web-realtime-sse
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive guidance on implementing Server-Sent Events using standard browser APIs and React hooks.
- [SAFE]: It emphasizes secure authentication practices, specifically recommending against including tokens in URL query strings and providing examples for header-based authentication with fetch.
- [SAFE]: The code patterns include mandatory cleanup logic (eventSource.close, AbortController.abort) to prevent memory leaks and resource exhaustion.
- [SAFE]: The skill includes a 'Reference' section that identifies common security pitfalls like XSS and lack of message validation, providing remediation advice for developers.
Audit Metadata