Skills
skills/gmh5225/awesome-web3-security/solana-security/Gen Agent Trust Hub

solana-security

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill directs the agent to fetch a README file from a non-whitelisted GitHub repository (gmh5225/awesome-web3-security). While the content is a document, it is not from a trusted source organization defined in the security policy.
  • [PROMPT_INJECTION] (LOW): Potential for Indirect Prompt Injection (Category 8). The skill ingests untrusted data from an external URL to be processed by the agent.
  • Ingestion point: SKILL.md instructs the agent to fetch content from https://raw.githubusercontent.com/gmh5225/awesome-web3-security/refs/heads/main/README.md.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are present in the skill definition.
  • Capability inventory: While no specific scripts are provided in this file, the agent's general toolset is exposed to the content of the fetched README.
  • Sanitization: No sanitization or validation logic is defined for the external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 07:20 AM