interswitch-transactions
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration behaviors were detected.
- [DATA_EXFILTRATION]: The skill handles sensitive financial information, specifically customer PINs and IDs required for transaction processing. Security is maintained by using environment-defined endpoints and providing explicit developer guidance against logging sensitive data.
- [PROMPT_INJECTION]: The skill is designed to handle untrusted data from the agent context. Ingestion points: Transaction references and merchant codes in the getTransactionByReference and requeryTransaction functions. Boundary markers: None present in the provided snippet. Capability inventory: Network requests performed via fetch to endpoints defined by environment variables. Sanitization: Employs encodeURIComponent on dynamic URL parameters to prevent injection or manipulation of API requests.
Audit Metadata