solidity-guardian
Smart contract security analysis skill. Detect vulnerabilities, suggest fixes, generate audit reports. Supports Hardhat/Foundry projects. Uses pattern matching + best practices from Trail of Bits, OpenZeppelin, and Consensys.
Why use this skill?
Automated security analysis for Solidity smart contracts. Detect reentrancy, access control issues, and best practice violations in Hardhat and Foundry.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/aviclaw/solidity-guardianWhat This Skill Does
The Solidity Guardian is a comprehensive smart contract security analysis tool designed for the OpenClaw AI agent. It acts as an automated security auditor that scans Solidity source code for vulnerabilities ranging from critical reentrancy exploits to standard best-practice deficiencies. By integrating pattern matching derived from industry-standard resources like Trail of Bits, OpenZeppelin, and Consensys, it ensures that your smart contracts remain robust against common attack vectors. The skill supports both Hardhat and Foundry development environments, making it a versatile addition to any Web3 developer's workflow.
Installation
To add this skill to your OpenClaw agent, use the following installation command in your terminal:
clawhub install openclaw/skills/skills/aviclaw/solidity-guardian
Ensure that your project environment is correctly configured to allow the agent access to your contracts directory. Once installed, you can trigger scans directly through the agent interface or via your CLI.
Use Cases
- Pre-deployment Audits: Perform a quick security check before migrating contracts to a testnet or mainnet.
- CI/CD Integration: Automatically analyze codebase changes in pull requests to catch vulnerabilities introduced during active development.
- Educational Benchmarking: Learn about common security pitfalls by reviewing the detailed findings and fix suggestions provided by the agent.
- Legacy Code Review: Scan older smart contract repositories to identify deprecated patterns or insecure coding practices.
Example Prompts
- "Solidity Guardian, please scan the contracts/Vault.sol file and generate a markdown report of all findings."
- "Run a security audit on the entire ./contracts directory and highlight any critical vulnerabilities that require immediate attention."
- "Analyze my project and suggest fixes for any missing access control or reentrancy risks found in the current implementation."
Tips & Limitations
- Pattern Matching: While the tool is highly effective at catching 40+ known vulnerabilities, it relies on static analysis. It is not a replacement for a manual professional audit by an expert security firm.
- Optimization: For very large projects, consider analyzing individual files or sub-directories to manage the agent's memory usage.
- Contextual Awareness: The tool works best when provided with a clean build environment. Ensure your project compiles successfully before initiating an analysis to ensure the parser has access to all necessary import dependencies.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-aviclaw-solidity-guardian": {
"enabled": true,
"auto_update": true
}
}
}Tags
Flags: file-read, code-execution
Related Skills
opena2a-security
Security hardening for OpenClaw. Audit your configuration, scan installed skills for malware, detect CVE-2026-25253, check credential exposure, and get actionable fix recommendations. Runs locally with no external API calls.
doctorbot-ci-validator
Stop failing in production. Validate your GitHub Actions, GitLab CI & Keep workflows offline with surgical precision. Born from Keep bounty research, perfected for agents.
openclaw-security-monitor
Proactive security monitoring, threat scanning, and auto-remediation for OpenClaw deployments
MetaMask Agent Wallet
Control a sandboxed MetaMask browser extension wallet for autonomous blockchain transactions. Features configurable permission guardrails including spend limits, chain allowlists, protocol restrictions, and approval thresholds. MetaMask-only (other wallets not supported).
WalletPilot
Universal browser wallet automation for AI agents. Supports 10 wallets including MetaMask, Rabby, Phantom, Trust Wallet, OKX, Coinbase, and more. EVM + Solana. Configurable guardrails with spend limits, chain allowlists, and approval thresholds.