magicblock
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file path access (e.g., .ssh, .aws) were found. Network activity is limited to standard Solana and MagicBlock API endpoints.
- Obfuscation (SAFE): No Base64, zero-width characters, or homoglyph-based obfuscation techniques were identified.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references legitimate NPM and Cargo packages related to the MagicBlock ecosystem. No piped remote execution patterns (e.g., curl|bash) were detected.
- Privilege Escalation (SAFE): No commands requesting administrative privileges (sudo) or modifying system-level configurations were found.
- Persistence Mechanisms (SAFE): No attempts to create cron jobs, modify shell profiles, or establish startup services were detected.
- Metadata Poisoning (SAFE): The skill metadata correctly reflects its technical documentation purpose without deceptive instructions.
- Indirect Prompt Injection (SAFE): While the skill interacts with external blockchain data, it follows standard development patterns. Evidence Chain: 1. Ingestion: Transaction and account data. 2. Boundaries: Not specified in code snippets. 3. Capabilities: Transaction signing. 4. Sanitization: Managed by the Anchor framework and Solana runtime.
- Time-Delayed / Conditional Attacks (SAFE): No logic gating malicious behavior behind time or environment-specific conditions was found.
- Dynamic Execution (SAFE): No usage of unsafe eval(), exec(), or runtime code generation was detected.
Audit Metadata