Skills
skills/alphaonedev/openclaw-graph/smart-contracts/Gen Agent Trust Hub

smart-contracts

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents the use of solc and npx hardhat to compile and deploy smart contracts.
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing standard industry packages hardhat and web3 via npm.
  • [CREDENTIALS_UNSAFE]: The skill describes the use of environment variables like PRIVATE_KEY and INFURA_API_KEY for authentication. It suggests storing these in .env files, which are sensitive file paths used to manage secrets.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection. Ingestion: Reads external smart contract ABIs and RPC provider responses. Boundaries: None explicitly mentioned. Capabilities: Subprocess execution (solc, hardhat) and network operations (web3). Sanitization: Relies on default library parsing for external data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 05:44 PM