← Back to Skills Marketplace
Polygon PoS Development
by
AkshatGada
· GitHub ↗
· v1.0.0
1438
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install polygon-pos-dev
Description
Comprehensive guide for Polygon PoS blockchain development. Use when deploying smart contracts to Polygon, testing on Amoy testnet, getting test tokens from faucets, or verifying contracts on Polygonscan. Supports Foundry framework with deployment scripts and testing strategies.
Usage Guidance
What to consider before installing/using this skill:
- Inconsistency: the registry claims no required env vars, but the guide expects PRIVATE_KEY, POLYGONSCAN_API_KEY, WALLET_ADDRESS, and RPC URLs. Treat that mismatch as a red flag and confirm expected secrets before proceeding.
- Private key risk: following the guide requires supplying a private key which can sign and broadcast real transactions. Never provide your mainnet private key in plaintext to an agent or service. Prefer one of: an ephemeral testnet account, a key with limited funds, a hardware wallet, or a remote signing service (e.g., MetaMask, Gnosis Safe, or a signing API) that keeps the key off the machine/agent.
- Minimize scope: for automation, give the smallest-privilege key possible (testnet-only key, low funds). Avoid embedding long-lived mainnet keys in .env files. Keep .env files out of version control and use secure secret storage where possible.
- Review commands before running: the skill recommends running remote installers (curl | bash) and docker/pip installs. Verify those URLs are official and inspect scripts when possible.
- Autonomous invocation caution: the skill can cause state changes (deploy/transfer) if the agent is allowed to run it with a PRIVATE_KEY. If you enable autonomous invocation, restrict the skill’s access to secrets or disable autonomous execution when sensitive operations are involved.
- Trust & provenance: the skill's source/homepage are unknown. Prefer official/maintained guides or double-check commands against Foundry and Polygon documentation before executing.
If you still want to use this skill: test with an ephemeral/testnet-only key first, do not use a funded mainnet key, and require manual approval before any transaction broadcast.
Capability Analysis
Type: OpenClaw Skill
Name:
Developer:
Version:
Description: OpenClaw Agent Skill
The skill bundle is classified as suspicious primarily due to the use of `curl -L https://foundry.paradigm.xyz | bash` for installing Foundry, as seen in `SKILL.md`, `references/foundry-deployment.md`, and `references/testing-strategies.md`. While this is a common installation method for Foundry from its official source, the `curl | bash` pattern is an inherently high-risk execution method that downloads and executes a remote script, which could be exploited if the source were compromised. Additionally, the skill instructs the agent/user to handle sensitive information like private keys and API keys, although it does provide explicit advice to store them in `.env` files and add them to `.gitignore`.
Capability Assessment
Purpose & Capability
The name/description (Polygon PoS development, Foundry, Amoy testnet, verification on Polygonscan) aligns with the SKILL.md and reference files. All steps, commands, and endpoints are consistent with Foundry-based contract development and deployment to Polygon/Amoy.
Instruction Scope
The SKILL.md instructs the agent/user to create and read a .env containing PRIVATE_KEY, WALLET_ADDRESS, POLYGONSCAN_API_KEY and to run Foundry scripts that call vm.envUint("PRIVATE_KEY") and broadcast transactions. Those actions are within the stated purpose, but they involve reading/using highly sensitive secrets and broadcasting transactions. The instructions also recommend running remote installer scripts (curl | bash foundry installer) and running analysis tools (pip install slither, docker run mythril), which are expected but increase runtime actions the agent could perform. The key concern: the instructions access secrets not declared in the registry metadata and they give the agent the capability to perform state-changing transactions.
Install Mechanism
This is an instruction-only skill with no install spec (lowest code-writing risk). However the guide instructs running external installer commands (curl -L https://foundry.paradigm.xyz | bash && foundryup) and recommends tools installed via pip/docker. The Foundry install URL appears to be the official installer but remote scripted installs carry the usual supply-chain risk and should be validated before running.
Credentials
Registry metadata lists no required environment variables, but the SKILL.md repeatedly instructs use of PRIVATE_KEY, POLYGONSCAN_API_KEY, WALLET_ADDRESS, and optional RPC URLs. Requesting a private key and an API key is proportionate to deployment/verification tasks, but the metadata omission is an inconsistency. PRIVATE_KEY is extremely sensitive because it grants full control of the wallet and can be used to sign live transactions; the guide's use of vm.envUint("PRIVATE_KEY") implies the key will be provided in plaintext environment form, which is risky if mishandled or exposed to an agent with autonomous invocation.
Persistence & Privilege
The skill does not request persistent presence (always:false) and has no install-time modifications. That is appropriate. However the runtime instructions enable broadcasting transactions if the agent is allowed to run autonomously with access to PRIVATE_KEY; so if you permit autonomous invocation, the agent could send transactions on your behalf. This is not a fault of the skill itself but is a user-facing risk to consider before granting the agent secret access.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install polygon-pos-dev - After installation, invoke the skill by name or use
/polygon-pos-dev - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of Polygon PoS development skill with:
- Two development paths: Quick Start (5-10 min) for agents and Complete Guide (30-60 min) for production
- Foundry-based deployment workflow with automated scripts
- Support for Amoy testnet and Polygon mainnet
- Interactive deployment script (deploy-foundry.sh)
- Contract verification helper (verify-contract.sh)
- Multi-faucet helper with 5+ options (get-testnet-tokens.sh)
- Comprehensive reference guides for deployment, testing, and verification
- Sample contracts and templates (HelloWorld.sol, foundry.toml, Deploy.s.sol)
- Complete testing strategies (unit tests, fork testing, testnet testing)
- Troubleshooting guides and safety checklists
Metadata
Frequently Asked Questions
What is Polygon PoS Development?
Comprehensive guide for Polygon PoS blockchain development. Use when deploying smart contracts to Polygon, testing on Amoy testnet, getting test tokens from faucets, or verifying contracts on Polygonscan. Supports Foundry framework with deployment scripts and testing strategies. It is an AI Agent Skill for Claude Code / OpenClaw, with 1438 downloads so far.
How do I install Polygon PoS Development?
Run "/install polygon-pos-dev" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Polygon PoS Development free?
Yes, Polygon PoS Development is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Polygon PoS Development support?
Polygon PoS Development is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Polygon PoS Development?
It is built and maintained by AkshatGada (@akshatgada); the current version is v1.0.0.
More Skills