stackspot
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The stackspot/stackspot.ts script performs blockchain transactions with PostConditionMode.Allow for join-pot, start-pot, claim-rewards, and cancel-pot commands. This mode bypasses Stacks post-conditions, a security feature that prevents contracts from transferring more assets than the user authorized.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it allows users to specify an arbitrary contract identifier via the --contract-name argument. * Ingestion points: --contract-name parameter in stackspot.ts. * Boundary markers: Absent; user input is directly parsed and used in contract calls. * Capability inventory: Contract call execution via callContract with permissive post-conditions. * Sanitization: None; the script does not validate that the provided contract name belongs to the expected deployer.
Audit Metadata