realtime-systems
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides secure architectural guidance for building real-time applications. It includes specific rules to prevent unauthorized data access between tenants.
- [SAFE]: Code examples demonstrate industry-standard security practices, such as verifying JWT tokens for WebSocket connections and using session-based authentication for SSE rather than trusting client-provided identifiers.
- [SAFE]: Explicitly identifies security anti-patterns, such as obtaining franchise IDs from client messages, which prevents tenant spoofing vulnerabilities.
- [SAFE]: Provides a security checklist for implementation, covering authentication, rate limiting, and heartbeats to maintain connection integrity.
Audit Metadata