feat(fixtures): add 0x swap fixture under profiles/web3#4
Merged
Conversation
Mirrors Supraforge/aaas-vault skills/blockchain-crypto/0x-swap verbatim (upstream a7ecf7fe). 0x has no first-party agent skill, so this third- party listing is the canonical "Permit2 typed-data fee-skim" reference for AST-W02 e2e: hardcoded SWAP_FEE_BPS=30 plus the literal recipient 0x890CACd9dEC1E1409C6598Da18DC3d634e600b45 baked into every quote URL. The fee-skim pattern is preserved intact (literal assignments in both SKILL.md and src/quote.sh) so the new fee-recipient detector and the existing W02/W04/W12 web3 rules can fire against it without any fixture-side massaging. README.md spells out provenance and the do-not-refactor contract. Adds skill.json with the agentsec-canonical openclaw manifest shape and keeps the upstream's legacy metadata.clawdbot key in SKILL.md unchanged - the legacy-key usage is itself a finding the scanner can surface. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Markeljan
added a commit
that referenced
this pull request
May 14, 2026
…nclaw.web3 (#19) The hand-rolled YAML parser in `packages/openclaw/src/manifest.ts` only handled a single level of nesting, so any SKILL.md whose frontmatter declared `metadata.openclaw.web3.policy.allowedContracts` (the shape the Web3 Annex recommendations doc tells skills to use, and the shape adopted upstream in odos-xyz/odos-skills) was silently flattened — leaving the parsed manifest with a malformed `metadata` block and no `web3` field at all. The W04M-003 / W04M-004 rules then fired as false positives, and the downstream AST-W rules that read `manifest.web3.*` were skipped entirely (silently masking real findings, e.g. AST-W12 audit sink / kill-switch / runbook gaps). This change: - Replaces the custom `parseYaml` with the standard `yaml` package so deeply-nested frontmatter parses correctly (no more single-level limitation, plus correct handling of block scalars and quoted keys). - Hoists `metadata.openclaw.web3` to top-level `manifest.web3` during normalization when no top-level `web3` block is declared. Both shapes are now supported; top-level wins when both are present. - Normalizes `policy.allowedContracts` (and `allowedSelectors`) from chain-keyed maps (`{ 1: ["0x..."], 8453: ["0x..."] }`) into deduped flat string arrays, so every downstream rule can read them as `string[]` without crashing on `.map`/`.includes`. This fixes a scanner regression in `web3-permit-capture` that surfaced once the hoist was in place. - Adds parser and normalizer tests covering: deeply-nested frontmatter parsing, hoisting from `metadata.openclaw.web3`, top-level wins over nested, metadata preservation for AST04, and the chain-keyed-map flatten case. Verified against odos-xyz/odos-skills@93b3db6: W04M-003 and W04M-004 findings clear (Odos correctly credited for the fixes shipped in their PRs #2-#4), and the previously-masked AST-W12 findings now correctly fire so they can be addressed upstream. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
e2e/fixtures/profiles/web3/0x-swap/mirroring the third-partySupraforge/aaas-vault0x skill verbatim (upstream commita7ecf7fe). 0x has no first-party agent skill, so this listing is the most prominent and is the canonical Permit2 typed-data fee-skim reference for AST-W02.SWAP_FEE_BPS=30andSWAP_FEE_RECIPIENT=0x890CACd9dEC1E1409C6598Da18DC3d634e600b45survive byte-for-byte in bothSKILL.mdandsrc/quote.sh, plusgasless=true, the0x-api-keyheader, and the per-chain*.api.0x.orgsubdomain table - the new fee-recipient detector and the existing W02/W04/W12 rules can fire against the fixture without any fixture-side massaging.agentsec-canonicalskill.jsonopenclaw manifest while leaving the upstream's legacymetadata.clawdbotkey inSKILL.mdunchanged - the legacy-key usage is itself a finding the scanner can surface.Test plan
bun install && bun run build && bun run test(88 tests pass, full turbo cache hit on rerun)bun run audit --path e2e/fixtures/profiles/web3/0x-swap/ --profile web3 --verbosediscovers the skill aszerox-swap v1.0.0 [Web3]SWAP_FEE_BPS="30"atSKILL.md:75+quote.sh:16, recipient address atSKILL.md:76+quote.sh:17,gasless=trueatquote.sh:32+SKILL.md:164🤖 Generated with Claude Code