Skills
skills/orcaqubits/agentic-commerce-skills-plugins/a2a-task-lifecycle/Gen Agent Trust Hub

a2a-task-lifecycle

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions require the agent to fetch external documentation from the web to guide code implementation. This introduces a surface for indirect prompt injection, where malicious content on the targeted websites could potentially influence the agent's actions.
  • Ingestion points: The skill uses WebFetch to retrieve content from a2a-protocol.org and WebSearch to find examples on GitHub as specified in SKILL.md.
  • Boundary markers: There are no explicit instructions or delimiters used to separate the external content from the agent's core instructions.
  • Capability inventory: The agent has access to powerful tools including Bash, Write, and Edit, which could be targeted by an injection attack.
  • Sanitization: The skill does not implement any validation or sanitization logic for the data retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:09 AM