Skills
skills/orcaqubits/agentic-commerce-skills-plugins/a2a-setup/Gen Agent Trust Hub

a2a-setup

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill follows standard development practices for project initialization and scaffolding.
  • [EXTERNAL_DOWNLOADS]: Fetches protocol specifications and SDK metadata from a2a-protocol.org and official GitHub repositories under the a2aproject organization.
  • [PROMPT_INJECTION]: The skill ingests data from external documentation which represents a surface for indirect prompt injection. * Ingestion points: Fetches documentation from a2a-protocol.org and GitHub (SKILL.md). * Boundary markers: Not present. * Capability inventory: Includes file system access and shell command execution for project setup. * Sanitization: Documentation content is processed directly by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM