audit
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches markdown-based audit checklists and routing tables from the author's GitHub repository (austintgriffith/evm-audit-skills). These are required for the tool's primary purpose of providing domain-specific security guidance and are treated as trusted vendor resources.
- [PROMPT_INJECTION]: The skill exhibits an indirect injection surface because it is designed to ingest and analyze untrusted third-party smart contract code. * Ingestion points: External GitHub contract files and checklist references. * Boundary markers: None explicitly defined in the top-level orchestration. * Capability inventory: Reading local/remote files, spawning parallel agents, and creating GitHub issues. * Sanitization: No specific filtering or escaping is applied to the contract source before processing, which is standard for audit tools. The risk is minimized by the analytical nature of the task.
Audit Metadata