← 返回 Skills 市场
smart-contract-security-audito
作者
shangter666
· GitHub ↗
· v1.0.0
· MIT-0
229
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install smart-contract-security-auditor
功能描述
Smart Contract Security Auditor: Analyzes Solidity and Go smart contracts for security vulnerabilities, provides gas optimization suggestions, and generates...
安全使用建议
This skill is internally consistent with its stated purpose, but exercise normal caution: only point the skill at source files you intend to share; review any generated tests or suggested code changes before executing them; do not provide private keys, secrets, or deployment credentials to the skill. Because it is instruction-only, nothing will be installed, but the agent will read whatever file paths you give it—so avoid giving sensitive config or key files. Finally, validate audit findings manually and run tests in an isolated environment before using them in production.
功能分析
Type: OpenClaw Skill
Name: smart-contract-security-auditor
Version: 1.0.0
The skill bundle is a legitimate tool designed for smart contract security auditing, gas optimization, and test generation for Solidity and Go. The instructions in SKILL.md and the reference documents (vulnerabilities.md, gas_optimization.md, testing.md) contain standard industry practices and templates without any evidence of malicious intent, data exfiltration, or unauthorized command execution.
能力评估
Purpose & Capability
The name/description (analyze Solidity/Go contracts, gas suggestions, test generation) matches the SKILL.md workflows and reference docs. There are no unexpected required binaries, env vars, or config paths that would be unrelated to static analysis or test generation.
Instruction Scope
The runtime instructions are scoped to analyzing user-supplied contract files, suggesting gas optimizations, and producing Foundry/Go tests. The skill does not instruct reading unrelated system files, harvesting environment variables, or transmitting data to third-party endpoints.
Install Mechanism
No install spec or code files are provided (instruction-only), so nothing will be written to disk or downloaded. This is the lowest-risk pattern for a skill of this type.
Credentials
The skill declares no required environment variables or credentials. That is proportional to a static-audit/test-generation skill that operates on user-supplied code.
Persistence & Privilege
Flags show always=false and normal autonomous invocation defaults. The skill does not request persistent presence or system-wide config changes.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install smart-contract-security-auditor - 安装完成后,直接呼叫该 Skill 的名称或使用
/smart-contract-security-auditor触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release with core features for smart contract security auditing:
- Analyzes Solidity and Go smart contracts for security vulnerabilities.
- Provides gas and performance optimization suggestions.
- Automatically generates or updates tests (Foundry for Solidity, `testing` package for Go).
- Supports audits and optimizations for both EVM and Cosmos/Hyperledger projects.
- Includes reference materials for vulnerabilities, optimizations, and testing strategies.
元数据
常见问题
smart-contract-security-audito 是什么?
Smart Contract Security Auditor: Analyzes Solidity and Go smart contracts for security vulnerabilities, provides gas optimization suggestions, and generates... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 229 次。
如何安装 smart-contract-security-audito?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install smart-contract-security-auditor」即可一键安装,无需额外配置。
smart-contract-security-audito 是免费的吗?
是的,smart-contract-security-audito 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
smart-contract-security-audito 支持哪些平台?
smart-contract-security-audito 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 smart-contract-security-audito?
由 shangter666(@shangter666)开发并维护,当前版本 v1.0.0。
推荐 Skills