meshjs-cardano
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No malicious instructions detected. The 'Operating rules' provided in SKILL.md guide the agent toward safe blockchain practices without overriding system safety protocols.\n- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded secrets were found. The skill includes a mandatory safety rule: 'Never request seed phrases or private keys' and uses placeholders for API keys in documentation examples.\n- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard library dependencies (@meshsdk/core, @meshsdk/react) from the npm registry, which are appropriate for the skill's stated purpose.\n- [Indirect Prompt Injection] (SAFE): The skill's structure involves generating code from user requests. While this is a potential ingestion point, the skill provides specific operating rules and static templates that establish clear boundaries for the agent's output.
Audit Metadata