vechain-dev
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references official VeChain packages such as @vechain/vechain-kit, @vechain/sdk-network, and @vechain/sdk-hardhat-plugin. It also uses standard industry libraries including @tanstack/react-query, OpenZeppelin contracts, and the Hardhat framework. These are well-known and trusted sources within the blockchain development community.
- [COMMAND_EXECUTION]: The operating procedures include standard CLI commands for managing development environments, such as nvm use for Node.js versioning and npx hardhat for contract compilation and deployment. These commands are typical for the described workflow.
- [REMOTE_CODE_EXECUTION]: There are no patterns of executing arbitrary remote code from untrusted sources. Network interactions are limited to official VeChain node endpoints (e.g., mainnet.vechain.org), documentation services (Kapa AI), and the official VeChain token registry.
- [DATA_EXFILTRATION]: The skill does not contain instructions to access sensitive local files or exfiltrate user data. Examples use well-known public test mnemonics and environment variables for project configuration, following best practices for local development isolation.
Audit Metadata