oracle-flashloan-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to analyze untrusted, external smart contract source code. This creates a surface for indirect prompt injection where malicious instructions could be embedded within code comments or metadata of a contract being audited.
- Ingestion points: Smart contract source code files (Solidity) provided by the user for analysis.
- Boundary markers: None identified; the skill instructions do not specify delimiters to separate untrusted code from analysis instructions.
- Capability inventory: The skill is limited to logical analysis, classification, and report generation; it does not include commands for network access, file system modification, or process execution.
- Sanitization: No evidence of input sanitization or filtering is present in the skill's logic.
Audit Metadata