websocket-implementation
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The WebSocket server and client templates for Node.js, aiohttp, and FastAPI ingest untrusted message content and broadcast it to other clients without sanitization or validation. This establishes an indirect prompt injection surface.
- Ingestion points: WebSocket message event listeners in SKILL.md (lines 43-49) and references/python-websocket.md (lines 75-86 and 140-145).
- Boundary markers: Absent. The code does not use delimiters or warnings to isolate untrusted user content within broadcasts.
- Capability inventory: The skill is designed to distribute received data to multiple rooms and users, potentially facilitating the spread of malicious instructions.
- Sanitization: Absent. The implementation does not demonstrate input filtering or output encoding for the message payload.
Audit Metadata