dojo-system
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): Indirect Prompt Injection Surface. The skill ingests untrusted user descriptions to generate functional Cairo smart contract code.
- Ingestion points: User-provided inputs in 'Interactive' and 'Direct' modes defined in
SKILL.md. - Boundary markers: Absent. The skill does not instruct the agent to use delimiters or ignore instructions embedded within user descriptions.
- Capability inventory: The skill uses
WriteandEdittools to persist generated logic to the filesystem. - Sanitization: Absent. There is no input validation or sanitization of user-provided natural language before it is used to generate code.
- [Data Exfiltration] (SAFE): No sensitive file access or network communication patterns detected. No hardcoded credentials were found.
- [Remote Code Execution] (SAFE): No remote code downloads or execution of untrusted scripts identified.
- [Obfuscation] (SAFE): No evidence of Base64, zero-width characters, or other obfuscation techniques found in the skill content.
- [Privilege Escalation] (SAFE): No commands related to privilege escalation (e.g., sudo, chmod) were detected.
Audit Metadata