ton-bug-triage
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Python
subprocessmodule across its script suite to execute local blockchain binaries and scripts from user-provided directories. - In
scripts/run_basic_network.pyandscripts/run_mixed_network.py, it spawns validator processes such asvalidator-engineto establish the local test network. - In
scripts/compile_tolk.py, it invokes thetolkcompiler binary to transform source code into blockchain-compatible artifacts. - In
scripts/run_fift_script.py,scripts/wallet_send.py, andscripts/build_stateinit.py, it executes thefiftinterpreter to process contract assembly and sign messages. - In
scripts/ton_triage_lib.py, it usessys.executableto rungenerate_tl.pyfrom the local repository for API binding generation. - [PROMPT_INJECTION]: The skill processes data from blockchain states and validator logs, which constitutes an indirect prompt injection surface.
- In
scripts/inspect_latest_transaction.py, it fetches and displays transaction comments and message bodies that may contain untrusted content from the blockchain. - In
scripts/summarize_run.py, it parses validator and error logs for debugging markers and user-defined patterns, which involves reading content potentially influenced by external events.
Audit Metadata