一键在 Manus 中运行任何 Skill

$pwd:

smart-contract-security

Name: Smart Contract Security
Author: gmh5225

// Guide for EVM/solidity smart contract security work: vulnerability taxonomy, review workflow, and where to place resources in README.md.

在 Manus 中运行

$ git log --oneline --stat

stars:12

forks:1

updated:2026年1月26日 15:34

SKILL.md

readonly

name	smart-contract-security
description	Guide for EVM/solidity smart contract security work: vulnerability taxonomy, review workflow, and where to place resources in README.md.

Smart Contract Security (EVM / Solidity)

Scope

Use this skill when working on:

Solidity/EVM auditing resources
EVM vulnerability categories and examples
Tooling for contract analysis (static, dynamic, fuzzing)

Common Vulnerabilities (Cheat Sheet)

Reentrancy
Access control bugs
Price oracle manipulation
MEV / sandwich / frontrunning
Flash loan enabled logic flaws
Precision / rounding / decimal mismatch
Signature and permit mistakes (EIP-2612 / Permit2)
Upgradeability mistakes (UUPS / Transparent)

Recommended Review Workflow

Threat model: assets, trust boundaries, privileged roles
State machine: invariants, transitions, edge cases
Access control: ownership, roles, upgrade admin
External calls: reentrancy, callback surfaces, token hooks
Economic analysis: pricing, liquidity, oracle, incentives
Testing: unit tests + fuzzing + invariant tests
Reporting: severity, exploitability, PoC, remediation

Where to Add Links in README

New analyzers/fuzzers: Development → Tools or Security (choose primary)
Audit methodologies/standards: Security
Practice labs/CTFs: Security Starter Pack → CTFs / Practice
Audit report portfolios: Security Starter Pack → Audit Reports

Notes

Keep additions:

English descriptions
Non-duplicated URLs
Minimal structural changes

Data Source

For detailed and up-to-date resources, fetch the full list from:

https://raw.githubusercontent.com/gmh5225/awesome-web3-security/refs/heads/main/README.md

related-skills.json

同仓库

mev-security.md

from "gmh5225/awesome-web3-security"

Guide for MEV concepts, common attacks, mitigations, and how to organize MEV-related resources in README.md.

2026-01-2612

awesome-web3-security-overview.md

from "gmh5225/awesome-web3-security"

Guide for understanding and contributing to the awesome-web3-security curated resource list. Use this skill when adding resources, organizing categories, or maintaining README.md consistency (no duplicates).

2026-01-2612

solana-security.md

from "gmh5225/awesome-web3-security"

Guide for Solana/Sealevel security research and where to organize Solana-specific resources in README.md.

2026-01-2612

web3-security-tooling.md

from "gmh5225/awesome-web3-security"

Guide for security tooling (analyzers, fuzzers, decompilers, compilers) and consistent placement in README.md.

2026-01-2612

wallet-security.md

from "gmh5225/awesome-web3-security"

Guide for wallet security topics: MPC/TSS, key management, wallet UX security, phishing, and how to categorize related resources in README.md.

2026-01-2612

package.json

"author": "gmh5225"

"repository": "gmh5225/awesome-web3-security"

打开 GitHub 仓库查看创作者相关仓库

$ install --global

$ download --local

在 Manus 中运行

$ useful --forSOC

信息安全分析师计算机与数学类职业15-1212L4

name	smart-contract-security
description	Guide for EVM/solidity smart contract security work: vulnerability taxonomy, review workflow, and where to place resources in README.md.

Smart Contract Security (EVM / Solidity)

Scope

Use this skill when working on:

Solidity/EVM auditing resources
EVM vulnerability categories and examples
Tooling for contract analysis (static, dynamic, fuzzing)

Common Vulnerabilities (Cheat Sheet)

Reentrancy
Access control bugs
Price oracle manipulation
MEV / sandwich / frontrunning
Flash loan enabled logic flaws
Precision / rounding / decimal mismatch
Signature and permit mistakes (EIP-2612 / Permit2)
Upgradeability mistakes (UUPS / Transparent)

Recommended Review Workflow

Threat model: assets, trust boundaries, privileged roles
State machine: invariants, transitions, edge cases
Access control: ownership, roles, upgrade admin
External calls: reentrancy, callback surfaces, token hooks
Economic analysis: pricing, liquidity, oracle, incentives
Testing: unit tests + fuzzing + invariant tests
Reporting: severity, exploitability, PoC, remediation

Where to Add Links in README

New analyzers/fuzzers: Development → Tools or Security (choose primary)
Audit methodologies/standards: Security
Practice labs/CTFs: Security Starter Pack → CTFs / Practice
Audit report portfolios: Security Starter Pack → Audit Reports

Notes

Keep additions:

English descriptions
Non-duplicated URLs
Minimal structural changes

Data Source

For detailed and up-to-date resources, fetch the full list from:

https://raw.githubusercontent.com/gmh5225/awesome-web3-security/refs/heads/main/README.md

smart-contract-security

Smart Contract Security (EVM / Solidity)

Scope

Common Vulnerabilities (Cheat Sheet)

Recommended Review Workflow

Where to Add Links in README

Notes

Data Source

同仓库更多 Skills

同仓库更多 Skills

Smart Contract Security (EVM / Solidity)

Scope

Common Vulnerabilities (Cheat Sheet)

Recommended Review Workflow

Where to Add Links in README

Notes

Data Source