solana-kit
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of markdown documentation and code examples for developers and AI agents. No executable scripts or malicious instructions were found within the files.
- [EXTERNAL_DOWNLOADS]: The skill references official Solana and community resources such as 'github.com/anza-xyz/kit' and 'github.com/solana-program/*'. These are well-known technology repositories and are considered safe according to the trusted scope rules.
- [DATA_EXPOSURE_&_EXFILTRATION]: While the documentation includes examples for accessing local sensitive paths like '~/.config/solana/id.json', these are provided as standard instructional content for legitimate keypair management. There is no evidence of commands or scripts designed to exfiltrate this data to external servers.
- [PROMPT_INJECTION]: No attempts to override agent behavior, bypass safety filters, or extract system prompts were detected in the instructional content.
- [INDIRECT_PROMPT_INJECTION]: The skill documents methods for handling untrusted data from the Solana blockchain. It mitigates risk by emphasizing the use of structured codecs, type-safe program clients, and validation helpers (e.g., 'isAddress', 'isSolanaError') to ensure data integrity during processing.
Audit Metadata