a2a-authentication

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill provides architectural guidance for standard security implementations and does not contain any direct malicious instructions or safety bypasses.\n- [EXTERNAL_DOWNLOADS]: The skill retrieves documentation from a2a-protocol.org and references code samples from GitHub repositories to inform the implementation process.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from external sources, creating a surface for indirect prompt injection.\n
  • Ingestion points: Technical specifications from a2a-protocol.org and sample implementations from GitHub searches.\n
  • Boundary markers: None identified; instructions do not specify the use of delimiters for external content.\n
  • Capability inventory: The skill allows the use of Write, Edit, and Bash tools to implement logic based on fetched data.\n
  • Sanitization: No validation or sanitization requirements are provided for the content retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:09 AM
Security Audit — agent-trust-hub — a2a-authentication