fusionauth-webhooks
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides logic to process untrusted data from FusionAuth webhook events, which creates a surface for Indirect Prompt Injection (IPI).
- Ingestion points: Webhook payload ingestion in
examples/express/src/index.js,examples/fastapi/main.py, andexamples/nextjs/app/webhooks/fusionauth/route.tsvia POST request bodies. - Boundary markers: The provided implementation does not include or suggest the use of delimiters (such as XML tags or triple quotes) to isolate the untrusted webhook data when it is presented to an AI agent.
- Capability inventory: The handler code is limited to logging and branching based on event types; however, an agent utilizing this skill may have broader capabilities (e.g., database access, tool execution) that could be targeted by instructions embedded in the webhook data.
- Sanitization: The skill performs JSON parsing but does not include sanitization or escaping for string fields within the payload to prevent them from being interpreted as instructions by an LLM.
Audit Metadata