jaw-sdk-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as an authoritative reference for the JAW SDK and associated packages (@jaw.id/core, @jaw.id/wagmi, @jaw.id/ui, @justaname.id/sdk). All external resources and dependencies belong to the vendor's own namespace or are well-known, industry-standard libraries.
- [SAFE]: The skill implements secure patterns for handling credentials. It explicitly instructs developers to use environment variables (e.g., process.env.JAW_API_KEY, process.env.PRIVATE_KEY) and secrets managers for sensitive data, and correctly uses placeholders in its code examples.
- [PROMPT_INJECTION]: The skill documentation includes an attack surface for indirect prompt injection through the processing of untrusted data from external sources.
- Ingestion points: The skill describes how to resolve ENS records and fetch text metadata (e.g., in rules/ens-identity.md using @justaname.id/sdk).
- Boundary markers: The provided implementation examples do not use delimiters or boundary markers to isolate data fetched from ENS records.
- Capability inventory: The skill documents high-privilege capabilities including sending blockchain transactions, batching calls, and signing messages (e.g., in rules/transactions.md, rules/signing.md, and rules/account-api.md).
- Sanitization: No specific sanitization or validation of external ENS record content is demonstrated in the code patterns. This represents a standard functional surface for applications integrating with public registry data.
Audit Metadata