func2tolk

Warn

Audited by Snyk on May 11, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's required workflow and non‑negotiable rules explicitly direct the agent to consult and use external public resources (e.g., https://github.com/ton-blockchain/acton-contracts and https://docs.ton.org/languages/tolk/idioms-conventions and original FunC GitHub sources) as the authoritative style/oracle and behavioral baseline, meaning the agent is expected to fetch/read untrusted, user‑generated web content that can materially influence porting decisions and tool use.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is specifically about porting and working with TON blockchain smart contracts (wallets, jettons/tokens, multisig, deploys). It includes explicit crypto/blockchain actions: building and sending messages (createMessage(...).send(...)), handling bounced messages to restore balances, testing with funded emulated accounts (net.treasury), and broadcasting deployment scripts to testnet/mainnet (acton script ... --broadcast --net testnet|mainnet). These are concrete blockchain wallet/transaction operations, not generic tooling, so it grants direct crypto/financial execution capability.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 11, 2026, 01:09 PM
Issues
2
Security Audit — snyk — func2tolk