zk-nullifier
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical resource for implementing ZK nullifiers. All external links point to official vendor repositories on GitHub (e.g., github.com/Lightprotocol/*) or well-known development resources (docs.rs, npmjs.com), which are considered trusted sources.
- [EXTERNAL_DOWNLOADS]: The skill references several SDKs including
@lightprotocol/stateless.jsand@lightprotocol/nullifier-program. These are official vendor-distributed packages used for their intended purpose in the provided code examples. - [COMMAND_EXECUTION]: The documentation includes standard development and testing commands such as
cargo test-sbf,npm run test:ts, andlight test-validator. These are conventional tools for Solana and ZK development and do not demonstrate malicious intent. - [INDIRECT_PROMPT_INJECTION]: The skill describes a workflow that ingests user questions and external documentation through tools like
Read,Grep, andDeepWiki MCP. While this creates a surface for processing untrusted data, the context is limited to developer assistance and lacks specific exploitable capability chains within the skill's static instructions.
Audit Metadata