acp-delegated-payment

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill directs the agent to fetch documentation and API specifications from trusted official domains, specifically developers.openai.com and docs.stripe.com.
  • [DATA_EXFILTRATION]: No patterns of unauthorized data exfiltration were found. The skill actively promotes secure payment handling by instructing the agent to never access raw cardholder data and instead use scoped, single-use tokens (SPT).
  • [INDIRECT_PROMPT_INJECTION]: The skill includes an external data ingestion surface as it instructs the agent to retrieve specifications from the web (Ingestion points: developers.openai.com, docs.stripe.com). Although no explicit boundary markers or sanitization steps are provided, the risk is mitigated because the sources are well-known, authoritative documentation portals and the agent's capabilities (Write, Bash) are scoped to legitimate integration tasks.
  • [PROMPT_INJECTION]: No evidence of behavioral overrides, safety bypass attempts, or malicious instructions was identified in the prompt or metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:09 AM
Security Audit — agent-trust-hub — acp-delegated-payment