Skills
skills/orcaqubits/agentic-commerce-skills-plugins/ap2-setup/Gen Agent Trust Hub

ap2-setup

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches protocol documentation and sample project layouts from 'ap2-protocol.org' and 'github.com/google-agentic-commerce/AP2'.
  • [REMOTE_CODE_EXECUTION]: Installs the AP2 Python SDK directly from its GitHub repository via 'uv pip install git+https://github.com/google-agentic-commerce/AP2.git@main'.
  • [PROMPT_INJECTION]: Indirect Prompt Injection surface detected.
  • Ingestion points: Fetches live content from ap2-protocol.org and GitHub to guide scaffolding steps.
  • Boundary markers: Does not utilize delimiters or specific instructions to ignore embedded prompts in external data.
  • Capability inventory: Employs 'Bash', 'Write', and 'Edit' tools to generate project files and install software.
  • Sanitization: Fetched content is not validated or filtered before influencing agent actions.
  • [COMMAND_EXECUTION]: Executes shell commands to install dependencies and manages local environment configuration files like '.env'.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:09 AM