smart-contract-security-review
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Detected potential for Indirect Prompt Injection (Category 8) due to the skill's core function of processing untrusted external data.
- Ingestion points: The skill reads
.scalasource files from a user-provided<path>usinggrepand file-read operations. - Boundary markers: The instructions do not define clear delimiters or specific instructions to ignore embedded natural language directives within the audited Scala files.
- Capability inventory: The skill has the ability to write to files (
TodoWrite) and execute shell commands via a build tool (sbtn compile,sbtn quick). - Sanitization: There is no explicit sanitization or filtering of the content read from the source files before it is processed by the LLM.
- Context: While the skill includes a 'False Positive Verification' step that requires mental or actual test tracing, a sophisticated indirect injection in the source code could attempt to influence the LLM's judgment during the analysis or reporting phase.
Audit Metadata