masumi
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install the Masumi Payment Service and associated SDKs from official vendor-controlled repositories (github.com/masumi-network). These are considered trusted resources within the scope of this author's vendor infrastructure.
- [PROMPT_INJECTION]: The skill implements the MIP-003 Agentic Service API, which is designed to accept and process external user data, inherently creating a surface for indirect prompt injection.
- Ingestion points: Untrusted data enters the agent context via the 'input_data' field in the 'POST /start_job' endpoint, as documented in 'references/agentic-services.md'.
- Boundary markers: The skill relies on structured JSON for data transport but does not provide specific natural language boundary delimiters in its prompt-building examples.
- Capability inventory: Agents built using these instructions have capabilities including blockchain interaction (escrow/payments), file hashing, and external network communication via the Masumi Payment Service.
- Sanitization: The protocol strongly encourages sanitization through JSON Schema validation via the '/input_schema' endpoint and provides a cryptographic 'Decision Logging' (MIP-004) standard to verify job outputs against inputs.
Audit Metadata