solana
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a
justtask runner to automate development workflows. Commands likejust build,just codegen, andjust testare standard for compiling Rust programs, generating TypeScript bindings from IDLs, and running the test suite. - [EXTERNAL_DOWNLOADS]: The documentation provides links to official external resources for the Solana ecosystem, including Anchor, Metaplex Core, and Trident documentation. These links point to official domains (e.g., anchor-lang.com, solana.com, metaplex.com) to ensure developers have access to the latest verified documentation.
- [SECURITY_BEST_PRACTICES]: A significant portion of the skill is dedicated to security education. It explicitly details patterns for avoiding common Solana vulnerabilities such as missing signer/owner checks, integer overflows, and PDA seed collisions. It mandates the use of Anchor's built-in security features and checked arithmetic.
- [TESTING_GUIDANCE]: The skill integrates robust testing frameworks, including Vitest for unit/integration tests and Trident for property-based fuzzing. It provides detailed templates for time-travel testing and invariant validation, which are critical for financial applications on Solana.
Audit Metadata