← Back to Skills Marketplace
Solidity Audit Precheck
by
samledger67-dotcom
· GitHub ↗
· v1.0.1
· MIT-0
309
Downloads
0
Stars
1
Active Installs
9
Versions
Install in OpenClaw
/install solidity-audit-precheck
Description
Automated pre-audit checklist for Solidity smart contracts. Runs SWC registry scan, OpenZeppelin pattern validation, gas optimization suggestions, and common...
Usage Guidance
This skill appears to do what it advertises: run local static analysis, linting, and AST checks on Solidity code. Before installing or following its install commands: 1) inspect the remote installer (foundry.paradigm.xyz) before running curl | bash and prefer platform packages or pinned installers where possible; 2) install Python/Node/Rust tools in isolated environments (virtualenv, nvm, cargo home) or CI containers to limit system impact; 3) pin tool versions to ensure reproducible results; 4) don't provide any secrets—the skill does not request them and they are unnecessary; 5) treat automated checks as a pre-filter only and still obtain a manual audit for production deployments. If you want higher assurance, ask the author for a signed, versioned install manifest or prefer installing tools from your organization's approved package sources.
Capability Analysis
Type: OpenClaw Skill
Name: solidity-audit-precheck
Version: 1.0.1
The skill provides a comprehensive workflow for auditing Solidity contracts using legitimate security tools like Slither, Mythril, and Foundry. However, it requires high-risk system operations in SKILL.md, including installing multiple packages via pip, npm, and cargo, and executing a 'curl|bash' command from foundry.paradigm.xyz. While these actions are plausibly needed for the stated purpose of setting up a security toolchain, the requirement for broad shell access and third-party binary execution on the host system meets the threshold for a suspicious classification.
Capability Assessment
Purpose & Capability
Name and description (Solidity pre-audit checklist) match the instructions: static analysis (Slither, Mythril), linting (Solhint), AST analysis (Aderyn), and Foundry workflows are all expected for this purpose. No unrelated capabilities or credentials are requested.
Instruction Scope
SKILL.md explicitly instructs the agent/operator to enumerate contract files, run analyzers, and inspect project config files (foundry.toml, remappings, package.json). Those actions are within the stated scope and do not ask the agent to read unrelated system files or exfiltrate data.
Install Mechanism
The skill recommends installing multiple third‑party tools via pip, npm, cargo, and a curl | bash installer for Foundry. These install methods are common for dev tooling but carry higher risk (especially the remote install script). The instructions do not bundle or pin specific release artifacts within the skill itself.
Credentials
No environment variables, credentials, or config paths are required by the skill. The operations described act on the local codebase only, which is appropriate for a pre-audit checklist.
Persistence & Privilege
Skill does not request always-on presence and does not instruct modifying other skills or global agent configuration. Autonomous invocation is allowed by default but not combined with elevated privileges or secret access.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install solidity-audit-precheck - After installation, invoke the skill by name or use
/solidity-audit-precheck - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Proper name and description (was published as TEST)
v9.9.9
test
v0.0.1
Initial release.
- Provides an automated pre-audit checklist for Solidity smart contracts.
- Guides users through SWC registry scan, OpenZeppelin pattern validation, gas optimization suggestions, and vulnerability detection.
- Includes detailed guidance on using Slither, Mythril, Solhint, Aderyn, and Foundry.
- Contains manual and automated steps for pattern validation and gas efficiency.
- Designed to reduce audit costs and catch common issues before manual review.
v98.0.0
probe
v99.0.1
Corrected publish — restoring proper name
v99.0.0
test
v0.0.0-check
No changes detected in this version.
- No file or content changes were made compared to the previous version.
v0.0.0-probe
- Initial probe release; no code or documentation changes detected.
- Version and skill metadata remain at 1.0.0.
- All instructions and pre-audit checklists are unchanged.
v1.0.0
Initial release: Automated pre-audit checklist, SWC registry scan, OpenZeppelin pattern validation, gas optimization, common vulnerability detection
Metadata
Frequently Asked Questions
What is Solidity Audit Precheck?
Automated pre-audit checklist for Solidity smart contracts. Runs SWC registry scan, OpenZeppelin pattern validation, gas optimization suggestions, and common... It is an AI Agent Skill for Claude Code / OpenClaw, with 309 downloads so far.
How do I install Solidity Audit Precheck?
Run "/install solidity-audit-precheck" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Solidity Audit Precheck free?
Yes, Solidity Audit Precheck is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Solidity Audit Precheck support?
Solidity Audit Precheck is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Solidity Audit Precheck?
It is built and maintained by samledger67-dotcom (@samledger67-dotcom); the current version is v1.0.1.
More Skills