func2tolk
Warn
Audited by Snyk on May 11, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's required workflow and non‑negotiable rules explicitly direct the agent to consult and use external public resources (e.g., https://github.com/ton-blockchain/acton-contracts and https://docs.ton.org/languages/tolk/idioms-conventions and original FunC GitHub sources) as the authoritative style/oracle and behavioral baseline, meaning the agent is expected to fetch/read untrusted, user‑generated web content that can materially influence porting decisions and tool use.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is specifically about porting and working with TON blockchain smart contracts (wallets, jettons/tokens, multisig, deploys). It includes explicit crypto/blockchain actions: building and sending messages (createMessage(...).send(...)), handling bounced messages to restore balances, testing with funded emulated accounts (net.treasury), and broadcasting deployment scripts to testnet/mainnet (acton script ... --broadcast --net testnet|mainnet). These are concrete blockchain wallet/transaction operations, not generic tooling, so it grants direct crypto/financial execution capability.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata