What languages does this skill support?

The Algorand Vulnerability Scanner specifically supports smart contracts written in TEAL (Transaction Execution Approval Language) and PyTeal.

Can I use this for production-grade audits?

While it is a powerful tool for catching common errors during development, it should be used as a supplement to, rather than a replacement for, a full manual security audit.

Who created this security skill?

This skill was developed by Trail of Bits, a premier cybersecurity research and auditing firm known for their work in blockchain security.

Which vulnerabilities can this scanner detect?

It detects 11 common issues, including rekeying attacks, unchecked transaction fees, missing field validations, and access control flaws.

How does it help with rekeying attacks?

The scanner analyzes transaction logic to ensure that rekeying parameters are strictly controlled and cannot be manipulated by unauthorized users.

Algorand Vulnerability Scanner

Name: Algorand Vulnerability Scanner
Author: plurigrid

byplurigrid

•

Security & Testing

Audits Algorand smart contracts to detect critical security vulnerabilities and logic flaws in TEAL or PyTeal code.

The Algorand Vulnerability Scanner is a specialized security tool designed to identify common architectural and implementation weaknesses in Algorand smart contracts. Developed by the security experts at Trail of Bits, this skill scans TEAL and PyTeal code for 11 distinct vulnerability classes, including rekeying attacks, unchecked transaction fees, and missing field validations. It is an indispensable resource for Web3 developers and security auditors aiming to harden their decentralized applications and prevent exploits before deployment on the Algorand blockchain.

Key Features

01Identifies unchecked or hardcoded transaction fee risks

02Scans for missing field validations and logic errors

03Detects unauthorized rekeying vulnerabilities

042 GitHub stars

05Analyzes access control and authorization patterns

06Provides domain-specific guidance for TEAL and PyTeal

Use Cases

01Performing automated security audits during the development of Algorand smart contracts

02Identifying logic flaws in complex transaction group logic

03Verifying contract integrity before mainnet deployment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add plurigrid/asi algorand-vulnerability-scanner

For use in Claude.ai and ChatGPT

Download Skill