ponder
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate configuration and boilerplate for Ponder, which is an established open-source framework for indexing blockchain events.- [SAFE]: All listed dependencies (ponder, hono, viem, graphql, graphql-request) are reputable and widely used packages in the Web3 and Node.js ecosystems.- [SAFE]: Environment variable recommendations (e.g., DATABASE_URL, PONDER_RPC_URL) align with standard security practices for managing sensitive configuration via .env files rather than hardcoding credentials.- [SAFE]: File system interactions are limited to standard workspace management within the project directory (packages/ponder and packages/nextjs) to share contract metadata.- [SAFE]: Network operations are confined to standard blockchain RPC interactions and local GraphQL API serving, with no evidence of data exfiltration to unauthorized third-party domains.
Audit Metadata