Is this skill useful for professional security audits?

While it doesn't replace a human auditor, it serves as a powerful pre-audit tool by providing a comprehensive security checklist and automated testing templates.

What security patterns does it implement for payments?

It advocates for the 'Pull over Push' pattern, which uses pending withdrawals to prevent denial-of-service attacks and ensures failed transfers don't block the entire contract.

Can it assist with gas optimization in smart contracts?

Yes, it includes advanced techniques such as packing storage variables, using calldata for read-only arguments, and event-based data storage to minimize transaction costs.

Does this skill support the latest versions of Solidity?

It is updated for Solidity 0.8.0 and above, utilizing built-in overflow/underflow checks while also providing SafeMath patterns for legacy contract maintenance.

How does this skill help prevent reentrancy attacks?

The skill provides specific code patterns like Checks-Effects-Interactions (CEI) and the implementation of OpenZeppelin's ReentrancyGuard to ensure state changes occur before external calls.

Solidity Security Expert

Name: Solidity Security Expert
Author: HermeticOrmus

byHermeticOrmus

0•

セキュリティとテスト

Implements industry-standard security patterns and audits smart contracts to prevent critical vulnerabilities in Solidity development.

The Solidity Security skill equips Claude with specialized knowledge to write, audit, and optimize Ethereum smart contracts. It focuses on identifying and mitigating high-risk vulnerabilities such as reentrancy, integer overflows, and unauthorized access. By providing implementation patterns for Checks-Effects-Interactions, Pull-over-Push payments, and gas-efficient storage, this skill ensures that blockchain applications are both secure and cost-effective. It is an essential tool for developers building DeFi protocols, NFT marketplaces, or any high-stakes decentralized application where code integrity is paramount.

主な機能

01Detection and mitigation of reentrancy, overflow, and front-running attack vectors

02Gas optimization techniques including storage packing and calldata utilization

03Implementation of robust access control using Ownable and Role-Based patterns

04Standardized security patterns like Checks-Effects-Interactions and Circuit Breakers

050 GitHub stars

06Automated security testing frameworks using Hardhat and Chai

ユースケース

01Optimizing legacy Solidity code for modern security standards and gas efficiency

02Building secure DeFi protocols with protected withdrawal and swap mechanisms

03Auditing complex smart contracts for logic flaws before mainnet deployment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hermeticormus/hermetic-line solidity-security

For use in Claude.ai and ChatGPT

Download Skill