shield
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill processes untrusted input in the form of code snippets and blockchain addresses. While this constitutes an ingestion surface, it is necessary for the skill's primary purpose as a security scanner. Ingestion points: The 'code' parameter in handleScan and 'address' parameter in handleCheck (index.ts) ingest untrusted data. Boundary markers: No delimiters or safety warnings are present in the prompt interpolation. Capability inventory: The skill is restricted to information retrieval and display; no file system or network-access capabilities are used in the main logic. Sanitization: No input sanitization is performed, as the scanner is designed to analyze raw data.
Audit Metadata