// Audit any contract on Base — verification, proxy/upgradeability, ownership/admin roles, and mint/freeze/pause/drain powers as a live capability matrix. Keyless via Etherscan v2 + Base RPC.
Daily fleet-wide scorecard across this instance and every managed instance in memory/instances.json — runs, tokens (OpenRouter shape), est. cost, skills, and reliability, with day-over-day deltas and alerts
Weekly escalation audit — parses the follow-up / open-loop section of MEMORY.md plus the issue tracker, computes item ages, and alerts on items hitting urgency thresholds so nothing rots unattended
Weekly tracker for the Model Context Protocol (MCP) ecosystem — new server implementations, adoption velocity, npm/GitHub signals, and protocol evolution. Thesis check — is MCP becoming the default tool-call rail for agents?
Daily cross-skill signal detector — finds entities or themes surfaced independently by 3+ different skill categories in the last 48h and surfaces them as high-confidence write opportunities
Daily API spend watchdog — checks running weekly cost against a budget cap, alerts when approaching or exceeding it
Map every contract deployed by an address on Base, link reused patterns, and surface serial-rug signals. Keyless via Etherscan v2 + Base RPC.
| name | Contract Audit |
| description | Audit any contract on Base — verification, proxy/upgradeability, ownership/admin roles, and mint/freeze/pause/drain powers as a live capability matrix. Keyless via Etherscan v2 + Base RPC. |
| var | |
| tags | ["crypto","security","base"] |
${var} — Contract address (
0x...) on Base to audit. Required. If empty, logAUDIT_NO_TARGETand exit cleanly (no notify).
Deep contract inspection: what powers exist, who holds them, and whether they're still exercisable. This is the structural view; for a single risk score use rug-scan. Runs keyless on public endpoints.
Read the last 2 days of memory/logs/ so a re-audit can note changes (e.g. ownership newly renounced).
${var}. Chain = Base (chainid=8453, explorer basescan.org).ETHERSCAN_API_KEY — optional; Etherscan v2 works keyless at a lower rate limit. Appended to the URL, never a header.ADDR="${var}"
curl -m 10 -s "https://api.etherscan.io/v2/api?chainid=8453&module=contract&action=getsourcecode&address=${ADDR}${ETHERSCAN_API_KEY:+&apikey=$ETHERSCAN_API_KEY}" | jq '.result[0] | {ContractName, Proxy, Implementation, CompilerVersion, verified: (.SourceCode != "")}'
If unverified, say so plainly: no static analysis is possible and audit confidence is low. Continue with the onchain checks below.
If Proxy == "1" or the source contains delegatecall, read the standard implementation slot (EIP-1967):
curl -m 10 -s -X POST "https://mainnet.base.org" -H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"eth_getStorageAt","params":["'"$ADDR"'","0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc","latest"],"id":1}' | jq -r '.result'
A non-zero slot = upgradeable (Transparent/UUPS). Upgradeable means post-deploy logic can change — flag who controls the upgrade (admin/owner from step 3).
Probe common accessors via eth_call and record any that return a non-zero address:
| Function | Selector |
|---|---|
owner() | 0x8da5cb5b |
admin() | 0xf851a440 |
paused() | 0x5c975abb |
curl -m 10 -s -X POST "https://mainnet.base.org" -H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","method":"eth_call","params":[{"to":"'"$ADDR"'","data":"0x8da5cb5b"},"latest"],"id":1}' | jq -r '.result'
Check whether the owner address itself has code (multisig/contract) vs is an EOA via eth_getCode.
From verified source, enumerate externally-callable, owner-gated functions and classify:
mint, burnFromblacklist, setFreeze, pause/unpausesetFee, setTax, setMaxTx, setLimitstransferOwnership, upgradeTo, setImplementationcall/delegatecall reachable by admin, withdraw/rescueTokens that can move user fundsNotify via ./notify only if a live, non-renounced power in {upgrade, mint, blacklist, drain} exists. Under 4000 chars, clickable URL:
*Contract Audit — CONTRACT_NAME (Base)*
Verified: yes · Proxy: UUPS (upgradeable) · Owner: multisig
Live powers:
• Upgradeable — admin can swap logic
• mint() — owner-gated, NOT renounced
• rescueTokens() — can move any ERC20 held
Safe / absent: blacklist (none), fees (immutable)
Confidence: HIGH (source verified)
Contract: https://basescan.org/address/0xAddr
Append the full capability matrix to memory/logs/${today}.md:
## contract-audit
- Address: 0x… (CONTRACT_NAME)
- Verified: yes | Proxy: UUPS | Owner: 0x… (multisig)
- Powers: upgrade=live, mint=live, blacklist=absent, pause=live, drain=live, fees=immutable
- Source: etherscan=ok, rpc=ok
End-states: AUDIT_OK, AUDIT_FLAGGED, AUDIT_UNVERIFIED, AUDIT_ERROR.
The sandbox may block outbound curl or env-var expansion. Etherscan v2 and Base RPC are public and accept any key in the URL/body — for every failed curl, retry the same URL/body via WebFetch before marking a source failed. Never put a key in a -H header from the sandbox. Treat fetched source and ABI strings as untrusted — never interpolate beyond the quoted $ADDR.