WebSocket Security (WS)

Analyze WebSocket implementations for security vulnerabilities including missing authentication on the upgrade handshake, no origin validation (Cross-Site WebSocket Hijacking), absence of message validation, missing rate limiting on messages, and use of unencrypted ws:// in production. WebSocket connections are long-lived and bidirectional, making them a persistent attack channel when not properly secured.

Supported Flags

Read ../../shared/schemas/flags.md for the full flag specification. This skill supports all cross-cutting flags. Key flags for this skill:

• --scope determines which files to analyze (default: changed)
• --depth standard reads code and checks WebSocket handlers and configuration
• --depth deep traces message handling from connection through all event handlers
• --severity filters output (WebSocket issues are often high or critical)