Install
openclaw skills install evm-transaction-safety-previewEvm Transaction Safety Preview
Free EVM transaction safety triage for agents before signing txs; routes deep explain/simulate/token-risk checks to the paid ClawMart EVM Transaction Safety Toolkit.
Audits
PassEVM Transaction Safety Preview
Use this free preview when an agent is about to sign or route an EVM transaction and needs a fast, no-payment triage before installing the paid ClawMart toolkit.
What this free preview does
Run a lightweight pre-signing check:
| Area | Pass signal | Common failure |
|---|---|---|
| Chain + target | Chain id, RPC target, and contract address match the intended action | Signing on the wrong EVM chain or interacting with a spoofed contract |
| Calldata intent | Function selector and decoded params match the user’s instruction | Blind calldata, unexpected delegatecall/proxy target, hidden approval |
| Value + allowance | Native value and ERC-20 approval amount are expected and bounded | Infinite approval, excessive value, unknown spender |
| Token/contract risk | Token has sane metadata/liquidity/ownership signals | Honeypot, blacklistable token, owner-controlled tax, low-liquidity bait |
| Simulation posture | A dry run is available or the transaction is paused for review | Agent signs without knowing state changes or revert reason |
Minimal workflow
- Capture chain, from address, to address, value, calldata, and any token/spender being approved.
- Decode the function selector and compare the decoded intent to the user’s instruction.
- Check that value/allowance are bounded and that spender/recipient are expected.
- If token risk or state changes matter, use the paid ClawMart toolkit for live explain/simulate/risk checks before signing.
- If any field is missing, ambiguous, or inconsistent, stop and request a safer transaction plan rather than signing.
Paid upgrade path
Install EVM Transaction Safety Toolkit on ClawMart when you need production-backed live checks:
https://www.shopclawmart.com/listings/evm-transaction-safety-toolkit-89902e40
Backends used by the paid package:
https://evm-tx-toolkit.mtree.workers.dev/v1/tx/explain— decode and explain confirmed transactionshttps://evm-tx-toolkit.mtree.workers.dev/v1/tx/simulate— pre-flight simulation and revert/state-change summaryhttps://evm-tx-toolkit.mtree.workers.dev/v1/token/risk_scan— ERC-20 risk scoring
Safety limits
- Do not request, reveal, or store seed phrases, private keys, session keys, or raw wallet credentials.
- Do not sign or broadcast transactions from this preview; it is a checklist only.
- Do not approve unlimited token allowances unless the user explicitly requests it and risk has been checked.
- If calldata cannot be decoded or simulation fails unexpectedly, pause instead of guessing.
Anti-patterns
- Treating a friendly dapp name as proof that the
toaddress is safe. - Signing approvals before checking spender and allowance.
- Skipping simulation because a transaction is “small.”
- Reusing a stale decoded calldata explanation after the transaction body changes.