Ucp Ap2 Mandates
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: ucp-ap2-mandates Version: 1.0.0 The skill bundle (ucp-ap2-mandates) contains instructions in SKILL.md directing the AI agent to fetch and implement complex cryptographic payment logic from external domains (ucp.dev, ap2-protocol.org) and GitHub. While the stated purpose of autonomous agent commerce is consistent, the instruction to retrieve and follow unverified external specifications constitutes a risky capability (network access and external instruction fetching) that could be leveraged for remote prompt injection or the delivery of malicious payloads, fitting the criteria for suspicious behavior without clear evidence of malice.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An implementation based on this skill could allow an agent to complete purchases without asking the user each time, depending on the mandate limits.
The skill is explicitly about delegated payment authority. This is purpose-aligned and disclosed, but it is high-impact because an implementation could let an agent complete purchases within preauthorized limits.
AP2 ... enables **fully autonomous agent commerce** — the agent can authorize payments cryptographically without requiring real-time human approval for each transaction. The user pre-authorizes spending parameters
Use only with explicit spending caps, short expiration windows, merchant and PSP verification, audit logs, and clear user approval when creating or changing mandates.
The agent may rely on changing external protocol documents or tests while building an implementation.
The implementation guidance depends on live external documentation and a GitHub conformance suite. This is expected for a protocol implementation guide, but external content can change and should not be blindly trusted or executed.
Fetch live spec: ... Fetch https://ucp.dev/2026-01-23/documentation/ucp-and-ap2/ ... Web-search `site:ap2-protocol.org` ... Check the conformance test suite: https://github.com/Universal-Commerce-Protocol/conformance
Verify domains and repository authenticity, pin spec versions or commit hashes where possible, and review any external test or example code before running it.