Substrate Vulnerability Scanner
Skill AktivScans Substrate/Polkadot pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, incorrect weights, and bad origin checks. Use when auditing Substrate runtimes or FRAME pallets.
To enhance the security of Substrate/Polkadot blockchains by providing automated detection of critical vulnerabilities within custom FRAME pallets.
Funktionen
- Scans Substrate/Polkadot pallets for 7 critical vulnerabilities
- Identifies arithmetic overflow, panic DoS, incorrect weights, bad origin checks
- Analyzes Rust code for security patterns
- Provides fixes and mitigation steps for identified issues
- Validates dispatchable functions and weight calculations
Anwendungsfälle
- Auditing custom Substrate pallets
- Reviewing FRAME runtime code
- Pre-launch security assessment of Substrate chains
- Validating dispatchable extrinsic functions
Nicht-Ziele
- Auditing smart contracts on other blockchain platforms
- Performing dynamic analysis or runtime fuzzing
- Replacing formal security audits entirely
Trust
- warning:Issues Attention13 issues opened, 4 closed in the last 90 days, indicating a closure rate below 50% and a moderate number of open issues.
Installation
Zuerst Marketplace hinzufügen
/plugin marketplace add trailofbits/skills/plugin install building-secure-contracts@trailofbitsQualitätspunktzahl
Vertrauenssignale
Ähnliche Erweiterungen
Ship Gate
100Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.
Web3 Testing
99Test smart contracts comprehensively using Hardhat and Foundry with unit tests, integration tests, and mainnet forking. Use when testing Solidity contracts, setting up blockchain test suites, or validating DeFi protocols.
Aptos Gas & Performance Optimization Expert
99Expert on Aptos gas optimization, performance tuning, storage costs, execution efficiency, inline functions, aggregator usage, parallel execution, table vs vector tradeoffs, and gas profiling tools. Triggers on keywords gas optimization, performance, gas cost, storage fee, inline, aggregator, parallel execution, gas profiling, optimization
Solidity Security
98Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.
Aptos Move Testing
98Expert on testing Move smart contracts on Aptos, including unit tests, integration tests, Move Prover formal verification, debugging strategies, and test coverage. Triggers on keywords move test, unit test, integration test, move prover, formal verification, debug, coverage, assert, expect
Aptos Framework Expert
98Expert on Aptos Framework (0x1 standard library) - account, coin, fungible_asset, object, timestamp, table, event, vector, string, option, error, and other core modules. Triggers on keywords aptos framework, 0x1, account module, table, smarttable, event, timestamp, randomness, aggregator, resource account