paystack-disputes
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface
- Ingestion points: The skill retrieves external data such as dispute lists, dispute details, and transaction histories from the Paystack API (referenced in SKILL.md via endpoints like
/disputeand/dispute/:id). - Boundary markers: The skill does not implement delimiters or explicit instructions to ignore potentially malicious content embedded within the data retrieved from the API.
- Capability inventory: The skill has the capability to perform network operations (GET, PUT, POST) to the Paystack API, including updating dispute statuses and resolving chargebacks.
- Sanitization: No sanitization or validation logic is present for the data ingested from the external API before it is processed by the agent.
Audit Metadata