acp-delegated-payment
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill directs the agent to fetch documentation and API specifications from trusted official domains, specifically developers.openai.com and docs.stripe.com.
- [DATA_EXFILTRATION]: No patterns of unauthorized data exfiltration were found. The skill actively promotes secure payment handling by instructing the agent to never access raw cardholder data and instead use scoped, single-use tokens (SPT).
- [INDIRECT_PROMPT_INJECTION]: The skill includes an external data ingestion surface as it instructs the agent to retrieve specifications from the web (Ingestion points: developers.openai.com, docs.stripe.com). Although no explicit boundary markers or sanitization steps are provided, the risk is mitigated because the sources are well-known, authoritative documentation portals and the agent's capabilities (Write, Bash) are scoped to legitimate integration tasks.
- [PROMPT_INJECTION]: No evidence of behavioral overrides, safety bypass attempts, or malicious instructions was identified in the prompt or metadata.
Audit Metadata