solana-dev
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the Solana Model Context Protocol (MCP) server from the official
mcp.solana.comdomain to provide the agent with access to live documentation and expert assistance. - [REMOTE_CODE_EXECUTION]: Downloads and executes the Solana/Agave toolchain installer from
release.anza.xyz, which is the official distribution channel for Solana core development tools. - [REMOTE_CODE_EXECUTION]: Provides instructions to install the Surfpool development utility via a shell script from
run.surfpool.run(or its GitHub releases), a well-known tool in the Solana ecosystem for local networking and testing. - [COMMAND_EXECUTION]: Invokes various development CLI tools, including
anchor,surfpool, andcargo, using theNO_DNA=1environment variable to ensure non-interactive and structured output suitable for AI agents. - [DATA_EXPOSURE]: The skill explicitly defines an 'untrusted data handling' policy for data ingested from the Solana blockchain. It requires the agent to validate account owners and data length, and to ignore any instructions embedded in on-chain data (e.g., in metadata or logs) to prevent indirect prompt injection.
- [CREDENTIALS_SAFE]: Contains strict instructions prohibiting the agent from requesting, generating, or storing private keys or seed phrases, ensuring that all signing operations are delegated to secure, user-approved wallet flows.
Audit Metadata