maui-push-notifications
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface where untrusted input from notification requests is processed and sent to external services.
- Ingestion points: The ASP.NET Core backend in Program.cs accepts NotificationRequest objects containing arbitrary Title and Body strings through a POST endpoint.
- Boundary markers: There are no delimiters or specific instructions to ensure the notification content is treated as inert data by downstream systems or agents.
- Capability inventory: The NotificationHubService class performs network operations to external notification brokers (FCM and APNS) via the Microsoft.Azure.NotificationHubs library.
- Sanitization: Input fields are interpolated directly into JSON templates in NotificationHubService.cs using string interpolation without escaping or structural validation, which could allow malformed payloads or malicious instructions to be delivered to end-user devices.
Audit Metadata