aiken-dex-security-audit
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it is designed to ingest and process untrusted external data (Aiken source code, schemas, and builder configurations) to produce critical security evaluations. Ingestion points: Required inputs include external Plutus V3 scripts, Aiken types, and off-chain transaction builders as specified in the 'Required inputs' section. Boundary markers: The instructions do not define delimiters or specific 'ignore embedded instructions' directives for the processed source code. Capability inventory: The skill has high influence as its output consists of security reports, unit tests, and property tests that dictate deployment safety. Sanitization: There is no mention of sanitizing or escaping instructions that might be hidden in code comments or metadata within the input files.
Recommendations
- AI detected serious security threats
Audit Metadata