ap2-cart-mandate
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches protocol specifications from ap2-protocol.org and searches for implementation samples within the google-agentic-commerce project on GitHub. These actions are aligned with the skill's stated purpose of implementing a specific commerce protocol.
- [COMMAND_EXECUTION]: The skill's allowed-tools list includes Bash, but the instructions do not contain any suspicious commands or attempts to execute untrusted code.
- [PROMPT_INJECTION]: Analyzed for potential indirect prompt injection as the skill processes merchant-provided transaction data. The ingestion points include merchant-signed offers and external documentation. While specific sanitization logic is not outlined in the conceptual guide, the structured JSON format of the Cart Mandate provides inherent boundaries for the data.
Audit Metadata