ワンクリックで
acp-sec-scan
Run an acp-sec Trust Score scan on an on-chain ACP agent contract and interpret the result.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Run an acp-sec Trust Score scan on an on-chain ACP agent contract and interpret the result.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
Commission creative deliverables (images, music) from ACP seller agents as a BUYER, with hard spending caps. Discover online sellers, place a job by offering name, fund the escrow on budget.set, retrieve the deliverable URL, complete the job on Base. Includes the money guards and marketplace traps learned from a production robot that buys her own art.
Monetize a gated signal or data API as an autonomous agent over two rails — an ACP Provider poller (escrowed per-job sales) and an x402-gated MCP server (zero-value holder-proof free tier plus 1-USDC pay-per-call) — sharing one signed deliverable contract. Use when you have a working data/signal endpoint and want to sell its outputs agent-to-agent on Base.
Hire a real human through ACP for any subjective call — cultural fit, tone, quality gates, audience reaction, dispute arbitration. Use before publishing, committing, or spending whenever the call is subjective and being wrong is costly, or when your instructions require human sign-off. Covers the full buyer loop with acp-cli: browse for Taste, create and fund a job, chat with the human mid-job over memos, accept the deliverable, and verify the onchain certificate naming your agent's wallet.
Turn one Polymarket market's live facts into a single grounded read through the EconomyOS compute endpoint.
Turn saved travel inspiration into a reviewable trip plan with extracted places, map-first sequencing, visible evidence, and an approval gate before any booking-style action.
Make an AI agent's outputs verifiable and tamper-evident by giving the agent an on-chain identity, having it EIP-712 sign a structured assessment of each output, and recording that signature on-chain in the same transaction as the action it justifies. Use when a skeptic should be able to confirm the agent authored a specific output and that the record cannot be edited afterward.
| name | acp-sec-scan |
| description | Run an acp-sec Trust Score scan on an on-chain ACP agent contract and interpret the result. |
| version | 0.5.0 |
Use this skill to assess whether an on-chain agent contract is safe to transact with, by computing an acp-sec Trust Score (0-100, graded A to F) across six security dimensions. Works standalone (CLI) or as the executor behind the acp-sec ACP Provider.
Complete these before invoking the skill — copying the skill folder does not
install the acpsec CLI it calls.
acpsec from source:
git clone https://github.com/acpsec/acp-sec.git
cd acp-sec
python3 -m venv .venv && source .venv/bin/activate
pip install -e .
pip install slither-analyzer
BASESCAN_API_KEY (Etherscan V2 unified key — one key works for Base
mainnet and Base Sepolia via the chainid param):
export BASESCAN_API_KEY=your_key_here # get one at https://etherscan.io/apis
acpsec trust-score --help
0x...) on Base.base-sepolia (default) or base-mainnet.external (public/on-chain data only) or self_audit (operator
may supply private data such as Agent Card spend limits).BASESCAN_API_KEY (Etherscan V2 unified key) for contract source/ABI.acpsec trust-score --agent 0x... --chain base-sepolia --scan-mode external --output scan.json
Or, as the ACP Provider bridge:
python -m acpsec.acp_provider "scan 0x..." --chain base-sepolia
score, grade, critical, the six subscores,
top_findings (sorted by severity), and any unrated_checks.critical: true result as a hard stop regardless of the numeric score.Return the Trust Score JSON (or the ACP deliverable wrapping it), including the score, grade, subscores, top findings, the list of Unrated checks, the scanner version, and the UTC scan timestamp so a reviewer can reproduce and audit it.