accept-agent-payments

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses Bash for version discovery and documentation retrieval. It features a comprehensive 'Command Safety' section that requires the agent to validate all variables against a character blacklist (semicolons, pipes, backticks, etc.) and regex patterns before execution.\n- [PROMPT_INJECTION]: Instructions include specific protections against indirect prompt injection, directing the agent to treat all data from external endpoints and documentation as untrusted and prohibiting the agent from following directions found within that content.\n- [EXTERNAL_DOWNLOADS]: Retrieves configuration and technical documentation from trusted vendor domains (developers.circle.com and agents.circle.com) for informational purposes.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 09:46 PM
Security Audit — agent-trust-hub — accept-agent-payments