qedgen-auditor
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes qedgen CLI tools via the bash shell as specified in SKILL.md. These tools (qedgen probe, qedgen spec, qedgen check) are vendor-provided utilities used for the intended purpose of scanning and auditing Solana smart contracts. \n- [DATA_EXFILTRATION]: The skill reads local source code and metadata (e.g., Cargo.toml, Anchor.toml) using Read, Grep, and Glob tools. While it accesses sensitive program logic, the analysis and resulting reports are stored locally in the .qed/findings/ directory and are not transmitted to external network locations. \n- [PROMPT_INJECTION]: The skill processes untrusted Solana source code, which introduces an indirect prompt injection surface. \n
- Ingestion points: The agent reads program source files (Cargo.toml, Anchor.toml, *.rs) in SKILL.md. \n
- Boundary markers: Absent; the agent reads the code as raw text without special delimiters. \n
- Capability inventory: The agent can execute bash commands (qedgen) and write files locally (.qed/findings) as defined in SKILL.md. \n
- Sanitization: Absent; the skill does not specify any sanitization or filtering of the processed code files. \n- [SAFE]: The skill includes instructions for responsible disclosure and restricts the use of heavy external tools, showing a focus on security and privacy within the local development environment.
Audit Metadata