substrate-vulnerability-scanner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No security issues detected. The skill acts as a legitimate template for security audits and does not contain malicious code, remote downloads, or credential harvesting patterns.
- [Indirect Prompt Injection] (SAFE): The skill has an attack surface for indirect prompt injection as it is designed to ingest and analyze untrusted Rust code from external pallet files. However, this is the primary intended purpose of the skill, and the risk is inherent to security auditing tasks. * Ingestion points: Rust source files in
pallets/andruntime/. * Boundary markers: None specified in the scanning instructions. * Capability inventory: Executesrg(ripgrep) for pattern matching andcargofor building/testing/benchmarking projects. * Sanitization: None specified.
Audit Metadata