Skills
skills/sablier-labs/agent-skills/web3-foundry/Gen Agent Trust Hub

web3-foundry

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill references and provides instructions for installing external Python packages halmos and certora-cli for formal verification. While these are legitimate developer tools, they are retrieved from external repositories at runtime.
  • Evidence: Installation commands pip install halmos and pip install certora-cli found in references/formal-verification.md.
  • [PROMPT_INJECTION] (LOW): The skill possesses an attack surface for indirect prompt injection as it is designed to ingest and process smart contract code and test files to generate scripts and tests. A malicious codebase could potentially contain hidden instructions aimed at influencing the agent's logic or the generated deployment scripts.
  • Ingestion points: The skill interacts with files in tests/, scripts/, and src/ directories.
  • Boundary markers: No explicit boundary markers or 'ignore' instructions for external data are used in the provided templates.
  • Capability inventory: The skill utilizes shell commands for forge, just, pip, halmos, and certoraRun, including on-chain transaction broadcasts.
  • Sanitization: No evidence of input sanitization for code or data read from the local repository.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:47 PM