azure-messaging-webpubsub-java
Warn
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (MEDIUM): Detected an Indirect Prompt Injection attack surface. (1) Ingestion points: The skill facilitates receiving untrusted data from WebSocket clients via hub and group connections. (2) Boundary markers: No delimiters or instructions to ignore embedded commands are included in the prompt templates. (3) Capability inventory: High-impact capabilities are available, including broadcasting (sendToAll), targeted messaging (sendToGroup, sendToUser), and session management (closeConnection, grantPermission). (4) Sanitization: Provided code snippets lack input validation or sanitization of message content before transmission or processing.
- EXTERNAL_DOWNLOADS (INFO): The skill references 'com.azure:azure-messaging-webpubsub' (v1.5.0). This is a standard SDK from a trusted source (Microsoft/Azure). Per [TRUST-SCOPE-RULE], this finding is downgraded to INFO.
- CREDENTIALS_UNSAFE (SAFE): Code examples adhere to security best practices by using placeholders (e.g., '') and recommending secure authentication via 'DefaultAzureCredential' and environment variables.
Audit Metadata