svm
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses MCP tools to retrieve content from the Helius blog, Solana documentation, and GitHub source code repositories. These are trusted sources relevant to the skill's educational purpose.
- [COMMAND_EXECUTION]: The provided
install.shscript performs standard file management operations to install the skill locally. These actions are limited to copying files to the user's Claude skills directory. - [PROMPT_INJECTION]: The skill is designed to ingest and synthesize data from external sources. While this facilitates access to up-to-date information, it introduces a surface for indirect prompt injection. 1. Ingestion points:
SKILL.md(utilizing tools such asfetchHeliusBlogandreadSolanaSourceFile). 2. Boundary markers: Not present in the current prompt configuration. 3. Capability inventory: Restricted to information retrieval and synthesis; the skill is explicitly instructed not to perform file writes. 4. Sanitization: No explicit validation or filtering of external content is defined.
Audit Metadata