Upgrade Stylus Contracts
Security checks across malware telemetry and agentic risk
Overview
This is a documentation-only guide for upgrading Stylus smart contracts, with no executable code or hidden install behavior.
Before applying this guidance to live contracts, compare it with official OpenZeppelin and Arbitrum Stylus documentation, test upgrades on a fork or testnet, confirm storage-layout compatibility and access control, and manually review every address, calldata value, network, and wallet or governance approval before signing.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.