@dilukangelo/web3-ai-skills 1.0.0

package/template/.agent/workflows/audit.md

@@ -0,0 +1,126 @@
+---
+description: Run security audit on smart contracts. Automated tools + manual review checklist.
+---
+
+# /audit - Smart Contract Security Audit
+
+$ARGUMENTS
+
+---
+
+## Purpose
+
+Run a comprehensive security audit on smart contracts using automated tools and manual review.
+
+---
+
+## Sub-commands
+
+```
+/audit                 - Full audit (automated + manual)
+/audit quick           - Slither + Aderyn only
+/audit full            - All tools + manual review
+/audit report          - Generate audit report from findings
+```
+
+---
+
+## Audit Workflow
+
+```
+┌─────────────────┐
+│  /audit         │
+└────────┬────────┘
+         │
+         ▼
+┌─────────────────┐
+│  1. Scope       │  Identify contracts, LOC, dependencies
+└────────┬────────┘
+         │
+         ▼
+┌─────────────────┐
+│  2. Automated   │  Slither → Mythril → Aderyn
+└────────┬────────┘
+         │
+         ▼
+┌─────────────────┐
+│  3. Manual      │  Line-by-line, attack vectors
+└────────┬────────┘
+         │
+         ▼
+┌─────────────────┐
+│  4. Fuzzing     │  Foundry fuzz + Echidna
+└────────┬────────┘
+         │
+         ▼
+┌─────────────────┐
+│  5. Report      │  Findings + recommendations
+└────────┬────────┘
+         │
+         ▼
+┌─────────────────┐
+│  ✅ Complete    │
+└─────────────────┘
+```
+
+---
+
+## Tool Commands
+
+```bash
+# Static Analysis
+slither . --detect all --exclude-low
+aderyn .
+
+# Symbolic Execution
+myth analyze contracts/Target.sol --solv 0.8.24
+
+# Fuzz Testing
+forge test --fuzz-runs 10000
+
+# Gas Report
+forge test --gas-report
+```
+
+---
+
+## Manual Review Checklist
+
+### Critical Checks
+- [ ] Reentrancy (CEI pattern enforced?)
+- [ ] Access control (all admin functions protected?)
+- [ ] Flash loan attack vectors
+- [ ] Oracle manipulation risks
+- [ ] Integer overflow in `unchecked` blocks
+
+### High Priority
+- [ ] Front-running vulnerabilities
+- [ ] Signature replay attacks
+- [ ] Delegate call safety
+- [ ] Proxy storage layout
+
+### Medium Priority
+- [ ] Centralization risks (single admin key?)
+- [ ] Precision loss in calculations
+- [ ] DoS vectors (unbounded loops?)
+- [ ] Event emission completeness
+
+---
+
+## Output: Audit Report
+
+```markdown
+# Security Audit Report
+
+## Summary
+| Severity | Count |
+|----------|-------|
+| Critical | 0     |
+| High     | 1     |
+| Medium   | 2     |
+| Low      | 3     |
+| Info     | 5     |
+
+## Findings
+[Detailed findings with severity, description, impact, PoC, and recommendations]
+```

