entry-point-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and analyze untrusted smart contract source code, which creates a potential surface for indirect prompt injection.
- Ingestion points: The skill reads external contract files with extensions such as .sol, .vy, .rs, .move, .fc, and .tact.
- Boundary markers: No specific boundary markers or 'ignore' instructions are used when reading and processing the content of these files.
- Capability inventory: The skill utilizes the Bash tool (to run Slither), as well as Read, Grep, and Glob tools for file inspection.
- Sanitization: There is no explicit sanitization or validation of the input file content before it is processed by the agent.
- [Command Execution] (SAFE): The skill uses the Bash tool only to verify the presence of 'slither' and to execute a pre-defined static command for entry-point printing. No dynamic or user-controlled command construction was observed.
Audit Metadata