token-antiflash
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to override system instructions or bypass safety filters were detected. The instructional language is professional and focused on smart contract design.
- [DATA_EXFILTRATION]: No network operations (curl, wget, etc.) or access to sensitive local files were found.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute external scripts or packages.
- [COMMAND_EXECUTION]: No shell command execution or dynamic context injection patterns (e.g., backticks with exclamation marks) are present.
- [OBFUSCATION]: The content is entirely in plain text with no hidden characters, Base64 encoding, or homoglyph substitutions.
- [DYNAMIC_EXECUTION]: There is no runtime code generation or unsafe deserialization. The skill acts as a documentation resource for the AI agent.
- [INDIRECT_PROMPT_INJECTION]: While the skill processes developer requirements to generate code, it employs a multi-step workflow with mandatory human confirmation (Assess -> Present -> Choose -> Confirm -> Implement), which mitigates the risk of automated malicious code generation.
Audit Metadata