package/template/.agent/workflows/create-contract.md

@@ -0,0 +1,134 @@
+---
+description: Scaffold a new smart contract project with Foundry or Hardhat.
+---
+
+# /create-contract - Scaffold Smart Contract Project
+
+$ARGUMENTS
+
+---
+
+## Purpose
+
+Scaffold a new smart contract project with testing framework, deployment scripts, and CI configuration.
+
+---
+
+## Sub-commands
+
+```
+/create-contract             - Interactive wizard
+/create-contract foundry      - Foundry project
+/create-contract hardhat      - Hardhat project
+```
+
+---
+
+## Scaffold Wizard
+
+### Step 1: Framework
+```
+Which framework?
+1. Foundry — recommended (fast, Solidity tests)
+2. Hardhat — mature (TypeScript tests, plugins)
+```
+
+### Step 2: Contract Type
+```
+What type of contract?
+1. ERC-20 Token
+2. ERC-721 NFT
+3. ERC-1155 Multi-Token
+4. ERC-4626 Vault
+5. Governor (Governance)
+6. Custom
+```
+
+### Step 3: Features
+```
+Include? (multi-select)
+1. Upgradeable (UUPS)
+2. Access Control (Ownable / Roles)
+3. Pausable
+4. Permit (Gasless approvals)
+5. Royalties (ERC-2981)
+```
+
+---
+
+## Generated Structure (Foundry)
+
+```
+my-contracts/
+├── src/
+│   ├── MyToken.sol
+│   ├── interfaces/
+│   │   └── IMyToken.sol
+│   └── libraries/
+│       └── MathLib.sol
+├── test/
+│   ├── MyToken.t.sol
+│   └── invariants/
+│       └── MyToken.invariant.sol
+├── script/
+│   └── Deploy.s.sol
+├── foundry.toml
+├── remappings.txt
+├── .env.example
+└── .github/
+    └── workflows/
+        └── ci.yml
+```
+
+---
+
+## Generated foundry.toml
+
+```toml
+[profile.default]
+src = "src"
+out = "out"
+libs = ["lib"]
+solc = "0.8.24"
+optimizer = true
+optimizer_runs = 200
+via_ir = false
+
+[profile.default.fuzz]
+runs = 1000
+max_test_rejects = 65536
+
+[profile.default.invariant]
+runs = 256
+depth = 15
+
+[fmt]
+bracket_spacing = true
+int_types = "long"
+line_length = 120
+multiline_func_header = "attributes_first"
+number_underscore = "thousands"
+quote_style = "double"
+tab_width = 4
+```
+
+---
+
+## Post-Scaffold
+
+```markdown
+## ✅ Contract Project Created!
+
+### Quick Start
+1. `cp .env.example .env`
+2. Add deployer private key and RPC URLs
+3. `forge build` — compile
+4. `forge test` — run tests
+5. `forge script script/Deploy.s.sol --rpc-url $RPC_URL --broadcast` — deploy
+
+### Next Steps
+- [ ] Write contract logic
+- [ ] Add comprehensive tests (unit + fuzz + invariant)
+- [ ] Run `/audit` before deploying
+- [ ] Deploy to testnet first
+```

package/template/.agent/workflows/create-dapp.md

@@ -0,0 +1,109 @@
+---
+description: Scaffold a new DApp with wallet integration, contract hooks, and multi-chain support.
+---
+
+# /create-dapp - Scaffold New DApp
+
+$ARGUMENTS
+
+---
+
+## Purpose
+
+Scaffold a complete DApp frontend with wallet connection, contract interaction, and multi-chain configuration.
+
+---
+
+## Sub-commands
+
+```
+/create-dapp               - Interactive DApp wizard
+/create-dapp next           - Next.js + RainbowKit
+/create-dapp vite           - Vite + RainbowKit
+```
+
+---
+
+## Scaffold Wizard
+
+### Step 1: Framework
+```
+Which framework?
+1. Next.js 15 (App Router) — recommended
+2. Vite + React
+```
+
+### Step 2: Wallet Kit
+```
+Which wallet integration?
+1. RainbowKit — recommended (beautiful, customizable)
+2. ConnectKit — minimal
+3. Privy — embedded wallets + social login
+4. Dynamic — enterprise
+```
+
+### Step 3: Chains
+```
+Which chains? (multi-select)
+1. Ethereum
+2. Polygon
+3. Arbitrum
+4. Base
+5. Optimism
+6. Monad
+7. Custom chain
+```
+
+### Step 4: Features
+```
+Include? (multi-select)
+1. SIWE (Sign-In with Ethereum)
+2. Contract interaction hooks
+3. ENS resolution
+4. Token gating
+5. Dark mode
+```
+
+---
+
+## Generated Structure
+
+```
+my-dapp/
+├── app/
+│   ├── layout.tsx         # Root + Providers
+│   ├── page.tsx           # Landing
+│   └── providers.tsx      # Wagmi + Rainbow + Query
+├── components/
+│   ├── ConnectButton.tsx
+│   └── TransactionButton.tsx
+├── hooks/
+│   └── useContract.ts
+├── lib/
+│   ├── wagmi.ts           # Config
+│   ├── chains.ts          # Chain definitions
+│   └── contracts.ts       # ABIs + addresses
+├── .env.example
+├── package.json
+└── next.config.ts
+```
+
+---
+
+## Post-Scaffold
+
+```markdown
+## ✅ DApp Scaffolded!
+
+### Quick Start
+1. `cp .env.example .env.local`
+2. Add your WalletConnect Project ID
+3. Add your RPC URLs
+4. `npm run dev`
+
+### Next Steps
+- [ ] Add contract ABIs to `lib/contracts.ts`
+- [ ] Create contract interaction pages
+- [ ] Deploy smart contracts
+- [ ] Connect frontend to deployed contracts
+```

