Skills
skills/rexedge/paystack/paystack-transfers/Gen Agent Trust Hub

paystack-transfers

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through user-controlled input fields used in financial transactions. While standard for API wrappers, these inputs could be used to embed instructions that affect downstream systems or agents processing the transaction history.\n
  • Ingestion points: The skill accepts untrusted data via the amount, recipient, reference, and reason parameters within the POST /transfer and POST /transfer/bulk operations described in SKILL.md.\n
  • Boundary markers: The provided code examples do not implement boundary markers or specific instructions to the agent to disregard embedded commands in these data fields.\n
  • Capability inventory: The skill provides high-privilege capabilities, specifically the ability to initiate and finalize money transfers from the user's Paystack balance via the paystackRequest helper.\n
  • Sanitization: While encodeURIComponent is used to sanitize parameters in GET request URLs, no sanitization or validation logic is demonstrated for the strings included in POST request bodies.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 06:29 AM