security-audit
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains instructions to guide the agent's behavior during a security audit. It uses strong directives such as ALWAYS and NEVER to ensure audit rigor and safety. These are constructive instructions rather than malicious overrides or bypasses.
- [DATA_EXFILTRATION]: The skill includes explicit defensive instructions to prevent accidental data exposure, specifically directing the agent to NEVER read ~/.aptos/config.yaml or .env files which may contain private keys. No data exfiltration patterns were found.
- [COMMAND_EXECUTION]: The skill references standard Aptos CLI commands like aptos move test and aptos move compile for smart contract verification. These tools are used appropriately for the skill's stated purpose of auditing code.
- [SAFE]: The skill demonstrates security best practices by providing a structured audit checklist and explicitly forbidding the agent from accessing sensitive configuration files. It also references official Aptos documentation.
Audit Metadata