ucp-schema-authoring

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch documentation and reference schemas from ucp.dev. These downloads are from the official domain associated with the skill's primary purpose and are necessary for the authoring task.
  • [PROMPT_INJECTION]: The skill includes instructions to ingest external protocol documentation from ucp.dev via WebFetch. While this creates a surface for indirect prompt injection, it is restricted to official documentation sources.
  • Ingestion points: WebFetch calls to ucp.dev (SKILL.md)
  • Boundary markers: None specified for the external content ingestion
  • Capability inventory: Read, Write, Edit, Bash, WebSearch, WebFetch (SKILL.md)
  • Sanitization: None specified for the reference data
  • [DATA_EXFILTRATION]: No unauthorized data transmission or sensitive file access patterns were detected. There are no hardcoded credentials or access to environment variables.
  • [SAFE]: All tools, external references, and instructions are consistent with the stated intent of authoring commerce protocol schemas.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:09 AM
Security Audit — agent-trust-hub — ucp-schema-authoring