dotnet-realtime-communication
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: References the official Microsoft GitHub repository for the
vs-streamjsonrpclibrary, which is a trusted source. - [PROMPT_INJECTION]: The Hub implementation examples (e.g.,
NotificationHub.SendMessage) accept untrusted string data from clients and broadcast it to other participants. This presents a surface for indirect prompt injection. 1. Ingestion points:SendMessageandUploadDatamethods inSKILL.md; 2. Boundary markers: Absent; 3. Capability inventory: Broadcasting messages to groups viaClients.Group().SendAsyncand processing asynchronous data streams; 4. Sanitization: Not present in the provided boilerplate code snippets.
Audit Metadata