walletconnect
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily composed of documentation and API reference material for WalletConnect v2 SDKs. It does not contain executable code, scripts, or malicious prompt instructions.- [SAFE]: Includes a dedicated security section ('best-practices-security-debugging.md') that provides legitimate security advice: protecting private keys, validating CAIP-2 and CAIP-10 identifiers, and verifying session namespaces.- [SAFE]: Documentation explicitly warns against using unverified sources for connection URIs and provides instructions on how to validate the 'wc:' protocol format before processing.- [SAFE]: Uses clearly labeled placeholders like 'YOUR_PROJECT_ID', 'your-app-id', and 'your-api-key' for sensitive configuration fields, preventing the accidental exposure of real credentials.- [EXTERNAL_DOWNLOADS]: Mentions official WalletConnect packages from the well-known '@walletconnect' NPM scope (e.g., @walletconnect/sign-client, @walletconnect/universal-provider). These are documented neutrally as required dependencies for the protocol implementation.
Audit Metadata