payment-integration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to bypass safety filters or override agent constraints were found.
- [Data Exposure & Exfiltration] (SAFE): No sensitive credentials, private keys, or file paths were identified. The skill explicitly instructs the agent never to log sensitive card data.
- [Unverifiable Dependencies] (SAFE): The skill does not perform any external downloads or install unverifiable packages; it recommends using official SDKs.
- [Indirect Prompt Injection] (SAFE): While the skill processes external data via webhooks, it includes comprehensive security checklists and instructions for PCI compliance to mitigate ingestion risks.
Audit Metadata