ap2-vdc-framework

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches documentation from ap2-protocol.org to gather technical specifications for the VDC framework.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it retrieves and processes external documentation and search results. * Ingestion points: Data retrieved via WebFetch from ap2-protocol.org and WebSearch results. * Boundary markers: No instructions are provided to delimit external content from the system context. * Capability inventory: The skill has access to Bash, Write, Edit, and WebFetch tools. * Sanitization: No instructions are provided for sanitizing or validating retrieved data.
  • [NO_CODE]: The skill consists only of markdown instructions and does not include any executable scripts, binaries, or automated installation steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:32 AM
Security Audit — agent-trust-hub — ap2-vdc-framework