Skills
skills/mystenlabs/sui-dev-skills/sui-dev/Gen Agent Trust Hub

sui-dev

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides patterns for interacting with local development tools, such as the Sui CLI (sui move build), using Node.js child_process.execSync to facilitate contract compilation and package publication flows.
  • [EXTERNAL_DOWNLOADS]: The skill references official migration guides and documentation hosted on vendor-owned domains (e.g., sdk.mystenlabs.com). These references are intended to provide the agent with up-to-date technical guidance for SDK version transitions.
  • [PROMPT_INJECTION]: The skill includes instructions for the agent to fetch and follow external guidelines from a remote URL for SDK migration tasks.
  • Ingestion points: sui-ts-sdk/SKILL.md (via remote URL fetch of migration documentation)
  • Boundary markers: Absent for the remote instruction fetch
  • Capability inventory: File system access and command execution via execSync patterns in sui-ts-sdk/SKILL.md
  • Sanitization: None; the agent is directed to treat the remote content as authoritative guidance for the migration task.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 11:44 AM