Giveaway Skills
v0.1.0Call guide and best practices for the BSC on-chain giveaway contract based on contracts/contracts/Giveaway.sol, including contract address, core method signa...
⭐ 0· 218·0 current·0 all-time
byFranck.S@franckstone
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (BSC giveaway contract call guide) matches the SKILL.md content: contract address, function signatures, parameter meanings, and ethers.js usage. The skill does not request unrelated permissions, binaries, or credentials.
Instruction Scope
SKILL.md stays within the scope of calling and interacting with the specified contract (create/claim/withdraw/whitelist/read). It assumes a provider/signer and compiled ABI artifacts, which is appropriate for the described tasks. It does not instruct reading system files or exporting unrelated data.
Install Mechanism
There is no install spec; the skill is instruction-only and therefore does not write code to disk or download external packages. This is the lowest-risk install model.
Credentials
The SKILL.md requests no environment variables or credentials. Operational use will require an RPC endpoint and a signer (private key or wallet) provided externally — this is expected but sensitive. The skill does not ask for unrelated credentials.
Persistence & Privilege
always is false and the skill does not request persistent system privileges or modify other skills' configs. The agent may invoke the skill autonomously by default, but that is the platform norm and not a specific risk here.
Assessment
This skill is an instruction-only guide and appears internally consistent, but follow these precautions before using it: 1) Verify the contract address and source on BscScan (confirm the on-chain bytecode and verified source match) before sending funds. 2) Review the actual Giveaway.sol source (FEERATE, EXPIREDRATE, transfer behavior) to understand fees and edge cases. 3) Never paste private keys into untrusted UIs — use a hardware wallet or signer abstraction; avoid granting any agent or interface direct access to your private keys. 4) When using ERC-20 giveaways, approve only the exact amount required and consider allowance limits to reduce risk. 5) Test interactions on a BSC testnet or with minimal amounts first. 6) Be cautious about the RANDOM distribution mode (it can send variable amounts) and the contract’s handling of fees and safe transfers. 7) Since the skill is instruction-only and does not itself perform transactions, ensure the code you run (ABI/artifacts and provider/signer setup) comes from trusted sources.Like a lobster shell, security has layers — review code before you run it.
latestvk97cjx1athfrhb8t9w643jnf8582f7qg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.