stable-layer-sdk
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent SDK guide for Stable Layer on Sui, but users should verify the npm package and carefully review any blockchain transaction before signing.
Before installing, verify the npm package provenance and use testnet first. Do not expose private keys to the agent or store them in code, and only sign mainnet transactions after manually confirming the network, recipient, coin type, and amount.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or unauthorized transaction could move, burn, or otherwise affect on-chain assets.
The documented methods construct and execute financial blockchain transactions. This is aligned with the SDK purpose, but the impact can be irreversible if the wrong amount, coin type, or network is used.
Mint stablecoins by depositing USDC... Burn stablecoins to redeem USDC... await suiClient.signAndExecuteTransaction({ transaction: tx, signer: keypair });Use testnet first, inspect transaction contents, confirm amounts and coin types, and require explicit human approval before signing or submitting mainnet transactions.
Anyone with the private key can sign transactions for that wallet.
The example uses a private key to create a signer. This is expected for Sui transaction execution, but private keys are highly sensitive and grant account authority.
const keypair = Ed25519Keypair.fromSecretKey(YOUR_PRIVATE_KEY);
Do not paste private keys into chat or shared files; prefer secure wallet signing, hardware wallets, or isolated environment variables where possible.
Installing or using an unverified package could introduce unexpected code into a project, especially risky when it builds transactions for financial assets.
The skill depends on external npm packages, including the SDK package, but the reviewed artifacts do not include that package source or pinned versions. This is normal SDK setup, but users cannot verify package behavior from these artifacts alone.
npm install stable-layer-sdk @mysten/sui @mysten/bcs
Verify the npm package name, publisher, version, source repository, and package integrity before installing or using it for mainnet transactions.