Loading...
Loading...
Found 80 Skills
Elite security researcher who hunts vulnerabilities in smart contracts. Has found critical bugs worth millions in TVL. Specializes in reentrancy, access control, oracle manipulation, and economic exploits across EVM and Solana.Use when "audit, security review, vulnerability, exploit, reentrancy, access control, oracle manipulation, flash loan attack, smart contract security, slither, mythril, formal verification, invariant testing, security, audit, smart-contracts, solidity, vulnerabilities, defi, exploits, reentrancy, access-control, oracle-manipulation" mentioned.
React hooks for Ethereum and EVM blockchain interactions using Wagmi v3. Use when building React or Next.js apps with wallet connections, contract reads/writes, or blockchain state. Triggers on useAccount, useConnect, useContractRead, useContractWrite, WagmiProvider, ConnectKit, RainbowKit, or any React blockchain hooks. Do NOT use for Node scripts or non-React code (use viem skill instead).
Provides NodeReal MegaNode blockchain infrastructure APIs for 25+ chains including BSC, Ethereum, opBNB, Optimism, Polygon, Arbitrum, and Klaytn. Covers standard JSON-RPC endpoints, Enhanced APIs (nr_ methods for ERC-20 token balances, NFT holdings, asset transfers), MegaFuel gasless transactions via BEP-322 paymaster, Direct Route MEV protection, Debug/Trace APIs, WebSocket subscriptions, ETH Beacon Chain consensus layer, Portal API usage monitoring, API Marketplace (NFTScan, Contracts API, SPACE ID, Greenfield, BNB Staking, PancakeSwap, zkSync), non-EVM chains (Aptos, NEAR, Avalanche), and JWT authentication. Use when building blockchain dApps with NodeReal, querying token or NFT data, setting up RPC infrastructure, configuring gasless transactions, protecting against MEV, tracing transactions, verifying smart contracts, resolving .bnb domains, or monitoring validators and API usage.
Upgrade Cairo smart contracts using OpenZeppelin's UpgradeableComponent on Starknet. Use when users need to: (1) make Cairo contracts upgradeable via replace_class_syscall, (2) integrate the OpenZeppelin UpgradeableComponent, (3) understand Starknet's class-based upgrade model vs EVM proxy patterns, (4) ensure storage compatibility across upgrades, (5) guard upgrade functions with access control, or (6) test upgrade paths for Cairo contracts.
Ethereum development knowledge for AI agents — from idea to deployed dApp. Fetch real-time docs on gas costs, Solidity patterns, Scaffold-ETH 2, Layer 2s, DeFi composability, security, testing, and production deployment. Use when: (1) building any Ethereum or EVM dApp, (2) writing or reviewing Solidity contracts, (3) deploying to mainnet or L2s, (4) the user asks about gas, tokens, wallets, or smart contracts, (5) any web3/blockchain/onchain development task. NOT for: trading, price checking, or portfolio management — use a trading skill for those.
Smart contract and secure API contract security analysis — invariant checking, access control, reentrancy, and integer overflow patterns. Implements Checks-Effects-Interactions pattern, formal invariant verification, and OpenSCV vulnerability taxonomy for Solidity/EVM and Rust/Solana contracts.
Dune CLI for querying blockchain and on-chain data via DuneSQL, searching decoded contract tables, managing saved queries, and monitoring credit usage on Dune Analytics. Use when user asks about blockchain data, on-chain analytics, token transfers, DEX trades, smart contract events, wallet balances, Ethereum/EVM chain queries, DuneSQL, or says "query Dune", "search Dune datasets", or "run a Dune query".
Multi-DEX perpetual futures trading CLI for Pacifica (Solana), Hyperliquid (EVM), and Lighter (Ethereum). Use when user asks to trade perps, check funding rates, bridge USDC, manage positions, scan arbitrage opportunities, or mentions perp-cli, hypurrquant, Pacifica, Hyperliquid, or Lighter exchanges. Also use when user says 'set up perp trading', 'check my positions', 'buy BTC perps', 'funding rate arb', 'bridge USDC', or 'deposit to exchange'.
Write SQL, TypeScript, and dynamic table transforms for Goldsky Turbo pipelines. Use this skill for: decoding EVM event logs with _gs_log_decode (requires ABI) or transaction inputs with _gs_tx_decode, filtering and casting blockchain data in SQL, combining multiple decoded event types into one table with UNION ALL, writing TypeScript/WASM transforms using the invoke(data) function signature, setting up dynamic lookup tables to filter transfers by a wallet list you update at runtime (dynamic_table_check), chaining SQL and TypeScript steps together, or debugging null values in decoded fields. For full pipeline YAML structure, use /turbo-pipelines instead. For building an entire pipeline end-to-end, use /turbo-builder instead.
Use this skill when writing, reviewing, auditing, or deploying Solidity smart contracts. Triggers on Solidity development, smart contract security auditing, DeFi protocol patterns, gas optimization, ERC token standards, reentrancy prevention, flash loan attack mitigation, Foundry/Hardhat testing, and blockchain deployment. Covers Solidity, OpenZeppelin, EVM internals, and common vulnerability patterns.
Send ETH or ERC-20 tokens (like USDC) to an Ethereum address. Supports Base, Citrea, HyperEVM, and Monad.
Swap/Trade tokens using Fibrous Finance aggregation. Supports Base, Citrea, HyperEVM, and Monad.