deploying-contracts-on-base
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill incorporates strong security warnings and best practices, specifically advising users to never commit private keys to version control and to use Foundry's encrypted keystore or environment variables for sensitive data.
- [SAFE]: Includes explicit input validation requirements for all user-provided parameters, such as contract paths and RPC URLs, using regular expressions to mitigate the risk of command injection when building shell commands.
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the
@coinbase/cdp-sdkanddotenvNode.js packages. These are official vendor tools and standard libraries for interacting with the Coinbase Developer Platform, used here for testnet faucet operations. - [COMMAND_EXECUTION]: Utilizes standard
forgeCLI tools from the Foundry suite for contract deployment and verification. The provided command templates are designed to work with validated inputs and environment variables.
Audit Metadata