← 返回 Skills 市场

Solidity Developer

Name: Solidity Developer
Author: mzfshark

作者 Mauricio Z. · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ 安全检测通过

总下载

当前安装

版本数

在 OpenClaw 中安装

/install axodus-solidity-dev

功能描述

Implement secure Solidity smart contracts with tests and safety patterns.

使用说明 (SKILL.md)

SKILL: solidity-dev

Purpose

Design and implement secure Solidity smart contracts with explicit security controls, tests, and deterministic build/validation steps.

When to Use

The task requires a new contract (ERC-20/721/1155) or extending an existing one.
You need secure patterns (access control, pausable, reentrancy protection).
You need Hardhat/Foundry test scaffolding.

Inputs

contract_spec (required, object|string): requirements, roles, invariants, events.
standard (optional, enum: erc20|erc721|erc1155|custom).
tooling (optional, enum: hardhat|foundry).
security_constraints (optional, string[]): e.g., â€œno upgradeabilityâ€, â€œpausable requiredâ€.
deployment_target (optional, string): local/testnet/mainnet (mainnet requires explicit user approval).

Steps

Clarify requirements:
- roles and permissions
- asset flows
- invariants (must always hold)
Select proven libraries (prefer OpenZeppelin) and decide if upgradeability is required.
Implement contract with explicit patterns:
- access control (Ownable/AccessControl)
- checks-effects-interactions for external calls
- ReentrancyGuard where applicable
- Pausable for emergency stop if appropriate
Add events for critical state changes.
Write tests that assert invariants and failure modes.
Validate:
- compile
- run tests
- run static checks when available (slither/foundry invariants) without blocking if tooling is absent.

Validation

No privileged method lacks access control.
External calls are safe (reentrancy considered).
Arithmetic uses Solidity 0.8+ safety; no unsafe casts without justification.
Tests cover:
- happy path
- access control denial
- edge conditions
- reentrancy-sensitive flows (where relevant)

Output

Contract source files (paths)
Test files (paths)
Build/validate commands
Security notes (assumptions + risk areas)

Safety Rules

Never embed private keys, mnemonics, or RPC secrets in code.
Never deploy to mainnet without explicit user confirmation and a dry-run on testnet/local first.
Avoid custom crypto unless unavoidable.
Reject â€œguaranteed profitâ€ or manipulative tokenomics requirements.

Example

Input:

standard: erc20
contract_spec: â€œMintable by MINTER_ROLE, pausable transfers, capped supply.â€

Output:

contracts/MyToken.sol, test/MyToken.t.sol (or Hardhat equivalent)
validation: forge test (or npx hardhat test)

安全使用建议

This skill is coherent and low-risk: it provides step-by-step guidance for writing and testing Solidity contracts and does not request secrets or install code. Before using it, verify the publisher (metadata shows inconsistent owner strings), and be aware that the agent may attempt to run local tooling (Hardhat/Foundry/Slither) if available — the skill will not itself install those tools. Never provide private keys, mnemonics, or RPC credentials to the agent; review any generated deployment commands and perform independent security audits and CI runs before deploying to testnet or mainnet.

功能分析

Type: OpenClaw Skill Name: axodus-solidity-dev Version: 1.0.0 The skill bundle provides a well-structured set of instructions for an AI agent to develop secure Solidity smart contracts. It emphasizes security best practices such as using OpenZeppelin libraries, implementing AccessControl, and following the Checks-Effects-Interactions pattern. The instructions in SKILL.md and solidity-dev.md include explicit safety rules that prohibit embedding private keys and require user confirmation for mainnet deployments, showing a clear focus on security and safety rather than malicious intent.

能力标签

crypto

能力评估

✓ Purpose & Capability

Name, description, and instructions align: the skill is an instruction-only Solidity development helper that focuses on secure patterns, tests, and validation. It does not request unrelated binaries, credentials, or system paths.

✓ Instruction Scope

SKILL.md directives (clarify requirements, use OpenZeppelin, implement access control, write tests, run compile/test/static checks) stay within the stated purpose. The instructions do mention running tools (forge, hardhat, slither) but do not ask the agent to read unrelated files, exfiltrate secrets, or perform operations outside normal dev/test/build workflows.

✓ Install Mechanism

No install spec and no code files — instruction-only skill. This is the lowest-risk install posture; the skill will rely on existing tooling in the agent environment rather than downloading or extracting code.

✓ Credentials

No required environment variables, credentials, or config paths are declared. Safety rules explicitly prohibit embedding private keys or RPC secrets. The lack of requested secrets is proportionate to the stated functionality.

✓ Persistence & Privilege

always:false and no config-path writes are declared. The skill does not request permanent presence or elevated privileges beyond normal autonomous invocation (the platform default).

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install axodus-solidity-dev
安装完成后，直接呼叫该 Skill 的名称或使用 /axodus-solidity-dev 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release summary: Provides a secure, structured workflow for developing, testing, and validating Solidity smart contracts. - Implements security-first best practices and explicit safety patterns (access control, pausable, reentrancy protection). - Supports ERC-20, ERC-721, ERC-1155, and custom contract types with proven library selection. - Includes test scaffolding and validation steps using Hardhat or Foundry. - Requires explicit user approval for mainnet deployments and enforces best-practice safety rules. - Generates contract sources, tests, build/validation commands, and security notes for each contract.

元数据

Slug axodus-solidity-dev

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题