ap2-vdc-framework
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches documentation from ap2-protocol.org to gather technical specifications for the VDC framework.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it retrieves and processes external documentation and search results. * Ingestion points: Data retrieved via WebFetch from ap2-protocol.org and WebSearch results. * Boundary markers: No instructions are provided to delimit external content from the system context. * Capability inventory: The skill has access to Bash, Write, Edit, and WebFetch tools. * Sanitization: No instructions are provided for sanitizing or validating retrieved data.
- [NO_CODE]: The skill consists only of markdown instructions and does not include any executable scripts, binaries, or automated installation steps.
Audit Metadata