validate-bsv-script
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill logic is transparent and focuses on parsing hexadecimal data for blockchain script analysis.
- [COMMAND_EXECUTION]: The skill invokes a local TypeScript script using
bun. The primary input argument,<script-hex>, is validated using a strict hexadecimal regular expression (/^[0-9a-fA-F]*$/), which prevents command injection or shell-based attacks. - [INDIRECT_PROMPT_INJECTION]: The skill acts as a parser for external blockchain data.
- Ingestion points: The
script-hexargument processed byscripts/validate.ts. - Boundary markers: Not explicitly defined in the skill documentation.
- Capability inventory: No network operations, file system writing, or sensitive data access capabilities are present.
- Sanitization: The input is strictly sanitized to ensure it only contains valid hexadecimal characters before being passed to the parser.
Audit Metadata