陌讯skills聚合平台

smart-contract-security

📁 gmh5225/awesome-web3-security 📅 5 days ago
3
总安装量
3
周安装量
#59510
全站排名
安装命令
npx skills add https://github.com/gmh5225/awesome-web3-security --skill smart-contract-security

Agent 安装分布

opencode 3
gemini-cli 3
claude-code 3
github-copilot 3
amp 3
codex 3

Skill 文档

Smart Contract Security (EVM / Solidity)

Scope

Use this skill when working on:

  • Solidity/EVM auditing resources
  • EVM vulnerability categories and examples
  • Tooling for contract analysis (static, dynamic, fuzzing)

Common Vulnerabilities (Cheat Sheet)

  • Reentrancy
  • Access control bugs
  • Price oracle manipulation
  • MEV / sandwich / frontrunning
  • Flash loan enabled logic flaws
  • Precision / rounding / decimal mismatch
  • Signature and permit mistakes (EIP-2612 / Permit2)
  • Upgradeability mistakes (UUPS / Transparent)

Recommended Review Workflow

  1. Threat model: assets, trust boundaries, privileged roles
  2. State machine: invariants, transitions, edge cases
  3. Access control: ownership, roles, upgrade admin
  4. External calls: reentrancy, callback surfaces, token hooks
  5. Economic analysis: pricing, liquidity, oracle, incentives
  6. Testing: unit tests + fuzzing + invariant tests
  7. Reporting: severity, exploitability, PoC, remediation

Where to Add Links in README

  • New analyzers/fuzzers: Development → Tools or Security (choose primary)
  • Audit methodologies/standards: Security
  • Practice labs/CTFs: Security Starter Pack → CTFs / Practice
  • Audit report portfolios: Security Starter Pack → Audit Reports

Notes

Keep additions:

  • English descriptions
  • Non-duplicated URLs
  • Minimal structural changes

Data Source

For detailed and up-to-date resources, fetch the full list from:

https://raw.githubusercontent.com/gmh5225/awesome-web3-security/refs/heads/main/README.md
GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。