bloque-sdk-ts
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data from several sources, including webhook payloads, merchant information (name, MCC) in transaction movements, and remote MCC whitelists fetched from URLs. While the skill includes explicit security boundaries and provides code examples for sanitization and validation, the ingestion of this data into the agent's context constitutes an indirect prompt injection attack surface.
- Ingestion points:
references/webhooks.md(webhook payloads),references/accounts.md(movement metadata),references/cards-and-spending-controls.md(MCC whitelist URLs). - Boundary markers: Present in
SKILL.md,references/accounts.md, andreferences/webhooks.mdas "Security Boundaries" or "Trust Boundary" sections, which warn the developer to treat external data as untrusted. - Capability inventory: The SDK provides methods for financial operations such as
accounts.transfer,accounts.batchTransfer, and card management (create,freeze,updateControls). - Sanitization: The documentation provides explicit examples of sanitization logic (e.g.,
sanitizeMovementMetadatainreferences/accounts.md) and validation patterns (e.g.,isValidWebhookPayloadinreferences/webhooks.md) to mitigate risks.
Audit Metadata