kora-client

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a comprehensive guide for integrating the @solana/kora library. It includes instructions for setting up a KoraClient, using composable plugins with @solana/kit, and handling gasless transaction flows.
  • [DATA_EXPOSURE]: The skill describes the use of sensitive components such as API keys, HMAC secrets, and Solana keypairs. These are used appropriately within the context of blockchain transaction signing and node authentication. Code snippets use placeholders for secrets, following security best practices.
  • [COMMAND_EXECUTION]: Documentation includes instructions for building, signing, and broadcasting transactions. These operations are part of the intended functionality of the Solana developer tools described and do not represent arbitrary command execution risks.
  • [EXTERNAL_DOWNLOADS]: The skill references official Solana and Kora documentation and suggests installing well-known, versioned packages from the npm registry, such as @solana/kora and @solana/kit.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 04:56 AM
Security Audit — agent-trust-hub — kora-client