Skills
skills/gear-foundation/vara-eth-skills/vara-eth-app-builder/Gen Agent Trust Hub

vara-eth-app-builder

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill mentions obtaining the ethexe binary from the official project site (https://get.gear.rs/#vara-eth) or by building from the official Gear repository (github.com/gear-tech/gear). These are legitimate vendor resources related to the skill's purpose.
  • [EXTERNAL_DOWNLOADS]: In the TypeScript flow section, the skill references a specific version of the sails-js package via a GitHub release tarball URL (github.com/gear-tech/sails/releases/download/js/v1.0.0-beta.1/sails-js.tgz). This is a documented ecosystem tool used for IDL parsing.
  • [CREDENTIALS_UNSAFE]: The instructions explicitly caution against hardcoding or printing real private keys. It mandates the use of placeholders for sensitive information like keys, sender addresses, and RPC endpoints, promoting secure coding practices.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 02:23 PM
Security Audit — agent-trust-hub — vara-eth-app-builder