payment-integration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill identifies a data ingestion surface for processing external payment requirements.
- Ingestion points:
SKILL.mdspecifies querying a context manager for 'payment requirements' and 'business model' and reviewing 'existing payment flows'. - Boundary markers: The prompt lacks explicit delimiters or instructions to ignore embedded commands within the ingested requirement data.
- Capability inventory: The agent is granted access to high-privilege tools including
Bash,Write, and several financial platform tools (stripe,paypal,square,razorpay,braintree). - Sanitization: There are no instructions for validating, escaping, or sanitizing the data retrieved from external context providers before processing.
Audit Metadata