acp-extensions-authoring
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches protocol specifications from OpenAI's official developer portal and searches for reference material on GitHub.\n- [PROMPT_INJECTION]: Indirect Prompt Injection surface detected.\n
- Ingestion points: Instructions in SKILL.md guide the agent to fetch external RFCs and examples using WebFetch and WebSearch tools.\n
- Boundary markers: The skill does not define boundary markers or provide instructions to ignore embedded commands in the fetched data.\n
- Capability inventory: The agent has access to Bash, Write, and Edit tools as specified in the metadata of SKILL.md.\n
- Sanitization: There is no evidence of sanitization or validation logic for data retrieved from external sources.
Audit Metadata