Genlayer Dev Claw Skill
v0.1.0Write, deploy, and interact with GenLayer Python smart contracts featuring LLM calls, web access, and blockchain-consensus-safe non-determinism.
⭐ 1· 1.5k·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The files and SKILL.md are documentation, examples, and CLI/deployment guidance for GenLayer smart contracts — consistent with the skill name/purpose. The skill does not declare unrelated requirements (no env vars, binaries, or installs).
Instruction Scope
The runtime instructions are purely documentation/examples showing how to write contracts and use the genlayer CLI and SDK. They do include commands that, if executed (e.g., importing private keys, using genlayer accounts, setting GENLAYER_API_KEY), would touch sensitive data; however the skill itself does not request or access those. Treat these as actionable instructions the user might follow, not autonomous actions the skill will take.
Install Mechanism
No install spec and no code files — instruction-only. Nothing is downloaded or written to disk by the skill bundle itself.
Credentials
The skill declares no required environment variables or credentials. The documentation references environment variables (GENLAYER_NETWORK, GENLAYER_ACCOUNT, GENLAYER_RPC_URL, GENLAYER_API_KEY) and a config path (~/.genlayer/config.json) as part of normal GenLayer usage; these are expected for deployment workflows but are not requested by the skill. Users should not paste secrets into the assistant and should keep private keys/API keys out of untrusted contexts.
Persistence & Privilege
always is false and the skill is instruction-only (no persistent installs or modifications to other skills). It does not request elevated persistence or cross-skill config changes.
Assessment
This skill is documentation and examples for GenLayer contracts and does not itself install code or request credentials. That said: 1) The README and guides show commands that will require sensitive data (private keys, GENLAYER_API_KEY, RPC endpoints) when you run them locally — do not paste secrets into the assistant or into third-party sites. 2) The skill's source/homepage is unknown; if you plan to follow CLI/install instructions (npm install -g genlayer, genlayer up, importing keys), verify those URLs and the official GenLayer project first. 3) Treat the code snippets as sample patterns — test in an isolated localnet/dev environment (genlayer up / Docker) before using on testnet/mainnet. If you want, I can: summarize the attack surface in a checklist, highlight any example snippets that would require private keys or network access, or point to what to verify on the upstream repo before trusting it.Like a lobster shell, security has layers — review code before you run it.
latestvk97f3xmj6kh7vgv2msrtrf4aed80cty5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.