Comprehensive audit and review skill for Cadence smart contracts on the Flow blockchain. Identifies security vulnerabilities, bugs, code quality issues, and optimization opportunities. Produces severity-rated findings (Critical/High/Medium/Low) with actionable fixes.
TRIGGER when: auditing, reviewing, or improving Cadence code, checking for security issues, performing code review on .cdc files, looking for anti-patterns or vulnerabilities, optimizing smart contract code, "review cadence", "audit cadence", "check cadence security", "validate cadence contract", "review my .cdc file", "security review", "code review", "find vulnerabilities", "check this contract", "is this code secure", "audit my project".
DO NOT TRIGGER when: writing new contracts from scratch (use cadence-scaffold), asking about Cadence syntax or patterns (use cadence-lang), building token contracts (use cadence-tokens).
Installation
Installer avec Codex ou Claude Copiez ce prompt, collez-le dans Codex, Claude ou un autre assistant, puis laissez-le vérifier la page du skill et l'installer pour vous.
Structured output format, severity levels, verdict criteria
Companion Skills
cadence-lang — Essential during audits. Consult for access control rules, entitlement patterns, resource safety, anti-patterns, and design patterns. Every audit finding should reference the specific Cadence rule being violated.
cadence-tokens — Consult when auditing NFT/FT contracts for standard compliance (NonFungibleToken interface, MetadataViews requirements).
cadence-testing — Use to follow up on audit findings like "missing test coverage" or "edge case not tested" with concrete test-writing guidance.