pubnub/pubnub-security
Secure PubNub applications with Access Manager, encryption, and TLS
Does it follow best practices?
Evaluation — 95%
↑ 1.13xAgent success when using this tile
Validation for skill structure
Evaluation results
90%
PubNub Authentication Server for Healthcare Messaging
Server-side token authentication endpoint
Uses grantToken()
100%
100%
Secret Key server-only
100%
100%
Environment variables for keys
100%
100%
Server userId set
100%
100%
Returns token via setToken pattern
100%
100%
Short TTL for sensitive channels
0%
0%
Least privilege permissions
100%
100%
authorizedUUID set
100%
100%
Expiration in response
100%
100%
Error handling
100%
100%
Server-client separation
100%
100%
100%
26%PubNub Client Authentication Manager
Client-side token auth and error handling
Uses setToken()
0%
100%
No secretKey on client
100%
100%
PNAccessDeniedCategory handler
100%
100%
Re-auth on access denied
100%
100%
Proactive token refresh
100%
100%
Refresh buffer time
100%
100%
TLS not disabled
100%
100%
userId in config
50%
100%
Token update on refresh
0%
100%
Cleanup on destroy
100%
100%
Server-client separation
100%
100%
83%
Encrypted PubNub Messaging for a Financial Trading Platform
Encrypted messaging with cipher key management
Uses CryptoModule
0%
0%
crypto.randomBytes for key gen
100%
100%
32-byte key length
100%
100%
Separate keys per context
100%
100%
No encryption on public client
100%
100%
Channel names not encrypted
100%
100%
Message payload encrypted
100%
100%
Publisher UUID not encrypted
100%
100%
No secretKey in clients
100%
100%
TLS not disabled
100%
100%
userId set on all clients
100%
100%
Keys from env vars
0%
0%
100%
15%PubNub Access Control for a Multi-Tenant SaaS Platform
Role-based channel access architecture
Uses grantToken()
100%
100%
Pattern-based grants
70%
100%
Channel naming with prefixes
50%
100%
Tenant isolation in channels
100%
100%
Least privilege - guest
100%
100%
Least privilege - escalation
100%
100%
Uses revokeToken()
100%
100%
Server secretKey from env
0%
100%
Server userId identifier
100%
100%
authorizedUUID in grant
100%
100%
TTL specified
100%
100%
Fine-grained permissions
100%
100%
100%
11%Secure Document Sharing System with PubNub
Secure file sharing with token lifecycle
Pre-send file encryption
100%
100%
Client-side decryption
100%
100%
Uses revokeToken()
100%
100%
Revocation delay noted
70%
100%
Uses parseToken()
100%
100%
Uses grantToken()
100%
100%
Server-client separation
100%
100%
Short TTL for sensitive data
0%
100%
No secretKey on client
100%
100%
TLS not disabled
100%
100%
Error handling
100%
100%
Env vars for keys
100%
100%
Install with Tessl CLI
npx tessl i pubnub/pubnub-security- Evaluated
- Agent
- Claude Code