The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/agent.py uses the subprocess module to execute slither and myth commands for contract analysis. This is standard behavior for security auditing tools and is performed using best practices for subprocess management.
[EXTERNAL_DOWNLOADS]: The skill documentation recommends and utilizes well-known security tools including slither-analyzer, mythril, and solc-select. These are established utilities from trusted sources within the blockchain security ecosystem.
[PROMPT_INJECTION]: The skill processes untrusted smart contract source code, which serves as an ingestion point for potentially adversarial content. While the script lacks explicit sanitization or boundary markers when reading tool outputs, the current implementation limits the risk by producing structured JSON reports for analysis rather than executing instructions found within the contracts.

analyzing-ethereum-smart-contract-vulnerabilities