Skills
skills/rustydotwtf/doppler-skills/migrator-uniswap-v3/Gen Agent Trust Hub

migrator-uniswap-v3

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides explicit bash commands in references/INTERFACE.md to extract smart contract ABIs using the forge CLI tool and jq. While these are legitimate developer tools, they represent a vector for executing commands based on project documentation.
  • [EXTERNAL_DOWNLOADS]: The skill points to external resources on GitHub (github.com/whetstoneresearch/doppler) as the primary source of truth for contract addresses and source code in SKILL.md, references/INTERFACE.md, and references/OVERVIEW.md.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection by instructing the agent to fetch and process external source code from GitHub to perform verification tasks.
  • Ingestion points: External Solidity files and deployment JSONs referenced via GitHub URLs in references/INTERFACE.md and references/OVERVIEW.md.
  • Boundary markers: No explicit markers are used to isolate or warn the agent about potentially malicious instructions embedded in the external Solidity comments or metadata.
  • Capability inventory: The skill leverages forge for contract inspection and describes logic for verifying on-chain transaction outcomes.
  • Sanitization: There is no evidence of sanitization or content validation for the fetched external source files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 07:36 PM