Skills
skills/aj-geddes/useful-ai-prompts/websocket-implementation/Gen Agent Trust Hub

websocket-implementation

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill provides templates that ingest and process untrusted data from remote WebSocket clients, creating a surface for indirect prompt injection.
  • Ingestion points: Data is received via socket.on events in references/nodejs-websocket-server-socketio.md and the ws.iter_any() loop in references/python-websocket-server-aiohttp.md.
  • Boundary markers: The code snippets do not include delimiters or specific instructions to treat incoming data as untrusted.
  • Capability inventory: The implementations include capabilities for broadcasting data to other clients and performing database operations (Message.create, save_message).
  • Sanitization: No input validation or sanitization routines are included for the message payload fields.
  • [DATA_EXFILTRATION]: The Node.js implementation in references/nodejs-websocket-server-socketio.md uses a permissive CORS policy (origin: "*") which is insecure for production environments as it allows any origin to connect.
  • [DATA_EXFILTRATION]: The Python implementation in references/python-websocket-server-aiohttp.md transmits raw error strings (str(error)) to clients, which could expose internal stack traces or server logic details.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 05:09 PM