contract
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, such as obfuscation, hardcoded credentials, or unauthorized persistence, were found. The skill operates within its declared scope of blockchain interaction.
- [COMMAND_EXECUTION]: The skill broadcasts transactions and calls functions on the Stacks blockchain, which is the primary intended functionality.
- [DATA_EXFILTRATION]: The
deploycommand reads local files from user-specified paths usingBun.file().text()and broadcasts the contents on-chain. This is a functional requirement for contract deployment but constitutes a data ingestion and transmission path. - [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection by ingesting file contents and JSON arguments.
- Ingestion points: Contract source files in
contract.tsvia the--sourceargument. - Boundary markers: None; file contents are read directly into the transaction body.
- Capability inventory: Subprocess execution for transaction broadcasting and file system access for reading contract code.
- Sanitization: Contract names are validated via regex, and arguments are parsed using standard JSON utilities.
Audit Metadata