Add token2022-integration-guard skill (consumer-side Token-2022 safety)#45
Open
mohit-1710 wants to merge 1 commit into
Open
Add token2022-integration-guard skill (consumer-side Token-2022 safety)#45mohit-1710 wants to merge 1 commit into
mohit-1710 wants to merge 1 commit into
Conversation
|
@mohit-1710 is attempting to deploy a commit to the STBR TRUE Team on Vercel. A member of the Team first needs to authorize it. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds token2022-integration-guard as
.claude/skills/ext/token2022-integration-guard, with one routing line in the hub under ## Token Extensions. It is the consumer/integrator counterpart to the existingtoken-2022.md(issuer-side).The kit teaches how to issue and inspect Token-2022 tokens. This is what a program actually has to do when it must accept an arbitrary, possibly hostile mint (AMM, vault, lending, escrow) without getting drained or bricked. Inspectors tell you a mint is hostile. This guard refuses it on-chain.
What it ships:
t22-scanCLI with a per-profile verdict and a real CI exit code, verified against live mainnet (PYUSD rejects on an active permanent delegate, USDC allows)spl_token_2022program and prove each guard blocks its attackReproduce:
Changes: the submodule +
.gitmodulesentry, one routing line in.claude/skills/SKILL.md, and the ext/ count in the README (18 to 19). Follows the kit shape (skill/SKILL.mdrouter + focused files + agents/commands/rules + install.sh). MIT.Repo: https://github.com/mohit-1710/token2022-integration-guard