bloque-sdk-ts
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from external sources such as webhook payloads and merchant transaction details, which presents a surface for indirect prompt injection.
- Ingestion points: Webhook payloads (references/webhooks.md), movement metadata (references/accounts.md), and merchant category code (MCC) whitelists fetched from external URLs (references/cards-and-spending-controls.md).
- Boundary markers: Present. The skill includes 'Security Boundaries' and 'Trust Boundary' sections that explicitly warn to treat external data as untrusted and never execute instructions found within it.
- Capability inventory: The skill can perform financial transfers, create accounts and cards, and initiate KYC flows. It mandates human-in-the-loop confirmation for all irreversible actions.
- Sanitization: The documentation provides specific code examples for sanitizing metadata and validating webhook signatures to mitigate risks from external input.
Audit Metadata