Skip to main content
تشغيل أي مهارة في Manus
بنقرة واحدة
مستودع GitHub

evm-audit-skills

يحتوي evm-audit-skills على 20 من skills المجمعة من austintgriffith، مع تغطية مهنية على مستوى المستودع وصفحات skill داخل الموقع.

skills مجمعة
20
Stars
8
محدث
2026-07-09
Forks
4
التغطية المهنية
1 فئات مهنية · 100% مصنفة
مستكشف المستودعات

Skills في هذا المستودع

evm-audit-general
محللو أمن المعلومات

General Solidity/EVM security checklist — non-obvious footguns that apply to every smart contract. Covers external calls, force-feeding, pause mechanisms, read-only reentrancy, merkle trees, code asymmetry, multicall hazards, and general EVM quirks. Load this for EVERY audit.

2026-07-09
evm-audit-oracles
محللو أمن المعلومات

Oracle vulnerabilities including Chainlink staleness, minAnswer/maxAnswer circuit breakers, L2 sequencer uptime, TWAP manipulation, VRF front-running, spot price attacks, peg assumptions, and oracle decimal mismatches. Load when the contract uses any price oracle or external data feed.

2026-07-09
evm-audit-access-control
محللو أمن المعلومات

EVM smart contract audit checklist for non-obvious access control issues. Covers centralization risks, privilege escalation, two-step ownership, role management, and admin rug vectors. Use when auditing protocols with privileged roles, admin functions, or governance. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-assembly
محللو أمن المعلومات

Inline assembly, CREATE/CREATE2, EXTCODESIZE, and low-level opcode vulnerabilities. Covers metamorphic contracts, constructor-time code absence, assembly math overflow, and div-by-zero returning 0. Load when the contract uses inline assembly or CREATE2.

2026-02-28
evm-audit-bridges
محللو أمن المعلومات

Cross-chain bridge vulnerabilities for LayerZero V2, Chainlink CCIP, Wormhole, Across, and general bridge security. Covers message ordering, fee handling, relayer trust, dust/normalization, and configuration pitfalls. Load when auditing any cross-chain protocol.

2026-02-28
evm-audit-chain-specific
محللو أمن المعلومات

Chain-specific EVM quirks for Arbitrum, Optimism, Base, zkSync, Blast, BNB, Berachain and other L2s. Covers block.number behavior, sequencer downtime, address aliasing, retryable tickets, opcode differences, gas fee variations, and PUSH0 support. Load when deploying to any non-mainnet EVM chain.

2026-02-28
evm-audit-defi-amm
محللو أمن المعلومات

AMM-specific vulnerabilities including Uniswap V3/V4 hooks, concentrated liquidity, swap routing, TWAMM, slippage, and DEX integration pitfalls. Load when auditing any AMM, DEX, swap router, or Uniswap V4 hook.

2026-02-28
evm-audit-defi-lending
محللو أمن المعلومات

CDP, lending market, liquidation, and borrowing vulnerabilities. Covers collateral handling, health factors, auction liquidations, bad debt, interest accrual, and lending protocol integration (AAVE, Compound). Load when auditing any lending/borrowing protocol.

2026-02-28
evm-audit-defi-staking
محللو أمن المعلومات

Liquid staking derivatives (stETH, rETH, cbETH, sfrxETH), LRTs, restaking, staking rewards, and yield farming vulnerabilities. Load when auditing staking protocols, LSD integrations, or yield aggregators.

2026-02-28
evm-audit-dos
محللو أمن المعلومات

EVM smart contract audit checklist for denial-of-service and griefing attacks. Covers gas griefing, unbounded loops, returndata bombing, block stuffing, and DoS via revert. Use when auditing protocols with loops, external calls, or time-sensitive operations. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-erc20
محللو أمن المعلومات

Weird ERC20 token edge cases that break protocols. Covers fee-on-transfer, rebasing, missing return values, blocklists, multiple addresses, flash minting, ERC777 hooks, approval race conditions, and more. Load when the contract interacts with ANY ERC20 tokens.

2026-02-28
evm-audit-erc4337
محللو أمن المعلومات

Account abstraction (ERC-4337) vulnerabilities including wallet factories, paymaster replay, session keys, EntryPoint bugs, ERC-1271 cross-account replay, and module security. Load when auditing smart wallets, paymasters, or AA infrastructure.

2026-02-28
evm-audit-erc4626
محللو أمن المعلومات

ERC4626 vault standard vulnerabilities including inflation attacks, rounding direction, share price manipulation, first depositor attacks, compliance checks, and cross-chain vault issues. Load when auditing any ERC4626 vault or vault-like protocol.

2026-02-28
evm-audit-erc721
محللو أمن المعلومات

EVM smart contract audit checklist for ERC721/ERC1155 tokens. Covers weird NFT behaviors, dual-standard tokens, wrapped/legacy collections, permit issues, fractionalization, pausability, blacklists, and upgradeable NFTs. Use when auditing protocols that interact with arbitrary ERC721/ERC1155 tokens. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-flashloans
محللو أمن المعلومات

EVM smart contract audit checklist for flash loan attack patterns. Covers flash loan governance attacks, oracle manipulation via flash loans, flash deposit-withdraw attacks, and flash mint inflation. Use when auditing DeFi protocols vulnerable to single-transaction economic attacks. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-governance
محللو أمن المعلومات

DAO governance vulnerabilities including flash loan voting, proposal execution ordering, timelock bypass, fake proposals via CREATE2, quorum manipulation, Gnosis Safe module bypasses, and reward distribution attacks. Load when auditing any governance system.

2026-02-28
evm-audit-master
محللو أمن المعلومات

Master index for EVM smart contract security audit skills. Load this FIRST for every audit to determine which specialized skills to load. Contains routing table and audit methodology.

2026-02-28
evm-audit-precision-math
محللو أمن المعلومات

Precision loss, rounding errors, division ordering, fixed-point math, and mathematical edge cases in Solidity. Load this for EVERY audit — math bugs are the

2026-02-28
evm-audit-proxies
محللو أمن المعلومات

Proxy and upgrade vulnerabilities including UUPS, transparent proxy, beacon proxy, storage collisions, metamorphic contracts, initializer issues, and function selector clashing. Load when auditing any upgradeable contract.

2026-02-28
evm-audit-signatures
محللو أمن المعلومات

Signature vulnerabilities including cross-chain replay, ecrecover pitfalls, EIP-712 domain separator issues, permit edge cases, malleability, and meta-transaction security. Load when the contract uses any off-chain signatures.

2026-02-28