hardhat-setup

Automates the setup and configuration of Hardhat projects for Solidity development, streamlining project initialization and management.

Install this skill

28/100

Security score

The hardhat-setup skill was audited on Feb 12, 2026 and we found 32 security issues across 1 threat category. Review the findings below before installing.

Categories Tested

Security Issues

low line 51

Access to .env file

SourceSKILL.md

51	├── .env # Environment variables

low line 87

Access to .env file

SourceSKILL.md

87	url: process.env.SEPOLIA_RPC_URL \|\| "",

low line 88

Access to .env file

SourceSKILL.md

88	accounts: process.env.PRIVATE_KEY ? [process.env.PRIVATE_KEY] : []

low line 92

Access to .env file

SourceSKILL.md

92	apiKey: process.env.ETHERSCAN_API_KEY

low line 112

Access to .env file

SourceSKILL.md

112	url: process.env.SEPOLIA_RPC_URL \|\| "",

low line 113

Access to .env file

SourceSKILL.md

113	accounts: process.env.PRIVATE_KEY ? [process.env.PRIVATE_KEY] : []

medium line 123

Access to .env file

SourceSKILL.md

123	See `./templates/.env.example` for complete environment variable template.

low line 183

Access to .env file

SourceSKILL.md

183	url: process.env.MAINNET_RPC_URL,

low line 184

Access to .env file

SourceSKILL.md

184	accounts: [process.env.PRIVATE_KEY],

low line 188

Access to .env file

SourceSKILL.md

188	url: process.env.SEPOLIA_RPC_URL,

low line 189

Access to .env file

SourceSKILL.md

189	accounts: [process.env.PRIVATE_KEY],

low line 193

Access to .env file

SourceSKILL.md

193	url: process.env.ARBITRUM_RPC_URL,

low line 194

Access to .env file

SourceSKILL.md

194	accounts: [process.env.PRIVATE_KEY],

low line 240

Access to .env file

SourceSKILL.md

240	enabled: process.env.REPORT_GAS === "true",

low line 242

Access to .env file

SourceSKILL.md

242	coinmarketcap: process.env.COINMARKETCAP_API_KEY,

low line 346

Access to .env file

SourceSKILL.md

346

.env

low line 347

Access to .env file

SourceSKILL.md

347	.env.local

medium line 425

Access to .env file

SourceSKILL.md

425	⚠️ CRITICAL: Never store production private keys in .env files!

low line 445

Access to .env file

SourceSKILL.md

445	url: process.env.MAINNET_RPC_URL,

low line 508

Access to .env file

SourceSKILL.md

508	url: process.env.SEPOLIA_RPC_URL,

medium line 574

Access to .env file

SourceSKILL.md

574	#### 6. .env Variables (Development/Testing ONLY)

low line 584

Access to .env file

SourceSKILL.md

584	url: process.env.SEPOLIA_RPC_URL,

low line 585

Access to .env file

SourceSKILL.md

585	accounts: process.env.PRIVATE_KEY ? [process.env.PRIVATE_KEY] : []

medium line 591

Access to .env file

SourceSKILL.md

591	If using .env:

medium line 595

Access to .env file

SourceSKILL.md

595	- ✅ Add .env to .gitignore

medium line 596

Access to .env file

SourceSKILL.md

596	- ❌ Never commit .env to version control

low line 637

Access to .env file

SourceSKILL.md

637	# Development only: with .env private key

medium line 646

Access to .env file

SourceSKILL.md

646	1. Secure private key management - Use hardware wallets or Hardhat Configuration Variables for all deployments; never store production keys in .env

medium line 649

Access to .env file

SourceSKILL.md

649	4. Comprehensive .env.example - Document all required environment variables (but discourage private keys)

low line 686

Access to .env file

SourceSKILL.md

686	# Check RPC URL in .env

medium line 712

Access to .env file

SourceSKILL.md

712	- `./templates/.env.example` - Environment variables template

medium line 724

Access to .env file

SourceSKILL.md

724	2. Copy `.env.example` to `.env` and fill in values

Scanned on Feb 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw backend backend-developer ml-ai-engineer product-manager development product

majiayu000/claude-skill-registry-data