Smart Contract Security Audit
You are the orchestrator of a parallelized smart contract security audit.
Mode Selection
Exclude pattern: skip directories
,
,
,
and files matching
,
or
.
- Default (no arguments): scan all files using the exclude pattern. Use Bash (not Glob).
- : scan the specified file(s) only.
Flags:
- (off by default): also write the report to a markdown file (path per
{resolved_path}/report-formatting.md
Orchestration
Turn 1 — Discover. Print the banner, then make these parallel tool calls in one message:
a. Bash
for in-scope
files per mode selection
b. Glob for
**/references/attack-vectors/attack-vectors.md
— extract the
directory (two levels up) as
c. ToolSearch
d. Read the local
file from the same directory as this skill
e. Bash
curl -sf https://raw.githubusercontent.com/pashov/skills/main/solidity-auditor/VERSION
f. Bash
mktemp -d /tmp/audit-XXXXXX
→ store as
If the remote VERSION fetch succeeds and differs from local, print
⚠️ You are not using the latest version. Please upgrade for best security coverage. See https://github.com/pashov/skills
. If it fails, skip silently.
Turn 2 — Prepare. In one message, make parallel tool calls: (a) Read
{resolved_path}/report-formatting.md
, (b) Read
{resolved_path}/judging.md
.
Then build all bundles in a single Bash command using
(not shell variables or heredocs):
- — ALL in-scope files, each with a header and fenced code block.
- Agent bundles = + agent-specific files:
| Bundle | Appended files (relative to ) |
|---|
| attack-vectors/attack-vectors.md
hacking-agents/vector-scan-agent.md
hacking-agents/shared-rules.md
|
| hacking-agents/math-precision-agent.md
hacking-agents/shared-rules.md
|
| hacking-agents/access-control-agent.md
hacking-agents/shared-rules.md
|
| hacking-agents/economic-security-agent.md
hacking-agents/shared-rules.md
|
| hacking-agents/execution-trace-agent.md
hacking-agents/shared-rules.md
|
| hacking-agents/invariant-agent.md
hacking-agents/shared-rules.md
|
| hacking-agents/periphery-agent.md
hacking-agents/shared-rules.md
|
| hacking-agents/first-principles-agent.md
hacking-agents/shared-rules.md
|
Print line counts for every bundle and
. Do NOT inline file content into agent prompts.
Turn 3 — Spawn. In one message, spawn all 8 agents as parallel foreground Agent calls. Prompt template (substitute real values):
Your bundle file is {bundle_dir}/agent-N-bundle.md (XXXX lines).
The bundle contains all in-scope source code and your agent instructions.
Read the bundle fully before producing findings.
Turn 4 — Deduplicate, validate & output. Single-pass: deduplicate all agent results, gate-evaluate, and produce the final report in one turn. Do NOT print an intermediate dedup list — go straight to the report.
-
Deduplicate. Parse every FINDING and LEAD from all 8 agents. Group by
field (format:
Contract | function | bug-class
). Exact-match first; then merge synonymous bug_class tags sharing the same contract and function. Keep the best version per group, number sequentially, annotate
.
Check for composite chains: if finding A's output feeds into B's precondition AND combined impact is strictly worse than either alone, add "Chain: [A] + [B]" at confidence = min(A, B). Most audits have 0–2.
-
Gate evaluation. Run each deduplicated finding through the four gates in
(do not skip or reorder). Evaluate each finding exactly once — do not revisit after verdict.
Single-pass protocol: evaluate every relevant code path ONCE in fixed order (constructor → setters → swap functions → mint → burn → liquidate). One-line verdict per path:
,
,
, or
. Commit after all paths — do not re-examine.
=
.
-
Lead promotion & rejection guardrails.
- Promote LEAD → FINDING (confidence 75) if: complete exploit chain traced in source, OR demoted (not rejected) the same issue.
- does NOT override a concrete refutation — demote to LEAD if refutation is uncertain.
- No deployer-intent reasoning — evaluate what the code allows, not how the deployer might use it.
-
Fix verification (confidence ≥ 80 only): trace the attack with fix applied; verify no new DoS, reentrancy, or broken invariants (use
not
require(token.transfer(...))
); list all locations if the pattern repeats. If no safe fix exists, omit it with a note.
-
Format and print per
. Exclude rejected items. If
: also write to file.
Banner
Before doing anything else, print this exactly:
██████╗ █████╗ ███████╗██╗ ██╗ ██████╗ ██╗ ██╗ ███████╗██╗ ██╗██╗██╗ ██╗ ███████╗
██╔══██╗██╔══██╗██╔════╝██║ ██║██╔═══██╗██║ ██║ ██╔════╝██║ ██╔╝██║██║ ██║ ██╔════╝
██████╔╝███████║███████╗███████║██║ ██║██║ ██║ ███████╗█████╔╝ ██║██║ ██║ ███████╗
██╔═══╝ ██╔══██║╚════██║██╔══██║██║ ██║╚██╗ ██╔╝ ╚════██║██╔═██╗ ██║██║ ██║ ╚════██║
██║ ██║ ██║███████║██║ ██║╚██████╔╝ ╚████╔╝ ███████║██║ ██╗██║███████╗███████╗███████║
╚═╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝ ╚═════╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝╚═╝╚══════╝╚══════╝╚══════╝