원클릭으로
ton-smart-contract-audit
Check TON project with smart contracts for vulnerabilities; perform an audit of TON smart contracts
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Check TON project with smart contracts for vulnerabilities; perform an audit of TON smart contracts
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
| name | ton-smart-contract-audit |
| schemaVersion | v0.1 |
| description | Check TON project with smart contracts for vulnerabilities; perform an audit of TON smart contracts |
| used-by | ["Agent"] |
Follow the recommendations in this skill precisely.
To check, run the following command:
npx tsa-installer install
For that to work, tsa-installer must already be installed.
To install tsa-installer, run:
npm install tsa-installer
To interpret output of the first command, refer to references/tsa-configuration.md
This will be needed in the next steps.
If you cannot figure this out yourself, ask the user for help BEFORE starting the audit process.
If this is a Blueprint project (most likely), tests should be run with:
yarn/npx blueprint test
Or:
yarn/npx test
Refer to references/vulnerabilities.md.
Analyze the source code of smart contracts to see if a vulnerability is present.
Refer to references/validation.md.
Refer to references/tsa-analysis.md.
Do not forget validating inter-contract paths, those are usually the most interesting findings!
Do not forget to write checkers for verifying custom properties, standard checkers do not cover everything.
Refer to references/validation.md.
Report the validated vulnerabilities. Use severity levels.
Standard checkers in TSA find something rarely, and if they do, the severity of the issues is very high.
Do not divide findings from manual analysis and TSA analysis, give one list.
Create a Markdown file with the report. Do not forget to include links to tests with the proofs!
Do not stop the audit process and provide an intermediate report before you checked everything.