mpp
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation for an open payment protocol and its associated SDKs. No malicious code or patterns were detected.
- [EXTERNAL_DOWNLOADS]: The skill references several software packages (mppx, pympp, mpp, viem, stripe) necessary for its primary function. These are standard dependencies for payment and blockchain development.
- [DATA_EXFILTRATION]: The instructions and examples handle sensitive data such as private keys and API secrets using secure patterns like environment variables and platform-native secret management (keychains).
- [PROMPT_INJECTION]: The skill handles external data from HTTP headers and MCP metadata, which represents a potential surface for indirect prompt injection. However, no malicious intent or exploitable patterns were found, and the protocol includes cryptographic integrity checks (HMAC) for challenges.
Audit Metadata