web3-expert
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to review and refactor code, which acts as an ingestion point for untrusted external data. Because the skill has access to sensitive tools (Bash, Write, Edit), it is theoretically vulnerable if the reviewed code contains malicious instructions that the agent might inadvertently follow.
- Ingestion points: The skill accepts code for review from user queries as described in
SKILL.md. - Boundary markers: There are no explicit instructions or delimiters used to ensure the agent distinguishes between the code being reviewed and the instructions it should follow.
- Capability inventory: The skill utilizes powerful tools including
Bash,Write,Edit,Grep, andGlobas listed in theSKILL.mdfrontmatter. - Sanitization: No input validation or sanitization mechanisms are implemented to filter out embedded instructions in the code being analyzed.
Audit Metadata