بنقرة واحدة
plamen
يحتوي plamen على 157 من skills المجمعة من PlamenTSV، مع تغطية مهنية على مستوى المستودع وصفحات skill داخل الموقع.
Skills في هذا المستودع
Protocol Type Trigger NAMED_EXTERNAL_PROTOCOL (detected when recon finds import/interface for an identifiable external protocol — not standard libraries). Researches known integration hazards of the target protocol.
Trigger Pattern Always required for DAML audits - Inject Into Breadth agents, depth-state-trace, depth-external
Trigger Pattern Always required for DAML audits - Inject Into Breadth agents, depth-state-trace, depth-edge-case
Trigger Pattern Always required for DAML audits - Inject Into Breadth agents, depth-external, depth-edge-case
Trigger Pattern Always required for DAML audits (self-skips if no template defines a key) - Inject Into Breadth agents, depth-state-trace
Trigger Pattern MONETARY_PARAMETER flag (fee, rate, emission, cap, bps as template fields) - Inject Into Breadth agents (merged via M4 hierarchy)
Trigger Pattern Always required for DAML audits - Inject Into Breadth agents, depth-edge-case
Trigger Pattern Always required for DAML audits (self-skips if no lock pattern present) - Inject Into Breadth agents, depth-state-trace, depth-edge-case
Trigger Pattern Always required for DAML audits - Inject Into Breadth agents, depth-edge-case
Trigger Pattern operator/admin/manager parties listed as signatory or controller, authority-gated choices - Inject Into Breadth agents, depth-state-trace
Trigger Pattern SHARE_ALLOCATION flag detected in pattern scan - Inject Into Breadth agents, depth-edge-case
Trigger Pattern interval|period|duration|delay|cooldown|lock_period|timelock|deadline|maturity|expiry|getTime - Inject Into Breadth agents, depth-state-trace
Trigger Pattern Always (used by all verifier agents) - Inject Into security-verifier agents (Phase 5)
Performs comprehensive token flow analysis by tracing all token entry and exit paths, verifying accounting consistency, detecting unsolicited transfer vectors, and identifying risks such as donation attacks, balance desynchronization, token type confusion, and side-effect-driven state changes.
Trigger HAS_MULTI_CONTRACT flag in template_recommendations.md (recon detects 2+ in-scope contracts/modules sharing parameters or formulas) - Agent Type general-purpose (standal...
Launch the Plamen deterministic L1 infrastructure audit pipeline
Run the Plamen L1 infrastructure audit wizard in Codex
Launch the Plamen deterministic Web3 security audit pipeline
Run the Plamen smart-contract audit wizard in Codex
L1 trigger - audits BLS signature aggregation: subgroup check, rogue-key attack defense, aggregation order, signing-domain separation.
L1 trigger - audits configuration constants, documented bounds, feature-gated values, and unused protocol limits for semantic drift.
L1 trigger - audits consensus arithmetic for truncation, unused bounds, EMA direction, and threshold edge errors.
L1 trigger - detects non-determinism, state transition completeness violations, and safety/liveness invariant breaks in consensus code. Inject into depth-consensus-invariant or depth-state-trace.
L1 trigger - audits replay protection, transaction identity binding, and cross-layer uniqueness.
L1 trigger - audits L1/L2 boundary bugs, precompile context assumptions, integer width mismatches at environment boundaries, and EVM-on-non-EVM drift.
L1 supplement - audits storage / data-availability chains (Arweave, Filecoin, Irys, Crust, Celestia, EigenDA) for unenforced data commitments: producer commits to data inclusion but the validator never verifies the data was actually published / gossiped / sampled.
L1 supplement - audits Go modules and Rust crates for known vulnerabilities, outdated versions, supply chain risks, and replace/patch directives.
L1 trigger - audits execution engine (EVM interpreter, WASM, SVM) for memory corruption, gas mispricing (EXTCODESIZE class), opcode semantics, and VM invariant breaks.
L1 trigger - audits fork-choice rule implementation (LMD-GHOST, Tendermint locking, Nakamoto longest-chain) for equivocation handling, slot-vs-block reasoning, duplicate block handling, and chain reorg correctness.
L1 supplement - audits Go-specific concurrency hazards in node client code: map iteration non-determinism, goroutine leaks, mutex ordering, panic boundaries, context cancellation.
L1 trigger - audits message and seen caches for write-after-validate ordering, eviction safety, and duplicate handling.
L1 trigger - audits bugs that surface only at fork boundaries / protocol upgrade points: activation logic, dormant code paths, upgrade epoch correctness, version gating.
L1 trigger - audits light client and cross-chain proof verification: Merkle proof soundness, ICS-23 subkey handling (Dragonberry class), state root checks, message integrity.
L1 trigger - audits mempool / transaction pool for eviction asymmetries, replacement policy abuse, blob-pool exhaustion, and DETER-class denial of service.
L1 trigger - audits peer-to-peer networking for DoS vectors (resource exhaustion, amplification), eclipse attack susceptibility, and discovery table poisoning (Kademlia/devp2p).
L1 trigger - audits peer reputation and scoring logic for symmetry, farming resistance, and penalty coverage.
L1 trigger - audits JSON-RPC and Engine API surfaces for authentication bypass, rate limiting, subscription buffer overflows, and method-specific DoS.
L1 supplement - audits Rust-specific hazards: unsafe blocks, uninitialized memory, Send/Sync violations, panic safety in hot paths, drop order, FFI.
L1 trigger - audits state sync, snapshot integrity, checkpoint trust, pruning race conditions, and state growth attacks.
L1 trigger - audits validator entry/exit transitions, slashing correctness, leader-duplicate handling, and lifecycle state invariants for PoS / DPoS / BFT consensus clients.