lista-wallet-connect
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or high-risk vulnerabilities were found. The skill is designed with safety as a priority, ensuring that transactions are simulated for errors before the user is asked for consent.
- [COMMAND_EXECUTION]: The skill executes system commands like 'open', 'start', or 'xdg-open' to display QR code images during the wallet pairing process. These commands use internally managed file paths and do not incorporate unvalidated user input.
- [EXTERNAL_DOWNLOADS]: The skill communicates with official Ethereum and BSC RPC nodes and the 4byte.directory API. These are standard external resources for EVM-compatible wallet tools.
- [CREDENTIALS_UNSAFE]: A public WalletConnect Project ID is hardcoded in the environment configuration. This is a standard practice for decentralized application integrations and is not considered a sensitive credential.
Audit Metadata