blazor-ag-ui-agent-framework
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill relies on official Microsoft Agent Framework packages (e.g., Microsoft.Agents.AI.Hosting.AGUI.AspNetCore), which are sourced from a trusted organization. All external documentation and repository links point to well-known technology providers such as Microsoft and CopilotKit, adhering to the trusted source guidelines.
- [SAFE]: The documentation provides robust security guidance for processing agent output. It mandates HTML sanitization and JSON schema validation for generative UI components to prevent XSS and schema confusion attacks. (Ingestion: SSE event stream; Boundaries: Advised use of markdown/JSON delimiters; Capabilities: Controlled tool execution via MAF; Sanitization: Explicitly required).
- [SAFE]: Human-in-the-Loop (HITL) patterns are integrated throughout the framework. The skill provides detailed implementation instructions for non-blocking approval queues and risk-based escalation, ensuring that high-risk actions like database deletions are only executed with explicit user confirmation.
- [SAFE]: The framework implements secure state management patterns using server-authoritative state and JSON Patch for delta updates, reducing the risk of client-side state tampering in agentic workflows.
- [SAFE]: No hardcoded credentials, malicious persistence mechanisms, or unauthorized data exfiltration patterns were detected. The skill's primary function is to provide architectural patterns for building secure, observable, and controllable agent interfaces.
Audit Metadata