Skills
skills/yonatangross/orchestkit/streaming-api-patterns/Gen Agent Trust Hub

streaming-api-patterns

Warn

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • DATA_EXFILTRATION (LOW): The error handling logic in sse-endpoint-template.ts transmits error.message directly to the client. This can lead to information disclosure of internal system paths, configuration, or logic.
  • PROMPT_INJECTION (MEDIUM): The template facilitates the processing and streaming of data from untrusted external sources without implementing sanitization or boundary markers. Ingestion points: fetchDataSource function in sse-endpoint-template.ts. Boundary markers: Absent in message formatting. Capability inventory: Continuous data streaming to external or internal consumers. Sanitization: None. This identifies a Tier MEDIUM vulnerability surface for Indirect Prompt Injection.
  • DATA_EXFILTRATION (LOW): The StreamClient.connect method takes a URL without validation. An attacker providing a malicious URL could potentially perform SSRF or exfiltrate data if the agent attempts to connect to the provided endpoint.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 10:00 PM