smart-contract-security-audito
v1.0.0Smart Contract Security Auditor: Analyzes Solidity and Go smart contracts for security vulnerabilities, provides gas optimization suggestions, and generates...
⭐ 0· 133·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (analyze Solidity/Go contracts, gas suggestions, test generation) matches the SKILL.md workflows and reference docs. There are no unexpected required binaries, env vars, or config paths that would be unrelated to static analysis or test generation.
Instruction Scope
The runtime instructions are scoped to analyzing user-supplied contract files, suggesting gas optimizations, and producing Foundry/Go tests. The skill does not instruct reading unrelated system files, harvesting environment variables, or transmitting data to third-party endpoints.
Install Mechanism
No install spec or code files are provided (instruction-only), so nothing will be written to disk or downloaded. This is the lowest-risk pattern for a skill of this type.
Credentials
The skill declares no required environment variables or credentials. That is proportional to a static-audit/test-generation skill that operates on user-supplied code.
Persistence & Privilege
Flags show always=false and normal autonomous invocation defaults. The skill does not request persistent presence or system-wide config changes.
Assessment
This skill is internally consistent with its stated purpose, but exercise normal caution: only point the skill at source files you intend to share; review any generated tests or suggested code changes before executing them; do not provide private keys, secrets, or deployment credentials to the skill. Because it is instruction-only, nothing will be installed, but the agent will read whatever file paths you give it—so avoid giving sensitive config or key files. Finally, validate audit findings manually and run tests in an isolated environment before using them in production.Like a lobster shell, security has layers — review code before you run it.
latestvk97ddt6rkvgtcm3dfj3jcz57hh833eb5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.