bridge
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- SAFE (SAFE): No malicious behaviors, obfuscation, or unauthorized commands were detected. The file acts as an API reference for legitimate crypto bridging protocols.
- [Data Exposure & Exfiltration] (SAFE): The skill correctly uses environment variable references (SOLANA_PRIVATE_KEY, EVM_PRIVATE_KEY) for sensitive private keys, which is the recommended practice for preventing credential exposure.
- [Indirect Prompt Injection] (LOW): The skill provides a surface for processing untrusted user data such as wallet addresses and transaction hashes for financial operations. While this is inherent to its primary purpose, it requires robust downstream validation.
- Ingestion points: User-provided arguments for destination addresses and transaction hashes in SKILL.md.
- Boundary markers: Not defined in the documentation body.
- Capability inventory: Execution of cross-chain token transfers and redemptions.
- Sanitization: Implementation details are not available in this documentation-only file.
Audit Metadata