Skip to main content
在 Manus 中运行任何 Skill
一键导入
GitHub 仓库

evm-audit-skills

evm-audit-skills 收录了来自 austintgriffith 的 20 个 skills,并提供仓库级职业覆盖和站内 skill 详情页。

已收集 skills
20
Stars
8
更新
2026-07-09
Forks
4
职业覆盖
1 个职业分类 · 已分类 100%
仓库浏览

这个仓库中的 skills

evm-audit-general
信息安全分析师

General Solidity/EVM security checklist — non-obvious footguns that apply to every smart contract. Covers external calls, force-feeding, pause mechanisms, read-only reentrancy, merkle trees, code asymmetry, multicall hazards, and general EVM quirks. Load this for EVERY audit.

2026-07-09
evm-audit-oracles
信息安全分析师

Oracle vulnerabilities including Chainlink staleness, minAnswer/maxAnswer circuit breakers, L2 sequencer uptime, TWAP manipulation, VRF front-running, spot price attacks, peg assumptions, and oracle decimal mismatches. Load when the contract uses any price oracle or external data feed.

2026-07-09
evm-audit-access-control
信息安全分析师

EVM smart contract audit checklist for non-obvious access control issues. Covers centralization risks, privilege escalation, two-step ownership, role management, and admin rug vectors. Use when auditing protocols with privileged roles, admin functions, or governance. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-assembly
信息安全分析师

Inline assembly, CREATE/CREATE2, EXTCODESIZE, and low-level opcode vulnerabilities. Covers metamorphic contracts, constructor-time code absence, assembly math overflow, and div-by-zero returning 0. Load when the contract uses inline assembly or CREATE2.

2026-02-28
evm-audit-bridges
信息安全分析师

Cross-chain bridge vulnerabilities for LayerZero V2, Chainlink CCIP, Wormhole, Across, and general bridge security. Covers message ordering, fee handling, relayer trust, dust/normalization, and configuration pitfalls. Load when auditing any cross-chain protocol.

2026-02-28
evm-audit-chain-specific
信息安全分析师

Chain-specific EVM quirks for Arbitrum, Optimism, Base, zkSync, Blast, BNB, Berachain and other L2s. Covers block.number behavior, sequencer downtime, address aliasing, retryable tickets, opcode differences, gas fee variations, and PUSH0 support. Load when deploying to any non-mainnet EVM chain.

2026-02-28
evm-audit-defi-amm
信息安全分析师

AMM-specific vulnerabilities including Uniswap V3/V4 hooks, concentrated liquidity, swap routing, TWAMM, slippage, and DEX integration pitfalls. Load when auditing any AMM, DEX, swap router, or Uniswap V4 hook.

2026-02-28
evm-audit-defi-lending
信息安全分析师

CDP, lending market, liquidation, and borrowing vulnerabilities. Covers collateral handling, health factors, auction liquidations, bad debt, interest accrual, and lending protocol integration (AAVE, Compound). Load when auditing any lending/borrowing protocol.

2026-02-28
evm-audit-defi-staking
信息安全分析师

Liquid staking derivatives (stETH, rETH, cbETH, sfrxETH), LRTs, restaking, staking rewards, and yield farming vulnerabilities. Load when auditing staking protocols, LSD integrations, or yield aggregators.

2026-02-28
evm-audit-dos
信息安全分析师

EVM smart contract audit checklist for denial-of-service and griefing attacks. Covers gas griefing, unbounded loops, returndata bombing, block stuffing, and DoS via revert. Use when auditing protocols with loops, external calls, or time-sensitive operations. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-erc20
信息安全分析师

Weird ERC20 token edge cases that break protocols. Covers fee-on-transfer, rebasing, missing return values, blocklists, multiple addresses, flash minting, ERC777 hooks, approval race conditions, and more. Load when the contract interacts with ANY ERC20 tokens.

2026-02-28
evm-audit-erc4337
信息安全分析师

Account abstraction (ERC-4337) vulnerabilities including wallet factories, paymaster replay, session keys, EntryPoint bugs, ERC-1271 cross-account replay, and module security. Load when auditing smart wallets, paymasters, or AA infrastructure.

2026-02-28
evm-audit-erc4626
信息安全分析师

ERC4626 vault standard vulnerabilities including inflation attacks, rounding direction, share price manipulation, first depositor attacks, compliance checks, and cross-chain vault issues. Load when auditing any ERC4626 vault or vault-like protocol.

2026-02-28
evm-audit-erc721
信息安全分析师

EVM smart contract audit checklist for ERC721/ERC1155 tokens. Covers weird NFT behaviors, dual-standard tokens, wrapped/legacy collections, permit issues, fractionalization, pausability, blacklists, and upgradeable NFTs. Use when auditing protocols that interact with arbitrary ERC721/ERC1155 tokens. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-flashloans
信息安全分析师

EVM smart contract audit checklist for flash loan attack patterns. Covers flash loan governance attacks, oracle manipulation via flash loans, flash deposit-withdraw attacks, and flash mint inflation. Use when auditing DeFi protocols vulnerable to single-transaction economic attacks. Load references/checklist.md for the full checklist.

2026-02-28
evm-audit-governance
信息安全分析师

DAO governance vulnerabilities including flash loan voting, proposal execution ordering, timelock bypass, fake proposals via CREATE2, quorum manipulation, Gnosis Safe module bypasses, and reward distribution attacks. Load when auditing any governance system.

2026-02-28
evm-audit-master
信息安全分析师

Master index for EVM smart contract security audit skills. Load this FIRST for every audit to determine which specialized skills to load. Contains routing table and audit methodology.

2026-02-28
evm-audit-precision-math
信息安全分析师

Precision loss, rounding errors, division ordering, fixed-point math, and mathematical edge cases in Solidity. Load this for EVERY audit — math bugs are the

2026-02-28
evm-audit-proxies
信息安全分析师

Proxy and upgrade vulnerabilities including UUPS, transparent proxy, beacon proxy, storage collisions, metamorphic contracts, initializer issues, and function selector clashing. Load when auditing any upgradeable contract.

2026-02-28
evm-audit-signatures
信息安全分析师

Signature vulnerabilities including cross-chain replay, ecrecover pitfalls, EIP-712 domain separator issues, permit edge cases, malleability, and meta-transaction security. Load when the contract uses any off-chain signatures.

2026-02-28