smart-contract-security
Analyze Solidity code for vulnerabilities and get security checklists for auditing.
Best use case
smart-contract-security is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Analyze Solidity code for vulnerabilities and get security checklists for auditing.
Teams using smart-contract-security should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/smart-contract-security/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How smart-contract-security Compares
| Feature / Agent | smart-contract-security | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Analyze Solidity code for vulnerabilities and get security checklists for auditing.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Smart Contract Security Analyzer Analyze Solidity code for vulnerabilities and get security checklists for auditing. ## Source - **Discovered via**: AltLLM web search (2026-03-30) - **URL**: https://github.com/alt-labs/security-tools
Related Skills
okx-security
Use this skill for security scanning: check transaction safety, is this transaction safe, pre-execution check, security scan, token risk scanning, honeypot detection, DApp/URL phishing detection, message signature safety, malicious transaction detection, approval safety checks, token approval management. Triggers: 'is this token safe', 'check token security', 'honeypot check', 'scan this tx', 'scan this swap tx', 'tx risk check', 'is this URL a scam', 'check if this dapp is safe', 'phishing site check', 'is this signature safe', 'check this signing request', 'check my approvals', 'show risky approvals', 'revoke approval', 'check if this approve is safe', token authorization, ERC20 allowance, Permit2. Covers token-scan, dapp-scan, tx-scan (EVM+Solana pre-execution), sig-scan (EIP-712/personal_sign), approvals (ERC-20/Permit2). Chinese: 安全扫描, 代币安全, 蜜罐检测, 貔貅盘, 钓鱼网站, 交易安全, 签名安全, 代币风险, 授权管理, 授权查询, 风险授权, 代币授权. Do NOT use for wallet balance/send/history — use okx-agentic-wallet.
trailofbits-official-building-secure-contracts
Brought to you by [Trail of Bits](https://www.trailofbits.com/), this repository offers guidelines and best practices for developing secure smart contracts. Contributions are welcome, you can contribute by following our [contributing guidel
smart-contract-security-scanner
Scan smart contracts for vulnerabilities and generate audit checklists.
petir-security-agent
Autonomous red/blue team security agent with 20+ OWASP tools and MCP security plugins.
crypto-intel-security-scanner
Analyze Solidity code for vulnerabilities, get safety scores, and audit checklists.
crypto-intel-security-analyzer
Analyze Solidity code for common vulnerabilities and security issues with smart contract auditing checklist.
v4-security-foundations
Security-first Uniswap v4 hook development. Use when user mentions "v4 hooks", "hook security", "PoolManager", "beforeSwap", "afterSwap", or asks about V4 hook best practices, vulnerabilities, or audit requirements.
aegis-protocol-security
Enterprise-grade DeFi security and analytics agent with advanced threat detection and market intelligence on Base.
aegis-protocol-defi-security
Enterprise-grade DeFi security and analytics agent with advanced threat detection and market intelligence on Base.
trongrid-contract-analysis
Analyze TRON smart contracts including deployment info, ABI methods, transaction patterns, top callers, energy costs, and safety assessment. Use when a user asks about a smart contract, wants to verify contract safety, check what a contract does, identify top callers, or detect potential scams. Covers TRC-20/TRC-721 identification, open-source verification, and risk scoring.
lightning-security-module
Set up an lnd remote signer container that holds private keys separately from the agent. Exports a credentials bundle (accounts JSON, TLS cert, admin macaroon) for watch-only litd nodes. Container-first with Docker, native fallback. Use when firewalling private key material from AI agents.
deploying-contracts-on-base
Deploys smart contracts to Base using Foundry. Covers forge create commands, contract verification, testnet faucet setup via CDP, and BaseScan API key configuration. Use when deploying Solidity contracts to Base Mainnet or Sepolia testnet. Covers phrases like "deploy contract to Base", "forge create on Base", "verify contract on BaseScan", "get testnet ETH", "Base Sepolia faucet", "how do I deploy to Base", or "publish my contract".