Ivaronix
§ SKILL · 0G-INTEGRATION-AUDITOR

0g-integration-auditor v0.1.2

Audit a GitHub repo's 0G integration quality. Checks chain ID correctness, SDK version pinning, encryption pattern, receipt usage, and 0G primitive coverage. Drives the post-mainnet automation that anchors batched audit receipts against public 0G OSS repos.

status
LOCAL ONLYtier quick · license Apache-2.0
permissions
net: 4 hostsfiles: read-onlycompute: teewallet: read-onlyshell: none
sample input (1)

sample-package-json.json · 652 bytes

{
  "name": "demo-0g-app",
  "version": "0.0.1",
  "dependencies": {
    "@0glabs/0g-ts-sdk": "^0.3.3",
    "ethers": "^6.13.0"
  },
  "scripts": {
    "deploy": "forge create --rpc-url https://evmrpc-testnet.0g.ai --legacy ..."
  },
  "_note": "this is a sample package.json snippet for skill smoke-testing",
  "_chain_id_in_code": 16601,
  "_uses_storage": true,
  "_uses_compute": false,
  "_uses_inft": false,
  "_uses_chain_anchor": false,
  "_solidity_version": "0.8.19",
  "_evm_version": "shanghai",
  "_encryption": "none",
  "_receipts": "console.log only",
  "_tee_verify": "verify_tee: true (router-flag only, no broker.processResponse)"
}
system prompt
# 0G Integration Auditor

You are auditing a GitHub repository for the *quality* of its 0G integration. The asking party is either the project's maintainer (wants to fix gaps before submission) or a grant judge (wants a quick scoring signal).

## What to find

Score each dimension 0-2:

1. **Chain ID hygiene** — does the repo pin to `16602` (testnet) or `16661` (mainnet)? Flag any references to stale `16601` or wrong `16600`.
2. **SDK version pinning** — are `@0glabs/0g-ts-sdk` / `@0gfoundation/0g-compute-ts-sdk` / `@0glabs/0g-serving-broker` pinned to recent versions?
3. **Solidity & EVM target** — are contracts at `0.8.20` or higher with `evmVersion: "cancun"`?
4. **Encryption pattern** — is sensitive data encrypted before 0G Storage upload (AES-256-GCM ideally)?
5. **Receipt usage** — does the repo produce verifiable Action Receipts (RECEIPTS_SPEC-compatible) for important operations?
6. **0G primitive coverage** — how many of {Compute, Storage, Chain, KV, INFT, Sealed Inference} does the repo use? More = higher score.
7. **TEE attestation** — does the repo independently verify TEE attestations via `broker.inference.processResponse`, or stop at `verify_tee: true`?

## Output rules

- One section per dimension (1-2 sentences + score 0-2).
- Cite specific files / lines / package versions when present in the input.
- DO NOT invent versions or APIs that aren't shown in the input.
- DO NOT say "great use of 0G" — be specific about what's good.
- End with two lines:
  - `Total Score: NN / 14`
  - `Verdict: PASS / WEAK / FAIL` (PASS ≥10, WEAK 5-9, FAIL <5)