Skip to main content
Run any Skill in Manus
with one click
GitHub repository

evm-audit-skills

evm-audit-skills contains 20 collected skills from austintgriffith, with repository-level occupation coverage and site-owned skill detail pages.

skills collected
20
Stars
8
updated
2026-07-09
Forks
4
Occupation coverage
1 occupation categories · 100% classified
repository explorer

Skills in this repository

evm-audit-general
information-security-analysts

General Solidity/EVM security checklist — non-obvious footguns that apply to every smart contract. Covers external calls, force-feeding, pause mechanisms, read-only reentrancy, merkle trees, code asymmetry, multicall hazards, and general EVM quirks. Load this for EVERY audit.

2026-07-09
evm-audit-oracles
information-security-analysts

Oracle vulnerabilities including Chainlink staleness, minAnswer/maxAnswer circuit breakers, L2 sequencer uptime, TWAP manipulation, VRF front-running, spot price attacks, peg assumptions, and oracle decimal mismatches. Load when the contract uses any price oracle or external data feed.

2026-07-09
evm-audit-access-control
information-security-analysts

EVM smart contract audit checklist for non-obvious access control issues. Covers centralization risks, privilege escalation, two-step ownership, role management, and admin rug vectors. Use when auditing protocols with privileged roles, admin functions, or governance. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-assembly
information-security-analysts

Inline assembly, CREATE/CREATE2, EXTCODESIZE, and low-level opcode vulnerabilities. Covers metamorphic contracts, constructor-time code absence, assembly math overflow, and div-by-zero returning 0. Load when the contract uses inline assembly or CREATE2.

2026-02-28
evm-audit-bridges
information-security-analysts

Cross-chain bridge vulnerabilities for LayerZero V2, Chainlink CCIP, Wormhole, Across, and general bridge security. Covers message ordering, fee handling, relayer trust, dust/normalization, and configuration pitfalls. Load when auditing any cross-chain protocol.

2026-02-28
evm-audit-chain-specific
information-security-analysts

Chain-specific EVM quirks for Arbitrum, Optimism, Base, zkSync, Blast, BNB, Berachain and other L2s. Covers block.number behavior, sequencer downtime, address aliasing, retryable tickets, opcode differences, gas fee variations, and PUSH0 support. Load when deploying to any non-mainnet EVM chain.

2026-02-28
evm-audit-defi-amm
information-security-analysts

AMM-specific vulnerabilities including Uniswap V3/V4 hooks, concentrated liquidity, swap routing, TWAMM, slippage, and DEX integration pitfalls. Load when auditing any AMM, DEX, swap router, or Uniswap V4 hook.

2026-02-28
evm-audit-defi-lending
information-security-analysts

CDP, lending market, liquidation, and borrowing vulnerabilities. Covers collateral handling, health factors, auction liquidations, bad debt, interest accrual, and lending protocol integration (AAVE, Compound). Load when auditing any lending/borrowing protocol.

2026-02-28
evm-audit-defi-staking
information-security-analysts

Liquid staking derivatives (stETH, rETH, cbETH, sfrxETH), LRTs, restaking, staking rewards, and yield farming vulnerabilities. Load when auditing staking protocols, LSD integrations, or yield aggregators.

2026-02-28
evm-audit-dos
information-security-analysts

EVM smart contract audit checklist for denial-of-service and griefing attacks. Covers gas griefing, unbounded loops, returndata bombing, block stuffing, and DoS via revert. Use when auditing protocols with loops, external calls, or time-sensitive operations. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-erc20
information-security-analysts

Weird ERC20 token edge cases that break protocols. Covers fee-on-transfer, rebasing, missing return values, blocklists, multiple addresses, flash minting, ERC777 hooks, approval race conditions, and more. Load when the contract interacts with ANY ERC20 tokens.

2026-02-28
evm-audit-erc4337
information-security-analysts

Account abstraction (ERC-4337) vulnerabilities including wallet factories, paymaster replay, session keys, EntryPoint bugs, ERC-1271 cross-account replay, and module security. Load when auditing smart wallets, paymasters, or AA infrastructure.

2026-02-28
evm-audit-erc4626
information-security-analysts

ERC4626 vault standard vulnerabilities including inflation attacks, rounding direction, share price manipulation, first depositor attacks, compliance checks, and cross-chain vault issues. Load when auditing any ERC4626 vault or vault-like protocol.

2026-02-28
evm-audit-erc721
information-security-analysts

EVM smart contract audit checklist for ERC721/ERC1155 tokens. Covers weird NFT behaviors, dual-standard tokens, wrapped/legacy collections, permit issues, fractionalization, pausability, blacklists, and upgradeable NFTs. Use when auditing protocols that interact with arbitrary ERC721/ERC1155 tokens. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-flashloans
information-security-analysts

EVM smart contract audit checklist for flash loan attack patterns. Covers flash loan governance attacks, oracle manipulation via flash loans, flash deposit-withdraw attacks, and flash mint inflation. Use when auditing DeFi protocols vulnerable to single-transaction economic attacks. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-governance
information-security-analysts

DAO governance vulnerabilities including flash loan voting, proposal execution ordering, timelock bypass, fake proposals via CREATE2, quorum manipulation, Gnosis Safe module bypasses, and reward distribution attacks. Load when auditing any governance system.

2026-02-28
evm-audit-master
information-security-analysts

Master index for EVM smart contract security audit skills. Load this FIRST for every audit to determine which specialized skills to load. Contains routing table and audit methodology.

2026-02-28
evm-audit-precision-math
information-security-analysts

Precision loss, rounding errors, division ordering, fixed-point math, and mathematical edge cases in Solidity. Load this for EVERY audit — math bugs are the

2026-02-28
evm-audit-proxies
information-security-analysts

Proxy and upgrade vulnerabilities including UUPS, transparent proxy, beacon proxy, storage collisions, metamorphic contracts, initializer issues, and function selector clashing. Load when auditing any upgradeable contract.

2026-02-28
evm-audit-signatures
information-security-analysts

Signature vulnerabilities including cross-chain replay, ecrecover pitfalls, EIP-712 domain separator issues, permit edge cases, malleability, and meta-transaction security. Load when the contract uses any off-chain signatures.

2026-02-28