websockets
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by demonstrating the processing of data from WebSocket clients.
- Ingestion points: Untrusted data enters the application through the
@MessageBody()decorator in Gateway methods withinSKILL.md. - Boundary markers: The provided example implementations do not include delimiters or boundary markers to separate untrusted data from instructions.
- Capability inventory: The code snippets show basic event handling and broadcasting but do not implement dangerous capabilities such as shell execution or file system operations.
- Sanitization: No data sanitization or validation logic is present in the connectivity-focused examples.
- [SAFE]: The documentation includes WebSocket configuration examples using a CORS wildcard (
origin: '*'). This is a best practice violation for production environments as it allows connections from any origin, but it is a standard pattern for educational templates to ensure connectivity works during initial development.
Audit Metadata