queue pilot flags are evaluated inside the live worker process, not your shell. If a host-worker emitter like `discovery-capture` or `/webhooks/github` should switch to queue mode, put the flag in `~/ |
Webhook reference - potential data exfiltration
| 227 | ## Adding a Webhook Provider |
Webhook reference - potential data exfiltration
| 229 | See the `webhooks` skill for full details. Quick summary: |
Webhook reference - potential data exfiltration
| 231 | 1. Create `src/webhooks/providers/<service>.ts` implementing `WebhookProvider` |
Webhook reference - potential data exfiltration
| 232 | 2. Register in `src/webhooks/server.ts` |
Webhook reference - potential data exfiltration
| 233 | 3. Add secret to `WEBHOOK_SECRETS` array in `serve.ts` |
Webhook reference - potential data exfiltration
| 234 | 4. Store secret in agent-secrets: `secrets add <service>_webhook_secret` |
Webhook reference - potential data exfiltration
| 297 | | `src/webhooks/server.ts` | Webhook route registration | |
Access to hidden dotfiles in home directory
| 89 | Queue pilot flags are evaluated inside the live worker process, not your shell. If a host-worker emitter like `discovery-capture` or `/webhooks/github` should switch to queue mode, put the flag in `~/ |
Access to hidden dotfiles in home directory
| 98 | `content/updated` is the odd one out: its ingress comes from the launchd watcher `com.joel.content-sync-watcher`, not from a worker-local function. The canonical watcher source now belongs in `infra/l |
Access to hidden dotfiles in home directory
| 104 | ADR-0217 Phase 3 Story 4 now has a live host-worker runtime in `packages/system-bus/src/inngest/functions/queue-observer.ts`. Durable cadence belongs in Inngest, not the gateway daemon: the cron contr |
Access to hidden dotfiles in home directory
| 114 | Hard-won gotcha from the Story 3 live proof: queue operator commands must resolve Redis from the canonical CLI config (`~/.config/system-bus.env` → `REDIS_URL`) before ambient shell env. The first pro |
Access to hidden dotfiles in home directory
| 197 | - **Inngest server function registry goes stale** on worker restart. Always `curl -X PUT http://127.0.0.1:3111/api/inngest` after restart. If PUT returns `Empty reply from server`, check `~/.local/log |
Access to .env file
| 89 | Queue pilot flags are evaluated inside the live worker process, not your shell. If a host-worker emitter like `discovery-capture` or `/webhooks/github` should switch to queue mode, put the flag in `~/ |
Access to .env file
| 98 | `content/updated` is the odd one out: its ingress comes from the launchd watcher `com.joel.content-sync-watcher`, not from a worker-local function. The canonical watcher source now belongs in `infra/l |
Access to .env file
| 104 | ADR-0217 Phase 3 Story 4 now has a live host-worker runtime in `packages/system-bus/src/inngest/functions/queue-observer.ts`. Durable cadence belongs in Inngest, not the gateway daemon: the cron contr |
Access to .env file
| 114 | Hard-won gotcha from the Story 3 live proof: queue operator commands must resolve Redis from the canonical CLI config (`~/.config/system-bus.env` → `REDIS_URL`) before ambient shell env. The first pro |
External URL reference
| 85 | 5. verify `curl http://127.0.0.1:3111/` shows functions and `joelclaw functions` returns >0 |
External URL reference
| 197 | - **Inngest server function registry goes stale** on worker restart. Always `curl -X PUT http://127.0.0.1:3111/api/inngest` after restart. If PUT returns `Empty reply from server`, check `~/.local/log |
External URL reference
| 240 | curl http://localhost:3111/ | jq |
External URL reference
| 258 | curl -X PUT http://127.0.0.1:3111/api/inngest |