use-modular-wallets
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices for blockchain applications. It explicitly instructs users to avoid hardcoding secrets, use environment variables, and require user confirmation for transactions.
- [EXTERNAL_DOWNLOADS]: All external dependencies (@circle-fin/modular-wallets-core, viem, bip39) are reputable industry-standard packages or official vendor libraries from Circle.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns were detected. Code interaction is limited to standard API calls to Circle's infrastructure.
- [DATA_EXFILTRATION]: There is no evidence of data exfiltration. Communication is restricted to well-known vendor endpoints for RPC and passkey transport.
- [PROMPT_INJECTION]: The skill does not contain instructions that would allow for prompt injection or bypassing agent safety guidelines.
- [CREDENTIALS_UNSAFE]: The skill emphasizes the use of environment variables for keys and warns against using insecure storage (like localStorage) for sensitive passkey credentials in production environments.
Audit Metadata