in-app-notifications-fullstack
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of a markdown-based architectural guide and code templates for educational purposes. It does not include executable scripts or instructions designed to compromise the agent or user environment.
- [DATA_EXPOSURE]: The implementation patterns correctly identify and mitigate authorization risks. Specifically, the backend examples demonstrate using a
userIdguard in database update queries to prevent Insecure Direct Object Reference (IDOR) attacks. - [INDIRECT_PROMPT_INJECTION]: The skill describes a system that handles external data (notification titles and bodies), which represents a potential injection surface if an AI agent later processes this content.
- Ingestion points: Database 'notifications' table populated via the 'createNotification' function.
- Boundary markers: Absent in the provided code templates.
- Capability inventory: The system allows for database writes, SSE real-time delivery, and persistent storage of user-facing messages.
- Sanitization: The provided templates do not explicitly include sanitization logic for notification content, which is a relevant consideration for developers implementing the guide.
Audit Metadata