원클릭으로
audit-local
Run a local security audit on a Cairo repository
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Run a local security audit on a Cairo repository
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Routes Cairo/Starknet coding and audit tasks to the smallest relevant module for focused, high-quality execution.
Cairo smart-contract authoring on Starknet. Trigger on "write a contract", "create a contract", "implement this in Cairo", "add storage/events/interface", "compose components". Guides structure, security patterns, and component wiring.
Improves Cairo performance after correctness is established. Trigger on "optimize", "gas usage", "reduce steps", "profile", "BoundedInt", "storage packing", "benchmark". Guides profiling, arithmetic optimization, and bounded-int hardening.
Cairo smart-contract testing with snforge. Trigger on "write tests", "add unit tests", "fuzz test", "integration test", "test this contract", "regression test". Guides test strategy, cheatcode usage, and coverage.
Covers Starknet build, declare, deploy, verify, and release operations with a deterministic workflow and command-level references.
Security audit of Cairo/Starknet code. Trigger on "audit", "check this contract", "review for security". Modes - default (full repo), deep (+ adversarial reasoning), or specific filenames.
| name | audit-local |
| description | Run a local security audit on a Cairo repository |
| allowed-tools | Bash, Read, Grep, Glob, Python |
| argument-hint | <path-to-cairo-repo> |
Validate and sanitize the target repo path:
REPO="$ARGUMENTS"
[ -n "$REPO" ] || { echo "ERROR: repo path is required" >&2; exit 1; }
echo "$REPO" | grep -qE '^[A-Za-z0-9_./ -]+$' || {
echo "ERROR: repo path contains unsafe characters" >&2
exit 1
}
if echo "$REPO" | grep -qE '(^|/)\.\.(/|$)'; then
echo "ERROR: repo path traversal is not allowed" >&2
exit 1
fi
[ -f scripts/quality/audit_local_repo.py ] || {
echo "ERROR: scripts/quality/audit_local_repo.py not found from current working directory" >&2
exit 1
}
[ -d "$REPO" ] || { echo "ERROR: '$REPO' is not a directory" >&2; exit 1; }
Run the local deterministic audit:
python3 scripts/quality/audit_local_repo.py --repo-root "$REPO" --scan-id "local-$(date +%s)"
Report findings grouped by severity (Critical > High > Medium > Low > Info) with title, location, and fix.
Summarize totals and top-3 highest-severity findings.
Follow the full workflow: Audit Local Workflow
.json, .md, optional findings JSONL) for triage.