solidity-guide
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts. The content is strictly focused on Solidity development.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network exfiltration patterns detected. The skill provides code examples and documentation without accessing user data.
- Obfuscation (SAFE): The content is clear markdown with standard Solidity and Shell code blocks. No Base64, zero-width characters, or hidden encoding identified.
- Unverifiable Dependencies & Remote Code Execution (SAFE): While the skill mentions tools like Foundry (forge), Slither, and Mythril, these are provided as informational commands for the user to execute manually. There are no automated installation scripts or remote execution patterns like
curl | bash. - Privilege Escalation & Persistence (SAFE): No commands for escalating privileges (e.g., sudo) or establishing persistence (e.g., cron jobs, startup scripts) are present.
- Indirect Prompt Injection (LOW): The skill is intended to process user-provided Solidity files. While this is an ingestion surface, the skill lacks the automated capabilities (like network or file-write operations) required to weaponize an indirect injection. It acts as a set of static guidelines for the AI agent.
Audit Metadata