acp-extensions-authoring

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches protocol specifications from OpenAI's official developer portal and searches for reference material on GitHub.\n- [PROMPT_INJECTION]: Indirect Prompt Injection surface detected.\n
  • Ingestion points: Instructions in SKILL.md guide the agent to fetch external RFCs and examples using WebFetch and WebSearch tools.\n
  • Boundary markers: The skill does not define boundary markers or provide instructions to ignore embedded commands in the fetched data.\n
  • Capability inventory: The agent has access to Bash, Write, and Edit tools as specified in the metadata of SKILL.md.\n
  • Sanitization: There is no evidence of sanitization or validation logic for data retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:32 AM
Security Audit — agent-trust-hub — acp-extensions-authoring