trigger-dev

Enables the creation of reliable background jobs in serverless environments, handling long-running tasks and asynchronous processing.

Install this skill

or

67/100

Security score

The trigger-dev skill was audited on Mar 7, 2026 and we found 9 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 80

Template literal with variable interpolation in command context

SourceSKILL.md

80	uploadToS3(`thumbs/${payload.userId}/thumb.webp`, thumbnail),

medium line 81

Template literal with variable interpolation in command context

SourceSKILL.md

81	uploadToS3(`images/${payload.userId}/medium.webp`, medium),

medium line 82

Template literal with variable interpolation in command context

SourceSKILL.md

82	uploadToS3(`images/${payload.userId}/large.webp`, large),

medium line 182

Template literal with variable interpolation in command context

SourceSKILL.md

182	console.log(`Processed ${processed}/${records.length}`)

medium line 208

Template literal with variable interpolation in command context

SourceSKILL.md

208	'Authorization': `Bearer ${process.env.OPENAI_API_KEY}`,

low line 205

Fetch to external URL

SourceSKILL.md

205	const response = await fetch('https://api.openai.com/v1/embeddings', {

medium line 5

Webhook reference - potential data exfiltration

SourceSKILL.md

5	long-running tasks in the background, process webhooks reliably, build async

low line 208

Access to .env file

SourceSKILL.md

208	'Authorization': `Bearer ${process.env.OPENAI_API_KEY}`,

low line 205

External URL reference

SourceSKILL.md

205	const response = await fetch('https://api.openai.com/v1/embeddings', {

Scanned on Mar 7, 2026

View Security Dashboard

Install this skill with one command

/learn @terminalskills/trigger-dev

GitHub Stars 10

Rate this skill

Categorydevelopment

UpdatedMarch 29, 2026

openclaw backend backend-developer devops-sre product-manager development product

TerminalSkills/skills