testing
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the
photontool directly from the official Light Protocol GitHub repository usingcargo install. This is a standard procedure for installing the protocol's developer tooling. - [COMMAND_EXECUTION]: Documentation includes commands for starting a local test validator (
light test-validator) and running Rust-based smart contract tests (cargo test-sbf). These are legitimate developer operations for the stated purpose of the skill. - [PROMPT_INJECTION]: The skill's workflow utilizes subagents with file-reading capabilities (
Read,Glob,Grep). While this creates a surface for indirect prompt injection from processed files, the implementation follows standard agentic patterns for research tasks and does not involve unsafe interpolation of untrusted data into critical system prompts.
Audit Metadata