azure-messaging-webpubsubservice-py
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing azure-messaging-webpubsubservice and azure-messaging-webpubsubclient via pip. These are well-known official packages maintained by Microsoft for the Azure Web PubSub service.
- [CREDENTIALS_UNSAFE]: The documentation mentions connection strings and access keys using clear placeholders. It appropriately demonstrates the use of environment variables and Azure Identity's DefaultAzureCredential for secure credential management.
- [PROMPT_INJECTION]: The skill facilitates the transmission of arbitrary message data, creating a surface for indirect prompt injection. 1. Ingestion points: Message parameters in send_to_all, send_to_user, and send_to_group methods. 2. Boundary markers: None explicitly defined in the provided snippets. 3. Capability inventory: Network-based real-time messaging and client management via the Azure Web PubSub API. 4. Sanitization: Not present in the basic implementation examples provided.
Audit Metadata