a2a-sdk
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill references and requires the installation of several Node.js packages including @a2a-js/sdk, express, and uuid. While these are necessary for the skill's functionality, they are external dependencies.\n- PROMPT_INJECTION (LOW): The server templates (basic-server.ts, task-server.ts) provide an interface that processes untrusted data from user messages, which is a surface for indirect prompt injection.\n
- Ingestion points: requestContext.userMessage in templates/server/basic-server.ts and templates/server/task-server.ts.\n
- Boundary markers: Absent; the code extracts text parts directly from the user message without delimiters.\n
- Capability inventory: The templates are limited to returning messages and generating artifacts; no dangerous capabilities like shell execution or file system modification are included in the boilerplate.\n
- Sanitization: No sanitization or filtering of the input text is performed before it is used to construct the response message or artifacts.
Audit Metadata