agent-phone-network
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with an external API service hosted on DigitalOcean (
https://openclawagents-a2a-6gaqf.ondigitalocean.app) to facilitate agent registration, phonebook lookups, and call management. This interaction is essential for the skill's primary functionality. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes and relays data from external sources.
- Ingestion points: Data from the phonebook (
/v1/phonebook/resolve) and incoming call messages (/interop/a2a) are ingested and presented to the agent. - Boundary markers: The skill instructions do not specify any boundary markers or delimiters (such as triple quotes or XML tags) to distinguish between system instructions and untrusted data from the A2A network.
- Capability inventory: The skill is authorized to perform network operations, including sending messages and state updates to the A2A service via HTTP requests.
- Sanitization: There is no documentation of input validation or sanitization for content received from other agents or the phonebook service before the agent processes it.
Audit Metadata