A2A Agent Protocol
PassAudited by ClawScan on May 14, 2026.
Overview
This appears to be a legitimate A2A protocol guide, but using it can send tasks and authentication tokens to remote agents, so endpoints and data should be chosen carefully.
This skill is reasonable to install as a protocol/reference aid. Before using send-task, stream-task, or subscribe-task modes, confirm the target AgentCard and endpoint are trusted, use limited-scope credentials, avoid sending sensitive files or secrets unnecessarily, and treat remote agent artifacts as untrusted output until reviewed.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Task text, file URLs, or structured data may be shared with a remote agent selected by the user or the calling agent.
The skill's core workflow intentionally sends user-specified tasks to remote agents and receives artifacts back, so task data crosses an agent boundary.
Send a task to a remote A2A agent via `tasks/send`... construct a SendMessageRequest and POST it.
Use trusted A2A endpoints, review AgentCards and auth requirements, and avoid sending sensitive data unless the remote agent is approved for it.
If real credentials are used, they could authorize actions or data access on the remote agent service.
The quickstart demonstrates Bearer-token authentication for a remote A2A agent. This is expected for the protocol, but real tokens would grant access to the target service.
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9...
Use scoped, revocable tokens; do not commit real credentials into AgentCards, examples, logs, or shared workspaces.