Skills
skills/keep-starknet-strange/starknet-agentic/cairo-testing/Gen Agent Trust Hub

cairo-testing

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [Data Exposure & Exfiltration] (LOW): The skill contains fork testing examples targeting 'starknet-mainnet.g.alchemy.com', which is a non-whitelisted domain for network operations. However, the risk is mitigated by the use of a placeholder ('YOUR_KEY') for the API credential.
  • [Command Execution] (LOW): The skill is configured to use the Bash tool to execute 'snforge' and 'scarb' commands. While these are legitimate development tools, the ability to execute shell commands always presents a baseline risk if the agent is prompted to run unverified test code.
  • [Indirect Prompt Injection] (LOW): The skill facilitates processing of local Cairo source code and test files through 'snforge'. Maliciously crafted source files or test outputs could potentially influence the agent's behavior during the testing workflow, though this is limited to the local environment.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 07:53 AM