package/template/.agent/workflows/deploy-contract.md

@@ -0,0 +1,120 @@
+---
+description: Deploy and verify smart contracts on EVM chains using Foundry or Hardhat.
+---
+
+# /deploy-contract - Smart Contract Deployment
+
+$ARGUMENTS
+
+---
+
+## Purpose
+
+Deploy and verify smart contracts on EVM-compatible chains with pre-flight security checks.
+
+---
+
+## Sub-commands
+
+```
+/deploy-contract              - Interactive deployment wizard
+/deploy-contract testnet      - Deploy to testnet
+/deploy-contract mainnet      - Deploy to mainnet
+/deploy-contract verify       - Verify already-deployed contract
+```
+
+---
+
+## Pre-Deployment Checklist
+
+```markdown
+## 🚀 Smart Contract Pre-Deploy Checklist
+
+### Security
+- [ ] All tests passing (`forge test` or `npx hardhat test`)
+- [ ] No Slither critical/high findings
+- [ ] Access control verified on all admin functions
+- [ ] Reentrancy guards in place
+- [ ] Custom errors used (not require strings)
+
+### Gas Optimization
+- [ ] Storage variables packed
+- [ ] `calldata` used for read-only params
+- [ ] No unbounded loops
+
+### Configuration
+- [ ] Constructor args correct for target chain
+- [ ] RPC URL and deployer key set in `.env`
+- [ ] Etherscan/Blockscout API key for verification
+- [ ] Chain ID matches target network
+
+### Ready to deploy? (y/n)
+```
+
+---
+
+## Deployment Flow
+
+### Foundry
+```bash
+# Deploy
+forge script script/Deploy.s.sol \
+  --rpc-url $RPC_URL \
+  --broadcast \
+  --verify \
+  --etherscan-api-key $ETHERSCAN_KEY \
+  -vvvv
+
+# Verify separately
+forge verify-contract <ADDRESS> MyContract \
+  --chain <CHAIN_ID> \
+  --etherscan-api-key $ETHERSCAN_KEY
+```
+
+### Hardhat
+```bash
+# Deploy
+npx hardhat run scripts/deploy.ts --network mainnet
+
+# Verify
+npx hardhat verify --network mainnet <ADDRESS> <CONSTRUCTOR_ARGS>
+```
+
+---
+
+## Post-Deployment
+
+```markdown
+## ✅ Deployment Complete
+
+### Summary
+- **Contract:** MyToken
+- **Address:** 0x...
+- **Chain:** Base (8453)
+- **Tx Hash:** 0x...
+- **Block:** 12345678
+- **Gas Used:** 1,234,567
+
+### Verification
+- ✅ Verified on BaseScan
+- 🔗 https://basescan.org/address/0x...
+
+### Next Steps
+- [ ] Transfer ownership to multisig
+- [ ] Set up monitoring (Tenderly/OpenZeppelin Defender)
+- [ ] Update frontend contract addresses
+- [ ] Create subgraph for indexing
+```
+
+---
+
+## Supported Chains
+
+| Chain | RPC | Explorer |
+|-------|-----|----------|
+| Ethereum | `ETH_RPC_URL` | etherscan.io |
+| Polygon | `POLYGON_RPC_URL` | polygonscan.com |
+| Arbitrum | `ARBITRUM_RPC_URL` | arbiscan.io |
+| Base | `BASE_RPC_URL` | basescan.org |
+| Optimism | `OP_RPC_URL` | optimistic.etherscan.io |
+| Monad | `MONAD_RPC_URL` | monadexplorer.com |