Algorand Vulnerability Scanner
技能 活跃Scans Algorand smart contracts for 11 common vulnerabilities including rekeying attacks, unchecked transaction fees, missing field validations, and access control issues. Use when auditing Algorand projects (TEAL/PyTeal).
To systematically audit Algorand smart contracts for platform-specific security vulnerabilities, ensuring project security and compliance.
功能
- Scans TEAL and PyTeal code
- Detects 11 Algorand-specific vulnerabilities
- Provides detailed reports with fixes
- Integrates with Tealer static analyzer
使用场景
- Auditing Algorand smart contracts for security.
- Reviewing TEAL assembly or PyTeal code for vulnerabilities.
- Performing pre-audit security assessments of Algorand projects.
非目标
- Scanning smart contracts for non-Algorand blockchains.
- Performing runtime analysis or dynamic testing of contracts.
- Generating deployment-ready code.
Trust
- warning:Issues Attention13 issues opened and 4 closed in the last 90 days results in a closure rate below 10%, indicating slow response times.
Execution
- info:Pinned dependenciesWhile Tealer is mentioned as a dependency, its specific version pinning is not explicitly detailed in the skill's documentation.
Practical Utility
- info:Usage examplesWhile the output format example is provided, there are no end-to-end usage examples demonstrating invocation with specific input and claimed output.
安装
请先添加 Marketplace
/plugin marketplace add trailofbits/skills/plugin install building-secure-contracts@trailofbits质量评分
类似扩展
Soul Guardian
100Drift detection + baseline integrity guard for agent workspace files with automatic alerting support
Audit Dependency Versions
100Audit project dependencies for version staleness, security vulnerabilities, and compatibility issues. Covers lock file analysis, upgrade path planning, and breaking change assessment. Use before a release to ensure dependencies are current and secure, during periodic maintenance reviews, after receiving a security advisory, when upgrading to a new language version, before submitting to CRAN or npm, or when inheriting a project to assess its dependency health.
Codex Diff Develop
100Revisa el diff de la rama actual frente a develop en proyectos Drupal 11 siguiendo la metodología Codex (lógica de negocio, edge cases de hooks/queries, seguridad, performance, completitud). Genera un informe .md en la carpeta del IDE detectado (.antigravity/, .cursor/, .vscode/ o docs/) con hallazgos por severidad y soluciones accionables. Usar cuando el usuario pida "Revisión diff develop", "revisión diff develop", "diff develop", "revisar diff", "codex diff" o expresiones similares con intención de auditar cambios contra develop. Triggers: diff develop, codex diff, revisión diff, lint diff develop, auditar diff.
Cairo/StarkNet Vulnerability Scanner
95Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects.
Investigate Capa Root Cause
100Investigate root causes and manage CAPAs (Corrective and Preventive Actions) for compliance deviations. Covers investigation method selection (5-Why, fishbone, fault tree), structured root cause analysis, corrective vs preventive action design, effectiveness verification, and trend analysis. Use when an audit finding requires a CAPA, when a deviation or incident occurs in a validated system, when a regulatory observation needs a formal response, when a data integrity anomaly requires investigation, or when recurring issues suggest a systemic root cause.
Toprank Weekly Review
100Run a weekly SEO review for one registered website, write audit artifacts, and choose the next best safe action.