billing-verification
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No prompt injection or behavior override patterns detected. The instructions follow natural language patterns for task execution.
- [DATA_EXFILTRATION]: No evidence of unauthorized data access or exfiltration. Network activity is limited to official vendor API calls and uses standard placeholder domains like 'example.com' for return URLs.
- [OBFUSCATION]: No obfuscated code, encoded strings, or hidden content detected.
- [REMOTE_CODE_EXECUTION]: No remote script downloads or dynamic code execution patterns found. The skill relies entirely on predefined vendor tools.
- [PRIVILEGE_ESCALATION]: The skill does not attempt to gain elevated system permissions or modify sensitive configuration files.
- [PERSISTENCE]: No mechanisms for establishing persistent access (such as cron jobs or shell profile modifications) are present.
- [DYNAMIC_EXECUTION]: No runtime code generation or unsafe deserialization techniques are used.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data retrieved from the Credyt API, such as product lists and customer details. This constitutes a standard data ingestion surface, but it is used appropriately for verification reporting and does not introduce unusual risks.
- [CREDENTIALS_UNSAFE]: No sensitive credentials or API keys are hardcoded. The skill references the public Stripe test card number (4242...) which is standard for simulated payment testing.
Audit Metadata