{
  "schemaVersion": "1.0",
  "item": {
    "slug": "solidity",
    "name": "Solidity",
    "source": "tencent",
    "type": "skill",
    "category": "安全合规",
    "sourceUrl": "https://clawhub.ai/ivangdavila/solidity",
    "canonicalUrl": "https://clawhub.ai/ivangdavila/solidity",
    "targetPlatform": "OpenClaw"
  },
  "install": {
    "downloadMode": "redirect",
    "downloadUrl": "/downloads/solidity",
    "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=solidity",
    "sourcePlatform": "tencent",
    "targetPlatform": "OpenClaw",
    "installMethod": "Manual import",
    "extraction": "Extract archive",
    "prerequisites": [
      "OpenClaw"
    ],
    "packageFormat": "ZIP package",
    "includedAssets": [
      "SKILL.md"
    ],
    "primaryDoc": "SKILL.md",
    "quickSetup": [
      "Download the package from Yavira.",
      "Extract the archive and review SKILL.md first.",
      "Import or place the package into your OpenClaw setup."
    ],
    "agentAssist": {
      "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.",
      "steps": [
        "Download the package from Yavira.",
        "Extract it into a folder your agent can access.",
        "Paste one of the prompts below and point your agent at the extracted folder."
      ],
      "prompts": [
        {
          "label": "New install",
          "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete."
        },
        {
          "label": "Upgrade existing",
          "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run."
        }
      ]
    },
    "sourceHealth": {
      "source": "tencent",
      "slug": "solidity",
      "status": "healthy",
      "reason": "direct_download_ok",
      "recommendedAction": "download",
      "checkedAt": "2026-04-29T17:09:13.696Z",
      "expiresAt": "2026-05-06T17:09:13.696Z",
      "httpStatus": 200,
      "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=solidity",
      "contentType": "application/zip",
      "probeMethod": "head",
      "details": {
        "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=solidity",
        "contentDisposition": "attachment; filename=\"solidity-1.0.0.zip\"",
        "redirectLocation": null,
        "bodySnippet": null,
        "slug": "solidity"
      },
      "scope": "item",
      "summary": "Item download looks usable.",
      "detail": "Yavira can redirect you to the upstream package for this item.",
      "primaryActionLabel": "Download for OpenClaw",
      "primaryActionHref": "/downloads/solidity"
    },
    "validation": {
      "installChecklist": [
        "Use the Yavira download entry.",
        "Review SKILL.md after the package is downloaded.",
        "Confirm the extracted package contains the expected setup assets."
      ],
      "postInstallChecks": [
        "Confirm the extracted package includes the expected docs or setup files.",
        "Validate the skill or prompts are available in your target agent workspace.",
        "Capture any manual follow-up steps the agent could not complete."
      ]
    },
    "downloadPageUrl": "https://openagent3.xyz/downloads/solidity",
    "agentPageUrl": "https://openagent3.xyz/skills/solidity/agent",
    "manifestUrl": "https://openagent3.xyz/skills/solidity/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/solidity/agent.md"
  },
  "agentAssist": {
    "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.",
    "steps": [
      "Download the package from Yavira.",
      "Extract it into a folder your agent can access.",
      "Paste one of the prompts below and point your agent at the extracted folder."
    ],
    "prompts": [
      {
        "label": "New install",
        "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete."
      },
      {
        "label": "Upgrade existing",
        "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run."
