pubnub-chat
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill handles untrusted data from external sources (chat messages).
- Ingestion points: Untrusted data enters the agent context via
channel.connect((message) => ...)inreferences/chat-features.mdandchat.getMentionsinreferences/chat-patterns.md. - Boundary markers: Absent. The code examples do not demonstrate the use of delimiters or 'ignore instructions' markers when processing message text.
- Capability inventory: The skill does not use subprocess, eval, or local file-write capabilities. Its primary capability is network interaction via the PubNub SDK.
- Sanitization: Absent. No sanitization or HTML escaping logic is provided in the reference implementation patterns.
- [External Downloads] (SAFE): The skill references the
@pubnub/chatpackage from npm, which is the official SDK for the described service.
Audit Metadata