← 返回 Skills 市场
samledger67-dotcom

Upgrade Solidity Contracts

作者 samledger67-dotcom · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ⚠ suspicious
266
总下载
0
收藏
1
当前安装
3
版本数
在 OpenClaw 中安装
/install upgrade-solidity-contracts
功能描述
Upgrade Solidity smart contracts using OpenZeppelin proxy patterns. Use when users need to: (1) make contracts upgradeable with UUPS, Transparent, or Beacon...
安全使用建议
This is a documentation-only skill about OpenZeppelin upgrade patterns and appears coherent for that purpose. Before installing/using it: (1) verify provenance — the SKILL.md claims OpenZeppelin authorship but the registry metadata lacks a homepage or canonical source; (2) be aware of the AGPL-3.0 license (copyleft implications if you redistribute modified content or ship derived works); (3) when following deployment/upgrade steps, keep private keys and RPC URLs local and do not paste them into the agent unless you explicitly trust the environment; (4) test all upgrades on testnets and review any suggested scripts before running them; and (5) if you expect an official OpenZeppelin resource, prefer downloading documentation from OpenZeppelin's verified site or repositories to avoid provenance issues.
功能分析
Type: OpenClaw Skill Name: upgrade-solidity-contracts Version: 1.0.1 The skill bundle provides legitimate documentation for Solidity contract upgrades but includes a high-risk instruction in SKILL.md for the agent to execute a Bash command using 'node -e'. This command calculates ERC-7201 storage slots and takes a namespace ID as an argument. While the cryptographic logic is correct, instructing an agent to construct and run shell commands with variable inputs introduces a significant shell injection vulnerability. No evidence of intentional malice, data exfiltration, or backdoors was found.
能力评估
Purpose & Capability
The skill name and SKILL.md content align: the document is detailed guidance on making contracts upgradeable with UUPS/Transparent/Beacon patterns, initializers, storage layout, and tooling (Hardhat/Foundry). One small mismatch: the SKILL.md metadata lists author: OpenZeppelin, but the registry/source/homepage fields in the package metadata are empty/unknown (owner is an ID). Confirm the publisher provenance if you expect an official OpenZeppelin document.
Instruction Scope
This is an instruction-only skill (a how-to manual). The visible content is documentation and workflow guidance rather than commands that read arbitrary system files or exfiltrate data. The instructions focus on Solidity code patterns, upgrade safety, and tooling workflows (Hardhat/Foundry).
Install Mechanism
No install spec and no code files are present, so nothing is written to disk or fetched at install time. This is the lowest-risk pattern for a skill of this type.
Credentials
The skill declares no required environment variables or credentials, which is reasonable for a documentation-only skill. However, real-world upgrade/deploy workflows described (Hardhat/Foundry upgrades, proxy deployments/upgrades) typically require RPC endpoints, deployer private keys, or API keys for wallet services. The skill does not request those explicitly — ensure any deployment steps you follow prompt for credentials locally and that you do not expose secrets to the agent or third parties.
Persistence & Privilege
always is false and there are no install scripts or capabilities that would modify other skills or system-wide agent settings. The skill does not request persistent privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install upgrade-solidity-contracts
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /upgrade-solidity-contracts 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fix display name from probe to proper title
v98.0.0
probe
v1.0.0
Initial release — OpenZeppelin upgrade patterns for AI agents
元数据
Slug upgrade-solidity-contracts
版本 1.0.1
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 3
常见问题

Upgrade Solidity Contracts 是什么?

Upgrade Solidity smart contracts using OpenZeppelin proxy patterns. Use when users need to: (1) make contracts upgradeable with UUPS, Transparent, or Beacon... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 266 次。

如何安装 Upgrade Solidity Contracts?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install upgrade-solidity-contracts」即可一键安装,无需额外配置。

Upgrade Solidity Contracts 是免费的吗?

是的,Upgrade Solidity Contracts 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Upgrade Solidity Contracts 支持哪些平台?

Upgrade Solidity Contracts 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Upgrade Solidity Contracts?

由 samledger67-dotcom(@samledger67-dotcom)开发并维护,当前版本 v1.0.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论