Skills
skills/moonpay/skills/moonpay-commerce/Gen Agent Trust Hub

moonpay-commerce

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill leverages the mp CLI tool to execute store listing, product search, and cart management functions.
  • [DATA_EXFILTRATION]: The checkout command processes sensitive personally identifiable information (PII), including name, email, and physical address, which is necessary for order fulfillment by the vendor.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and displays product descriptions from external Shopify stores. Evidence Chain: 1. Ingestion points: Product titles and descriptions fetched during product search and retrieve commands (SKILL.md). 2. Boundary markers: No specific delimiters or safety instructions are defined for the fetched content. 3. Capability inventory: Use of the mp CLI tool for transactions and data display. 4. Sanitization: No sanitization or filtering of external store content is mentioned in the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 10:25 PM