Skills
skills/transilienceai/communitytools/blockchain-security/Gen Agent Trust Hub

blockchain-security

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses the solcx library to download and install official versions of the Solidity compiler (solc) for contract analysis purposes.
  • [COMMAND_EXECUTION]: Executes shell commands via curl to interact with external CTF challenge infrastructure for retrieving connection info.
  • [REMOTE_CODE_EXECUTION]: Compiles Solidity source code and deploys bytecode to remote blockchain RPC endpoints using web3.py, as required for security testing and exploit verification.
  • [PROMPT_INJECTION]: The skill identifies and analyzes external smart contract code and blockchain state, which constitutes an indirect prompt injection attack surface.
  • Ingestion points: Contract source code, bytecode, and storage values retrieved from the blockchain (SKILL.md).
  • Boundary markers: None present; instructions do not provide delimiters for untrusted contract data.
  • Capability inventory: Shell access (curl), bytecode compilation (solcx), and remote transaction execution (web3.py).
  • Sanitization: No explicit validation or filtering of contract metadata or comments is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 11:11 PM