ucp-discount

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses the WebFetch tool to retrieve implementation specifications from the ucp.dev domain. This is performed to ensure the agent uses the most current discount schema, allocation models, and error codes during the implementation process.
  • [PROMPT_INJECTION]: The skill directs the agent to ingest external data via WebFetch and WebSearch and use it to perform high-privilege actions like writing code or executing terminal commands. This establishes an indirect prompt injection surface.
  • Ingestion points: Content retrieved from ucp.dev via the WebFetch tool.
  • Boundary markers: No specific delimiters or safety instructions are provided to help the agent distinguish the fetched specification from potentially malicious embedded instructions.
  • Capability inventory: The skill permits the use of Bash, Write, Edit, WebSearch, and WebFetch tools.
  • Sanitization: No sanitization or validation logic is defined for the content fetched from the external source before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill enables the use of the Bash tool, allowing the agent to execute shell commands. This capability is granted to facilitate the implementation of the logic defined in the external specification retrieved at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 07:32 AM
Security Audit — agent-trust-hub — ucp-discount