acp-extensions-authoring
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements a workflow for authoring protocol extensions that involves retrieving documentation from external sources.
- Ingestion points: The agent is instructed in SKILL.md to fetch documentation via WebSearch and WebFetch from GitHub repositories and the OpenAI developer site.
- Boundary markers: Absent. There are no instructions to differentiate between the agent's core instructions and data found in external documents.
- Capability inventory: The workflow involves processing the retrieved data using tools including Bash, Write, and Edit.
- Sanitization: Absent. The skill does not describe any methods for validating or escaping external data before it is incorporated into the authoring process.
Audit Metadata