multiversx-variant-analysis
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (MEDIUM): Vulnerable to Indirect Prompt Injection (Category 8) as it processes untrusted source code to generate security reports.
- Ingestion points: Analyzes files within the
src/directory. - Boundary markers: None; the agent is not instructed to distinguish between code and embedded instructions in comments.
- Capability inventory: Uses shell commands (
grep,bash,semgrep) to search and analyze code patterns. - Sanitization: No sanitization is applied to the input code, allowing malicious comments to potentially influence the agent's findings or logic.
- [COMMAND_EXECUTION] (LOW): Uses shell scripts for pattern discovery.
- Evidence: Section 8 includes a loop:
grep -rn "#[payable" src/ | cut -d: -f1 | sort -u | while read file; do ... done. - Risk: While the provided scripts include quotes for variables, the complexity of the pipelines and the processing of untrusted file structures could lead to unintended behavior in some shell environments.
Audit Metadata