qa
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run various local commands including grep, bash, vercel, yarn, and forge. These tools are used to search project files for patterns, check environment variable status, and verify contract deployments. While these are standard developer utilities, the agent should be restricted to the local project environment when executing them.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it requires the agent to read and process untrusted source code from the dApp being audited.
- Ingestion points: The agent reads source code from the packages/nextjs and contracts directories.
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious instructions embedded within the code being reviewed.
- Capability inventory: The agent is granted the ability to execute shell commands (grep, bash) and interaction tools (yarn, forge, vercel) based on the audit results.
- Sanitization: No sanitization or validation of the ingested code content is performed before the agent acts upon it.
Audit Metadata