smart-contract-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWSAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze external Solidity files, which presents a surface for indirect prompt injection. Ingestion points: User-provided
.solfiles processed via regex-based validations. Boundary markers: None explicitly defined to delimit untrusted code from instructions. Capability inventory: Limited to reasoning and providing text-based code reviews; no subprocess calls, file-write, or network operations detected across files. Sanitization: None present; uses basic regex heuristics for analysis. - Prompt Injection (SAFE): No instructions found that attempt to bypass AI safety filters or override the system prompt.
- Data Exposure & Exfiltration (SAFE): No sensitive file paths or unauthorized network operations (e.g., curl, fetch) were detected.
- Obfuscation (SAFE): No use of Base64, zero-width characters, or homoglyphs identified.
- Unverifiable Dependencies & Remote Code Execution (SAFE): References to OpenZeppelin are used within static code examples; no runtime installation or remote script execution (e.g., pipe to bash) is performed.
- Privilege Escalation (SAFE): No commands involving sudo, chmod, or system service modifications.
- Persistence Mechanisms (SAFE): No modifications to shell profiles, cron jobs, or startup services.
- Metadata Poisoning (SAFE): Metadata fields are relevant and consistent with the skill's stated purpose.
- Time-Delayed / Conditional Attacks (SAFE): No logic gating behavior based on time, dates, or specific environment conditions.
- Dynamic Execution (SAFE): No usage of eval, exec, or unsafe deserialization of untrusted data.
Audit Metadata