Skills
skills/orcaqubits/agentic-commerce-skills-plugins/ucp-buyer-consent/Gen Agent Trust Hub

ucp-buyer-consent

Pass

Audited by Gen Agent Trust Hub on May 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by instructing the agent to fetch and follow external specifications.
  • Ingestion points: Data is ingested via WebFetch from https://ucp.dev/specification/buyer-consent/ and https://ucp.dev/specification/overview/ as defined in SKILL.md.
  • Boundary markers: The instructions lack explicit boundary markers or warnings to ignore potentially malicious instructions embedded in the fetched content.
  • Capability inventory: The agent is granted powerful capabilities including Bash, Write, and Edit in the YAML frontmatter, which could be exploited if the fetched content contains malicious instructions.
  • Sanitization: There is no mention of sanitization or validation of the content retrieved from the external URLs before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 21, 2026, 01:41 PM