      }
    ]
  },
  "documentation": {
    "source": "clawhub",
    "primaryDoc": "SKILL.md",
    "sections": [
      {
        "title": "Reentrancy",
        "body": "External calls before state updates — attacker can re-enter before state changes\nChecks-Effects-Interactions pattern — validate, update state, THEN external call\nReentrancyGuard from OpenZeppelin — use nonReentrant modifier on vulnerable functions\ntransfer() and send() have 2300 gas limit — but don't rely on this for security"
      },
      {
        "title": "Integer Handling",
        "body": "Solidity 0.8+ reverts on overflow — but unchecked {} blocks bypass this\nDivision truncates toward zero — 5 / 2 = 2, no decimals\nUse fixed-point math for precision — multiply before divide, or use libraries\ntype(uint256).max for max value — don't hardcode large numbers"
      },
      {
        "title": "Gas Gotchas",
        "body": "Unbounded loops can exceed block gas limit — paginate or limit iterations\nStorage writes cost 20k gas — memory/calldata much cheaper\ndelete refunds gas but has limits — refund capped, don't rely on it\nReading storage in loop — cache in memory variable first"
      },
      {
        "title": "Visibility and Access",
        "body": "State variables default to internal — not private, derived contracts see them\nprivate doesn't mean hidden — all blockchain data is public, just not accessible from other contracts\ntx.origin is original sender — use msg.sender, tx.origin enables phishing attacks\nexternal can't be called internally — use public or this.func() (wastes gas)"
      },
      {
        "title": "Ether Handling",
        "body": "payable required to receive ether — non-payable functions reject ether\nselfdestruct sends ether bypassing fallback — contract can receive ether without receive function\nCheck return value of send() — returns false on failure, doesn't revert\ncall{value: x}(\"\") preferred over transfer() — forward all gas, check return value"
      },
      {
        "title": "Storage vs Memory",
        "body": "storage persists, memory is temporary — storage costs gas, memory doesn't persist\nStructs/arrays parameter default to memory — explicit storage to modify state\ncalldata for external function inputs — read-only, cheaper than memory\nStorage layout matters for upgrades — never reorder or remove storage variables"
      },
      {
        "title": "Upgradeable Contracts",
        "body": "Constructors don't run in proxies — use initialize() with initializer modifier\nStorage collision between proxy and impl — use EIP-1967 storage slots\nNever selfdestruct implementation — breaks all proxies pointing to it\ndelegatecall uses caller's storage — impl contract storage layout must match proxy"
      },
      {
        "title": "Common Mistakes",
        "body": "Block timestamp can be manipulated slightly — don't use for randomness or precise timing\nrequire for user errors, assert for invariants — assert failures indicate bugs\nString comparison with == doesn't work — use keccak256(abi.encodePacked(a)) == keccak256(abi.encodePacked(b))\nEvents not indexed — first 3 params can be indexed for efficient filtering"
      }
    ],
    "body": "Reentrancy\nExternal calls before state updates — attacker can re-enter before state changes\nChecks-Effects-Interactions pattern — validate, update state, THEN external call\nReentrancyGuard from OpenZeppelin — use nonReentrant modifier on vulnerable functions\ntransfer() and send() have 2300 gas limit — but don't rely on this for security\nInteger Handling\nSolidity 0.8+ reverts on overflow — but unchecked {} blocks bypass this\nDivision truncates toward zero — 5 / 2 = 2, no decimals\nUse fixed-point math for precision — multiply before divide, or use libraries\ntype(uint256).max for max value — don't hardcode large numbers\nGas Gotchas\nUnbounded loops can exceed block gas limit — paginate or limit iterations\nStorage writes cost 20k gas — memory/calldata much cheaper\ndelete refunds gas but has limits — refund capped, don't rely on it\nReading storage in loop — cache in memory variable first\nVisibility and Access\nState variables default to internal — not private, derived contracts see them\nprivate doesn't mean hidden — all blockchain data is public, just not accessible from other contracts\ntx.origin is original sender — use msg.sender, tx.origin enables phishing attacks\nexternal can't be called internally — use public or this.func() (wastes gas)\nEther Handling\npayable required to receive ether — non-payable functions reject ether\nselfdestruct sends ether bypassing fallback — contract can receive ether without receive function\nCheck return value of send() — returns false on failure, doesn't revert\ncall{value: x}(\"\") preferred over transfer() — forward all gas, check return value\nStorage vs Memory\nstorage persists, memory is temporary — storage costs gas, memory doesn't persist\nStructs/arrays parameter default to memory — explicit storage to modify state\ncalldata for external function inputs — read-only, cheaper than memory\nStorage layout matters for upgrades — never reorder or remove storage variables\nUpgradeable Contracts\nConstructors don't run in proxies — use initialize() with initializer modifier\nStorage collision between proxy and impl — use EIP-1967 storage slots\nNever selfdestruct implementation — breaks all proxies pointing to it\ndelegatecall uses caller's storage — impl contract storage layout must match proxy\nCommon Mistakes\nBlock timestamp can be manipulated slightly — don't use for randomness or precise timing\nrequire for user errors, assert for invariants — assert failures indicate bugs\nString comparison with == doesn't work — use keccak256(abi.encodePacked(a)) == keccak256(abi.encodePacked(b))\nEvents not indexed — first 3 params can be indexed for efficient filtering"
  },
  "trust": {
    "sourceLabel": "tencent",
    "provenanceUrl": "https://clawhub.ai/ivangdavila/solidity",
    "publisherUrl": "https://clawhub.ai/ivangdavila/solidity",
    "owner": "ivangdavila",
    "version": "1.0.0",
    "license": null,
    "verificationStatus": "Indexed source record"
  },
  "links": {
    "detailUrl": "https://openagent3.xyz/skills/solidity",
    "downloadUrl": "https://openagent3.xyz/downloads/solidity",
    "agentUrl": "https://openagent3.xyz/skills/solidity/agent",
    "manifestUrl": "https://openagent3.xyz/skills/solidity/agent.json",
    "briefUrl": "https://openagent3.xyz/skills/solidity/agent.md"
  }
}