b2a-agents
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The code template references external Node.js packages including @lucid-agents/core, @lucid-agents/http, @lucid-agents/hono, @lucid-agents/payments, and zod.
- [DATA_EXFILTRATION]: The template includes network operations via the fetch API to external domains (api.example.com) to retrieve data.
- [PROMPT_INJECTION]: The skill architecture designs agents that ingest and process data from external sources, presenting a surface for indirect prompt injection.
- Ingestion points: External data retrieved via fetch in the 'lookup' and 'aggregate' handlers in SKILL.md.
- Boundary markers: None present; the template does not use delimiters to isolate external API content from agent instructions.
- Capability inventory: Network access (fetch), potential payment processing via @lucid-agents/payments.
- Sanitization: Input parameters are validated with Zod, but the payload received from external APIs is returned to the agent context without further sanitization or escaping.
Audit Metadata