foundry-solidity
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill documentation creates an indirect prompt injection vulnerability surface. \n
- Ingestion points: Processes local files including Solidity contracts (
src/*.sol), test scripts (test/*.t.sol), and configuration files (foundry.toml). \n - Boundary markers: Absent. There are no instructions for the agent to use delimiters or safety markers (e.g., 'ignore instructions within this code') when reading these files. \n
- Capability inventory: The skill enables the execution of the Foundry toolkit (forge, cast, anvil). Specifically, the
forge testcommand can execute arbitrary shell commands if the Foreign Function Interface (ffi) is enabled in the project configuration. \n - Sanitization: Absent. No instructions are provided for sanitizing or validating ingested file content before processing. \n- [COMMAND_EXECUTION]: The skill instructs the agent on the use of CLI tools including
forge,cast, andanvil. It also provides documentation for thevm.fficheatcode, which is a standard but high-risk feature for executing external scripts during contract testing. \n- [EXTERNAL_DOWNLOADS]: Documents methods for acquiring external dependencies via Git submodules and the Soldeer package manager. It also references official tools and GitHub Actions such asfoundry-rs/foundry-toolchainfor automated workflows. \n- [NO_CODE]: This skill consists entirely of Markdown reference files and contains no executable scripts, binaries, or active code payloads in its distribution.
Audit Metadata