Skills
skills/sendaifun/solana-new/scaffold-project/Gen Agent Trust Hub

scaffold-project

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell scripts in SKILL.md to manage telemetry and workspace setup, executing commands like cat, grep, sed, mkdir, and curl to interact with the local environment.- [DATA_EXFILTRATION]: A telemetry system transmits usage metrics and platform information to an external endpoint (Convex) via curl. This behavior reads from ~/.superstack/config.json and is gated by a user consent prompt.- [REMOTE_CODE_EXECUTION]: The skill performs remote code operations, including cloning GitHub repositories and installing packages via npx skills add and npx create-solana-dapp. It references various repositories and templates from the Solana ecosystem.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface with the following characteristics:
  • Ingestion points: Project requirements are read from .superstack/idea-context.md in SKILL.md.
  • Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands when reading context data.
  • Capability inventory: The skill possesses the ability to execute shell commands, clone repositories, and install remote packages (SKILL.md).
  • Sanitization: Absent; the content from the context file is processed to inform project structure and dependency selection without explicit validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 03:15 PM